Skip to main content
SpringerLink
Log in

Oblivious Hashing: A Stealthy Software Integrity Verification Primitive

  • Conference paper
  • First Online:
Information Hiding (IH 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2578))

Included in the following conference series:

Abstract

We describe a novel software verification primitive called Oblivious Hashing. Unlike previous techniques that mainly verify the static shape of code, this primitive allows implicit computation of a hash value based on the actual execution (i.e., space-time history of computation) of the code. We also discuss its applications in local software tamper resistance and remote code authentication.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. D. Aucsmith, □Tamper Resistant Software: An Implementation,□ in Proceedings of the First International Workshop on Information Hiding, May 1996.

    Google Scholar 

  2. M. Blum and S. Kannan, “Designing Programs That Check Their Work,□ in Proceedings of ACM Symposium on Theory of Computing, pgs 86–97, 1989.

    Google Scholar 

  3. C. Collberg, C. Thomborson and D. Low, □Breaking Abstractions and Unstructuring Data Structures,□ in Proceedings of IEEE International Conference on Computer Languages, ICCL’98, May 1998.

    Google Scholar 

  4. C. Collberg, C. Thomborson and D. Low, “Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs”, in Proceedings of Symposium on Principles of Programming Languages, pp. 184–196, 1998.

    Google Scholar 

  5. C. Collberg and C. Thomborson, □Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection.□

    Google Scholar 

  6. F. Ergun, S. Kannan, S. R. Kumar, R. Rubinfeld and M. Viswanathan, □Spot-Checkers,□ in Proceedings of ACM Symposium on Theory of Computing, pgs 259–268, 1998.

    Google Scholar 

  7. F. Ergun, S. R. Kumar and D. Sivakumar, □Self-Testing Without the Generator Bottleneck,□ SIAM Journal of Computing, vol. 29, no. 5, pgs 1630–1651, 2000.

    Article  MathSciNet  Google Scholar 

  8. G. Hunt and D. Brubacher, □Detours: Binary Interception of Win32 Functions,□ in Proceedings of the 3rd USENIX Windows NT Symposium, pgs 135–143, July 1999.

    Google Scholar 

  9. R. Venkatesan, V. Vazirani, and S. Sinha, □A Graph Theoretic Approach to Software Watermarking,□ in Proceedings of the Fourth International Workshop on Information Hiding, April 2001.

    Google Scholar 

  10. C. Wang, J. Hill, J. Knight and J. Davidson, □Software Tamper Resistance: Obstructing Static Analysis of Programs,□ Technical Report CS-2000-12, University of Virginia, December 2000.

    Google Scholar 

  11. H. Wasserman and M. Blum, □Software Reliability via Run-Time Result-Checking,□ Journal of ACM, vol. 44, no. 6, pgs 826–849, 1997.

    Article  MATH  MathSciNet  Google Scholar 

  12. B. Horne, L. Matheson, C. Sheehan and R. Tarjan, □Dynamic Self-Checking Techniques for Improved Tamper Resistance,□ in Proceedings of the Workshop on Security and Privacy in Digital Rights Management, November 2001.

    Google Scholar 

  13. H. Chang and M. Atallah, □Protecting Software Code by Guards,□ in Proceedings of the Workshop on Security and Privacy in Digital Rights Management, November 2001.

    Google Scholar 

  14. F. Monrose, P. Wyckoff, and A. Rubin, □Distributed Execution with Remote Audit,□ in Proceedings of the ISOC Network and Distributed System Security (NDSS) Symposium, February 1999.

    Google Scholar 

  15. B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. Vadhan and K. Yang, □On the (impossibility) of Obfuscating Programs,□ Advances in Cryptology-CRYPTO’ 01, vol. 2139 of Springer-Verlag Lecture Notes in Computer Science, pp. 1–18, August 19-23, 2001.

    Google Scholar 

  16. D. Knuth, □The Art of Computer Programming, Volume 2, Seminumerical Algorithms,□ Addison-Wesley Publishing Company, Inc., 1973.

    Google Scholar 

  17. Menezes, P. van Oorschot and S. Vanstone, □Handbook of Applied Cryptography,□ CRC Press, 1997.

    Google Scholar 

  18. SoftICE debugger, Compuware Corporation, http://www.compuware.com.

Download references

Author information

Authors and Affiliations

  1. Microsoft Research, One Microsoft Way, 98052, Redmond, WA

    Yuqun Chen, Ramarathnam Venkatesan & Mariusz H. Jakubowski

  2. University of Washington, Box 352350, 98195, Seattle, WA

    Matthew Cary & Saurabh Sinha

  3. Princeton University, 35 Olden Street, 08544, Princeton, NJ

    Ruoming Pang

Authors
  1. Yuqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ramarathnam Venkatesan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Matthew Cary
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ruoming Pang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Saurabh Sinha
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Mariusz H. Jakubowski
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microsoft Research Ltd., 7 J. J. Thomson Avenue, CB3 0FB, Cambridge, UK

    Fabien A. P. Petitcolas

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chen, Y., Venkatesan, R., Cary, M., Pang, R., Sinha, S., Jakubowski, M.H. (2003). Oblivious Hashing: A Stealthy Software Integrity Verification Primitive. In: Petitcolas, F.A.P. (eds) Information Hiding. IH 2002. Lecture Notes in Computer Science, vol 2578. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36415-3_26

Download citation

  • DOI: https://doi.org/10.1007/3-540-36415-3_26

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00421-9

  • Online ISBN: 978-3-540-36415-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation