-
81.发明授权Method and apparatus for computer code obfuscation and deobfuscation using boot installation 有权使用引导安装的计算机代码混淆和去模糊的方法和装置公开(公告)号:US08881290B2
公开(公告)日:2014-11-04
申请号:US13434619
申请日:2012-03-29
CPC分类号: G06F21/14 , G06F21/577
摘要: In the field of computer software, obfuscation techniques for enhancing software security are applied to compiled (object) software code. The obfuscation results here in different versions (instances) of the obfuscated code being provided to different installations (recipient computing devices). The complementary code execution uses a boot loader or boot installer-type program at each installation which contains the requisite logic. Typically, the obfuscation results in a different instance of the obfuscated code for each intended installation (recipient) but each instance being semantically equivalent to the others. This is accomplished in one version by generating a random value or other parameter during the obfuscation process, and using the value to select a particular version of the obfuscating process, and then communicating the value along with boot loader or installer program software.
摘要翻译: 在计算机软件领域,用于增强软件安全性的混淆技术应用于编译(对象)软件代码。 这里的混淆结果在不同版本(实例)的混淆代码提供给不同的安装(收件人计算设备)。 互补代码执行在每个安装时使用引导加载程序或引导安装程序类型程序,其中包含必需的逻辑。 通常,混淆导致每个预期安装(接收者)的混淆代码的不同实例,但每个实例在语义上等同于其他安装。 这在一个版本中通过在混淆过程中产生随机值或其他参数来实现,并且使用该值来选择混淆过程的特定版本,然后与引导加载程序或安装程序软件一起传送该值。
-
82.发明授权公开(公告)号:US08775826B2
公开(公告)日:2014-07-08
申请号:US13024273
申请日:2011-02-09
IPC分类号: G06F12/14
CPC分类号: G06F21/125
摘要: Method and apparatus for obfuscating computer software code, to protect against reverse-engineering of the code. The obfuscation here is on the part of the code that accesses buffers (memory locations). Further, the obfuscation process copies or replaces parts of the buffer contents with local variables. This obfuscation is typically carried out by suitably annotating (modifying) the original source code.
摘要翻译: 用于模糊计算机软件代码的方法和装置,以防止代码的逆向工程化。 这里的混淆是访问缓冲区(内存位置)的代码部分。 此外,模糊处理使用局部变量复制或替换缓冲区内容的一部分。 这种混淆通常通过适当地注释(修改)原始源代码来执行。
-
公开(公告)号:US20140105402A1
公开(公告)日:2014-04-17
申请号:US12961374
申请日:2010-12-06
IPC分类号: H04L9/08
CPC分类号: H04L9/08 , H04L9/0861 , H04L2209/04
摘要: In the data security field, a data protection process embodied in a computer system or computing device or equivalent and which securely descrambles protected (scrambled) data. The process descrambles the data using a dynamic process employing a set of multi-level trees of deterministic functions to generate a descrambling mask value and recover the descrambled message.
摘要翻译: 在数据安全领域中,包含在计算机系统或计算设备或等同物中并且安全地解扰受保护(加扰)数据的数据保护过程。 该过程使用采用一组确定性函数的多级树的动态过程来解扰数据,以产生解扰掩码值并恢复解扰消息。
-
公开(公告)号:US08699702B2
公开(公告)日:2014-04-15
申请号:US12987933
申请日:2011-01-10
CPC分类号: H04L9/0618 , G06F21/72 , H04L9/002 , H04L9/0631 , H04L2209/16
摘要: In the field of cryptography, such as for a computer enabled block cipher, a cipher or other cryptographic process is hardened against an attack by protecting the cipher key or subkeys by using a masking process for these keys. The subkeys are thereby protected by applying to them a mask or set of masks to hide their contents. This is especially advantageous in a “White Box” computing environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during execution. Further, this method and the associated apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key or where each user session has its own key.
摘要翻译: 在密码学领域中,例如对于计算机启用的分组密码,通过使用这些密钥的掩码处理来保护加密密钥或子密钥来加密密码或其他加密过程,从而防止攻击。 因此,通过向它们施加掩模或一组掩码以隐藏其内容来保护子密钥。 这在“白盒”计算环境中特别有利,攻击者可以完全访问密码算法,包括执行过程中算法的内部状态。 此外,该方法和相关联的装置在通过过程导出密钥是有用的,并且当体现密码的软件代码被编译时是未知的。 这通常是存在密码的许多用户并且每个具有他自己的密钥或每个用户会话具有其自己的密钥的情况。
-
公开(公告)号:US08681975B2
公开(公告)日:2014-03-25
申请号:US12551360
申请日:2009-08-31
IPC分类号: H04L9/28
CPC分类号: H04L9/083 , H04L9/0822 , H04L9/0827 , H04L2209/603
摘要: A method and associated apparatus for use in a data distribution process to allow an untrusted intermediary to re-encrypt data for transmission from an originator to a message receiver without revealing the data (message) or the cipher to the intermediary. This method uses a composition of two ciphers for re-encrypting the message at the intermediary, without revealing the plain text message or either cipher to the intermediary.
摘要翻译: 一种在数据分发过程中使用的方法和相关联的装置,以允许不信任的中间人重新加密用于从发起者到消息接收者的传输的数据,而不向中介者显示数据(消息)或密码。 该方法使用两个密码的组合来在中间人处重新加密消息,而不向中间人透露明文消息或密码。
-
公开(公告)号:US08434059B2
公开(公告)日:2013-04-30
申请号:US12434300
申请日:2009-05-01
摘要: Disclosed herein are systems, computer-implemented methods, and non-transitory computer-readable storage media for obfuscating code, such as instructions and data structures. Also disclosed are non-transitory computer-readable media containing obfuscated code. In one aspect, a preprocessing tool (i.e. before compilation) identifies in a source program code a routine for replacement. The tool can be a software program running on a computer or an embedded device. The tool then selects a function equivalent to the identified routine from a pool of functions to replace the identified routine. A compiler can then compile computer instructions based on the source program code utilizing the selected function in place of the identified routine. In another aspect, the tool replaces data structures with fertilized data structures. These approaches can be applied to various portions of source program code based on various factors. A software developer can flexibly configure how and where to fertilize the source code.
-
公开(公告)号:US08412938B2
公开(公告)日:2013-04-02
申请号:US12551172
申请日:2009-08-31
申请人: Augustin J. Farrugia , Bertrand Mollinier Toublet , Gianpaolo Fasoli , Mathieu Ciet , Jill Surdzial
发明人: Augustin J. Farrugia , Bertrand Mollinier Toublet , Gianpaolo Fasoli , Mathieu Ciet , Jill Surdzial
IPC分类号: H04L29/06
CPC分类号: H04L63/0428 , H04L9/321 , H04L9/3218 , H04L9/3242 , H04L2209/603 , H04L2209/80
摘要: In the fields of data security and system reliability and qualification, this disclosure is of a method, system and apparatus for verifying or authenticating a device to a host using a zero-knowledge based authentication technique which includes a keyed message authentication code such as an HMAC or keyed cipher function and which operates on secret information shared between the host and the device. This is useful both for security purposes and also to make sure that a device such as a computer peripheral or accessory or component is qualified to be interoperable with the host.
摘要翻译: 在数据安全性和系统可靠性和资格认证领域中,本公开是一种用于使用基于零知识的认证技术来验证或认证到主机的设备的方法,系统和装置,其包括诸如HMAC之类的密钥化消息认证码 或密钥密码函数,并且操作在主机和设备之间共享的秘密信息。 这对于安全目的也是有用的,并且还确保诸如计算机外围设备或附件或组件的设备有资格与主机互操作。
-
公开(公告)号:US08300809B2
公开(公告)日:2012-10-30
申请号:US13222245
申请日:2011-08-31
IPC分类号: H04L9/00
CPC分类号: H04L9/00 , H04L2209/16
摘要: Disclosed herein are methods for obfuscating data via a modulus operation. A client device receives input data, stores an operation value, performs a modulus obfuscation on the operation value, performs a modulus operation on the operation value and the input data, performs a modulus transformation on the operation value and the input data to obtain client output data, and checks if the client output data matches corresponding server output data. A corresponding server device receives input data, performs a modulus transformation on the input data to obtain a result, performs a plain operation on the result and an operation value to obtain server output data, and checks if the server output data matches corresponding client output data from the client device. The client and/or server can optionally authenticate the client input data and the server input data if the server output data matches the client output data.
摘要翻译: 这里公开的是通过模数运算来模糊数据的方法。 客户机接收输入数据,存储操作值,对运算值进行模糊混淆,对运算值和输入数据进行模运算,对运算值和输入数据进行模变换,得到客户输出 数据,并检查客户端输出数据是否匹配相应的服务器输出数据。 相应的服务器设备接收输入数据,对输入数据进行模数变换以获得结果,对结果执行简单操作,并获取操作值以获取服务器输出数据,并检查服务器输出数据是否与相应的客户端输出数据相匹配 从客户端设备。 如果服务器输出数据与客户端输出数据匹配,则客户端和/或服务器可以可选地认证客户端输入数据和服务器输入数据。
-
公开(公告)号:US08185749B2
公开(公告)日:2012-05-22
申请号:US12203036
申请日:2008-09-02
CPC分类号: H04L9/0612 , G06F7/00 , G06F21/125 , G06F2207/7252 , H04L9/002 , H04L2209/08 , H04L2209/12 , H04L2209/16
摘要: Disclosed herein are systems, methods, computer readable media and special purpose processors for obfuscating code. The method includes extracting an operation within program code, selecting a formula to perform the equivalent computation as the extracted operation, and replacing the extracted operation with the selected formula. The formula can be selected randomly or deterministically. The extracted operation can be an arithmetic operation or a Boolean operation.
摘要翻译: 本文公开了用于对代码进行混淆的系统,方法,计算机可读介质和专用处理器。 该方法包括提取程序代码内的操作,选择一个公式以执行与提取的操作等效的计算,并用所选公式替换提取的操作。 公式可以随机或确定地选择。 提取的操作可以是算术运算或布尔运算。
-
90.发明申请公开(公告)号:US20120124392A1
公开(公告)日:2012-05-17
申请号:US13316265
申请日:2011-12-09
IPC分类号: G06F12/14
CPC分类号: H04L9/002 , H04L9/0618 , H04L2209/08 , H04L2209/16 , H04L2209/24
摘要: Disclosed herein are systems, methods, and computer readable-media for performing data encryption and decryption using a stream or block cipher with internal random states. The method includes splitting the input data into a predetermined number of blocks and processing each block. The processing includes creating sub-blocks, permuting the sub-blocks, replacing bytes using a lookup table, rotating bits, performing expansion and combining sets of bits. The element of randomness employed in this process allows for the same input to yield the same output, with differing internal states.
摘要翻译: 本文公开了用于使用具有内部随机状态的流或块密码执行数据加密和解密的系统,方法和计算机可读介质。 该方法包括将输入数据分割成预定数量的块并处理每个块。 该处理包括创建子块,置换子块,使用查找表替换字节,旋转位,执行扩展和组合位组。 在该过程中使用的随机元素允许相同的输入产生具有不同内部状态的相同输出。
-
-
-
-
-
-
-
-
-
搜索结果
174 条记录 (耗时 0.033 秒)
