A Generic Attack on Checksumming-Based Software Tamper Resistance

Abstract

Self-checking software tamper resistance mechanisms employing checksums, including advanced systems as recently proposed by Chang and Atallah (2002) and Horne et al. (2002) have been promoted as an alternative to other software integrity verification techniques. Appealing aspects include the promise of being able to verify the integrity of software independent of the external support environment, as well as the ability to automatically integrate checksumming code during program compilation or linking. In this paper we show that the rich functionality of many modern processors, including UltraSparc and x86-compatible processors, facilitates automated attacks which defeat such checksumming by self-checking programs.

References

Page 1

	Year	Citations
Direct anonymous attestation Ernie Brickell, Jan Camenisch, Liqun Chen Direct Anonymous AttestationEngineeringInformation SecurityVerificationLaw	2004	922
Watermarking, tamper-proofing, and obfuscation - tools for software protection Christian Collberg, Clark Thomborson IEEE Transactions on Software Engineering EngineeringEvasion TechniqueInformation SecurityLawInformation Forensics	2002	724
SWATT: software-based attestation for embedded devices Abhijith Seshadri, Adrian Perrig, Leendert van Doorn, EngineeringInformation SecurityMemory Content AttestationEmbedded SystemsSoftware Analysis	2004	690
Architectural support for copy and tamper resistant software David Lie Chandramohan Thekkath, Mark L. Mitchell, Patrick Lincoln, ACM SIGARCH Computer Architecture News Software MaintenanceEngineeringInformation SecurityComputer ArchitectureSoftware Engineering	2000	600
Copilot - a coprocessor-based kernel runtime integrity monitor Nick L. Petroni, Timothy Fraser, Jesús Molina,	2004	449
The design and implementation of tripwire Gene Kim, Eugene H. Spafford	1994	447
AEGIS G. Edward Suh, Dwaine Clarke, Blaise Gassend, Hardware SecurityEngineeringOperating SystemsSoftware LicensingSingle-chip Aegis Processor	2014	439
Building a high-performance, programmable secure coprocessor Sean W. Smith, Steve Weingart Computer Networks Hardware SecurityEngineeringInformation SecurityComputer EngineeringTrusted Execution Environment	1999	335
The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments Peter Loscocco, Stephen Smalley, Patrick A. Muckelbauer,	2000	223
Establishing the genuinity of remote computer systems Rick Kennell, Leah H. Jamieson USENIX Security Symposium Remote OperationEngineeringRemote DiagnosticsInformation SecurityVerification	2003	182

Page 1