公开(公告)号：US20150095656A1

公开(公告)日：2015-04-02

申请号：US14360306

申请日：2013-09-30

申请人： Jeong Hyun Yi ,  Jin Hyuk Jung

发明人： Jeong Hyun Yi ,  Jin Hyuk Jung

IPC分类号： G06F21/14

CPC分类号： G06F21/14 ,  G06F21/125 ,  G06F2221/0748

摘要： Disclosed is an apparatus for code obfuscation includes: an input unit that receives execution codes for android applications; a code analyzer that separates the input execution codes into sensitive codes that needs to be protected from application forgery attack and general codes except for the sensitive codes by analyzing the input execution codes; a dalvik to C code converter that creates native codes by converting the sensitive codes into a C code; an obfuscator that obfuscates the native codes and the general codes; a self code protector that encrypts the obfuscated native codes by adding a tamper-detection code to the obfuscated native codes and then creates self-modified native codes by adding a loading routine; and a code combiner that combines the self-modified native codes with the obfuscated general codes.

摘要翻译： 公开了一种用于代码混淆的装置，包括：输入单元，其接收Android应用的执行代码; 代码分析器，通过分析输入执行代码，将输入执行代码分离成敏感代码，需要保护免受应用程序伪造攻击和通用代码;敏感代码除外; 通过将敏感代码转换为C代码来创建本地代码的dalvik到C代码转换器; 一个混淆本地代码和一般代码的混淆器; 一个自编码保护器，通过向模糊的本机代码添加篡改检测码，然后通过添加加载例程来创建自修改的本地代码来加密混淆的本机代码; 以及将自修改的本地代码与模糊的一般代码组合的代码组合器。

公开(公告)号：US08984631B2

公开(公告)日：2015-03-17

申请号：US13521541

申请日：2010-11-15

申请人： Uri Kaluzhny

发明人： Uri Kaluzhny

IPC分类号： G06F21/55 ,  G06F21/75 ,  G06F7/00 ,  G06F21/14

CPC分类号： G06F7/00 ,  G06F21/14 ,  G06F21/75 ,  G06F21/755 ,  G06F2207/7261

摘要： A device including a processor to perform an operation yielding a result, the processor including a register including bit storage elements and including a first and second section, each element being operative to store a bit value, and a power consumption mask module to determine whether the whole result can be completely written in half or less than half of the register, determine a balancing entry if the result can be completely written in half or less than half of the register, a write module to perform a single write operation to the register including writing the result and the balancing entry to the first and second section, respectively, if the result can be completely written in half or less than half of the register else writing the result of the operation across at least part of the first and second section. Related apparatus and methods are also described.

摘要翻译： 一种包括执行产生结果的操作的处理器的设备，所述处理器包括包括位存储元件并包括第一和第二部分的寄存器，每个元件可操作以存储位值，以及功耗掩模模块，用于确定是否 整个结果可以完全写入寄存器的一半或少于一半，如果结果可以完全写入寄存器的一半或少于一半，则确定平衡条目，写入模块对寄存器执行单个写入操作，包括 将结果和平衡条目分别写入第一和第二部分，如果结果可以被完全写入寄存器的一半或少于一半，否则写入操作结果跨越第一和第二部分的至少一部分。 还描述了相关装置和方法。

公开(公告)号：US08984299B1

公开(公告)日：2015-03-17

申请号：US14360306

申请日：2013-09-30

申请人： Soongsil University Research Consortium Techno-Park

发明人： Jeong Hyun Yi ,  Jin Hyuk Jung

IPC分类号： G06F21/14

CPC分类号： G06F21/14 ,  G06F21/125 ,  G06F2221/0748

摘要： Disclosed is an apparatus for code obfuscation includes: an input unit that receives execution codes for android applications; a code analyzer that separates the input execution codes into sensitive codes that needs to be protected from application forgery attack and general codes except for the sensitive codes by analyzing the input execution codes; a dalvik to C code converter that creates native codes by converting the sensitive codes into a C code; an obfuscator that obfuscates the native codes and the general codes; a self code protector that encrypts the obfuscated native codes by adding a tamper-detection code to the obfuscated native codes and then creates self-modified native codes by adding a loading routine; and a code combiner that combines the self-modified native codes with the obfuscated general codes.

摘要翻译： 公开了一种用于代码混淆的装置，包括：输入单元，其接收Android应用的执行代码; 代码分析器，通过分析输入执行代码，将输入执行代码分离成敏感代码，需要保护免受应用程序伪造攻击和通用代码;敏感代码除外; 通过将敏感代码转换为C代码来创建本地代码的dalvik到C代码转换器; 一个混淆本地代码和一般代码的混淆器; 一个自编码保护器，通过向模糊的本机代码添加篡改检测码，然后通过添加加载例程来创建自修改的本地代码来加密混淆的本机代码; 以及将自修改的本地代码与模糊的一般代码组合的代码组合器。

公开(公告)号：US08966605B2

公开(公告)日：2015-02-24

申请号：US13698588

申请日：2011-05-10

申请人： Jacques Fournier ,  Pierre Girard ,  Philippe Proust

发明人： Jacques Fournier ,  Pierre Girard ,  Philippe Proust

IPC分类号： G06F21/00 ,  G06F21/12 ,  G06F21/14 ,  G06F21/34

CPC分类号： G06F21/123 ,  G06F21/14 ,  G06F21/34 ,  G06F2221/2107 ,  G06F2221/2153

摘要： The invention relates to a security token comprising a communication interface adapted to communicate with a host computer; a security module, comprising encryption based security features; and a non volatile memory storing at least an application to be uploaded and executed in a host computer. The application makes use of the security features when executed in a host computer in communication with the communication interface. The security token is adapted to modify the content of the application as uploaded or its execution parameters at successive connections of the security token to a host computer.

摘要翻译： 本发明涉及一种包括适于与主机通信的通信接口的安全令牌; 安全模块，包括基于加密的安全特征; 以及至少存储要在主计算机中上载和执行的应用的非易失性存储器。 在与通信接口通信的主计算机中执行时，应用使用安全特征。 安全令牌适于在安全令牌的连续连接到主机计算机上修改已上传的应用程序的内容或其执行参数。

公开(公告)号：US08887140B2

公开(公告)日：2014-11-11

申请号：US12688807

申请日：2010-01-15

申请人： Julien Lerouge ,  Nicholas T. Sullivan ,  Gideon M. Myles ,  Jon McLachlan ,  Augustin J. Farrugia

发明人： Julien Lerouge ,  Nicholas T. Sullivan ,  Gideon M. Myles ,  Jon McLachlan ,  Augustin J. Farrugia

IPC分类号： G06F21/14 ,  G06F9/45 ,  G06F9/46 ,  G06F17/24

CPC分类号： G06F21/14 ,  G06F8/4443 ,  G06F9/463 ,  G06F17/241

摘要： Disclosed herein are systems, methods, and computer-readable storage media for obfuscating using inlined functions. A system configured to practice the method receives a program listing including annotated functions for obfuscation, identifies an annotated function called more than once in the program listing, and creates an inline control flow structure in the program listing for the identified annotated function, the control flow structure being computationally equivalent to inlining the identified annotated function into the program listing for each occurrence of the identified annotated function. The program listing can include tiers of annotated functions. The system can identify annotated functions called more than once based on an optionally generated callgraph. The system can create inline control flow structures in the program listing in order of annotation importance. The system can identify how many times each annotated function is called in the program listing.

摘要翻译： 本文公开了用于使用内联函数进行混淆的系统，方法和计算机可读存储介质。 配置为实施该方法的系统接收包括用于模糊化的注释功能的程序列表，在程序列表中标识多于一次的注释函数，并且在所述程序列表中为所识别的注释功能创建一个内联控制流结构， 计算结构相当于将所识别的注释功能内联到所述识别的注释功能的每次出现的程序列表中。 程序列表可以包括注释功能的层次。 系统可以基于可选地生成的呼叫图来识别多次调用的注释功能。 该系统可以在注释重要性的顺序创建程序列表中的内联控制流结构。 系统可以识别每个注释功能在程序列表中调用的次数。

公开(公告)号：US08881290B2

公开(公告)日：2014-11-04

申请号：US13434619

申请日：2012-03-29

申请人： Mathieu Ciet ,  Julien Lerouge ,  Augustin J. Farrugia

发明人： Mathieu Ciet ,  Julien Lerouge ,  Augustin J. Farrugia

IPC分类号： G06F11/00 ,  G06F12/14 ,  G06F12/16 ,  G06F21/14 ,  G06F21/57

CPC分类号： G06F21/14 ,  G06F21/577

摘要： In the field of computer software, obfuscation techniques for enhancing software security are applied to compiled (object) software code. The obfuscation results here in different versions (instances) of the obfuscated code being provided to different installations (recipient computing devices). The complementary code execution uses a boot loader or boot installer-type program at each installation which contains the requisite logic. Typically, the obfuscation results in a different instance of the obfuscated code for each intended installation (recipient) but each instance being semantically equivalent to the others. This is accomplished in one version by generating a random value or other parameter during the obfuscation process, and using the value to select a particular version of the obfuscating process, and then communicating the value along with boot loader or installer program software.

摘要翻译： 在计算机软件领域，用于增强软件安全性的混淆技术应用于编译（对象）软件代码。 这里的混淆结果在不同版本（实例）的混淆代码提供给不同的安装（收件人计算设备）。 互补代码执行在每个安装时使用引导加载程序或引导安装程序类型程序，其中包含必需的逻辑。 通常，混淆导致每个预期安装（接收者）的混淆代码的不同实例，但每个实例在语义上等同于其他安装。 这在一个版本中通过在混淆过程中产生随机值或其他参数来实现，并且使用该值来选择混淆过程的特定版本，然后与引导加载程序或安装程序软件一起传送该值。

公开(公告)号：US08874938B2

公开(公告)日：2014-10-28

申请号：US13952244

申请日：2013-07-26

申请人： Panasonic Intellectual Property Corporation of America

发明人： Hideki Matsushima ,  Teruto Hirota ,  Yukie Shoda ,  Shunji Harada

IPC分类号： H04L9/00 ,  H04K1/00 ,  G06F21/00 ,  H04L29/06 ,  G06F21/14

CPC分类号： G06F21/87 ,  G06F12/1408 ,  G06F21/14 ,  G06F21/53 ,  G06F21/57 ,  G06F21/74 ,  G06F2212/1052 ,  G06F2221/2153 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/105

摘要： A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program.

摘要翻译： 提供了能够保护程序免受未经授权的分析和改变的程序执行装置。 程序执行装置包括执行单元，第一保护单元和第二保护单元。 执行单元执行第一程序和第二程序，并且与能够控制执行的外部设备连接。 第一个保护单元在执行单元执行第一个程序时将执行单元与外部设备断开连接。 第二保护单元在执行单元执行第二程序时保护第一程序。

公开(公告)号：US08732810B2

公开(公告)日：2014-05-20

申请号：US13283440

申请日：2011-10-27

申请人： Venkat Gaddam ,  Shahid Ahmed ,  Sankar Shanmugam ,  SM Masudur Rahman ,  William Cory Hawkins

发明人： Venkat Gaddam ,  Shahid Ahmed ,  Sankar Shanmugam ,  SM Masudur Rahman ,  William Cory Hawkins

IPC分类号： H04L29/06 ,  H04L29/08 ,  H04L9/32 ,  H04W12/06 ,  G06F21/14 ,  H04L29/12 ,  H04L12/56

CPC分类号： H04L67/26 ,  G06F21/14 ,  G06F21/445 ,  H04L9/32 ,  H04L9/3226 ,  H04L29/06095 ,  H04L29/06176 ,  H04L29/06551 ,  H04L29/12245 ,  H04L47/2416 ,  H04L63/00 ,  H04L63/08 ,  H04L63/083 ,  H04L65/00 ,  H04L67/142 ,  H04L67/145 ,  H04W12/06

摘要： A persistent connection is used for real-time or near real-time data transfer from a push platform on a network to a mobile station. To establish and maintain the persistent connection between the mobile station and push platform on the network, various protocols are defined over a packet connection between the mobile station and push platform. The real-time or near real-time data is pushed or sent by the push platform to the mobile station, as the data becomes available from a data source. In particular, heartbeat messages are used to determine whether or not the persistent connection is alive and available for real-time or near real-time data transfer. When the persistent connection is lost, the mobile station uses a retry connection scheme based on the number of connection attempts made by the mobile station for establishing a new persistent connection to the push platform.

摘要翻译： 持续连接用于从网络上的推送平台到移动台的实时或接近实时的数据传输。 为了建立和维护移动台与网络上的推送平台之间的持续连接，通过移动台和推送平台之间的分组连接来定义各种协议。 随着数据从数据源可用，实时或近实时数据被推送平台推送或发送到移动台。 特别地，使用心跳消息来确定持久连接是否存活并且可用于实时或接近实时的数据传输。 当持续连接丢失时，移动台基于由移动台进行的用于建立与推送平台的新的持续连接的连接尝试次数来使用重试连接方案。

公开(公告)号：US08707054B2

公开(公告)日：2014-04-22

申请号：US13139182

申请日：2009-11-23

申请人： Hugues De Perthuis ,  Stephane Mutz

发明人： Hugues De Perthuis ,  Stephane Mutz

IPC分类号： G06F21/14 ,  H04L9/32 ,  G06F11/30 ,  G06F1/00 ,  H04L9/00

CPC分类号： G06F12/1466 ,  H04L9/0637

摘要： A functional unit of a device is associated with a secret. Data stored in a memory location of the device is encrypted using the secret. The memory location of the device is accessible to other functional units; but without knowledge of the secret, the stored encrypted data is useless. The sharing of the secret creates a secure path between memory locations and functional units of the device while maintaining a unitary memory architecture. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

摘要翻译： 设备的功能单元与秘密相关联。 使用秘密对存储在设备的存储器位置的数据进行加密。 其他功能单元可访问设备的存储位置; 但是不知道秘密，存储的加密数据是无用的。 秘密的共享在设备的存储器位置和功能单元之间创建一个安全的路径，同时保持一体的存储架构。 该摘要不被认为是限制性的，因为其他实施例可能偏离本摘要中描述的特征。

公开(公告)号：US20130138973A1

公开(公告)日：2013-05-30

申请号：US13748184

申请日：2013-01-23

申请人： Apple Inc.

发明人： Augustin J. Farrugia ,  Benoit Chevallier-Mames ,  Mathieu Ciet ,  Jon McLachlan

IPC分类号： G06F21/14

CPC分类号： G06F21/14 ,  G06F8/51 ,  H04L9/002 ,  H04L9/3013 ,  H04L2209/046 ,  H04L2209/08 ,  H04L2209/16

摘要： Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for obfuscating data based on a discrete logarithm. A system practicing the method identifies a clear value in source code, replaces the clear value in the source code with a transformed value based on the clear value and a discrete logarithm, and updates portions of the source code that refer to the clear value such that interactions with the transformed value provide a same result as interactions with the clear value. This discrete logarithm approach can be implemented in three variations. The first variation obfuscates some or all of the clear values in loops. The second variation obfuscates data in a process. The third variation obfuscates data pointers, including tables and arrays. The third variation also preserves the ability to use pointer arithmetic.

摘要翻译： 本文公开的是基于离散对数来混淆数据的系统，计算机实现的方法和计算机可读存储介质。 实施该方法的系统识别源代码中的明确值，基于清除值和离散对数，用源代码替换变换值，并更新引用清除值的源代码部分，使得 与变换值的交互提供与清除值的交互相同的结果。 这种离散对数方法可以在三个变体中实现。 第一个变体模糊了循环中的一些或全部清除值。 第二个变体在一个过程中模糊数据。 第三个变体模糊数据指针，包括表和数组。 第三个变体也保留了使用指针算术的能力。