Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance

Glenn Wurster (Carleton University)


ABSTRACT

Self-hashing has been proposed as a technique for verifying software integrity. Appealing aspects of this approach to software tamper resistance include the promise of being able to verify the integrity of software independent of the external support environment, as well as the ability to integrate code protection mechanisms automatically. In my talk I will discuss an automated, generic attack which defeats such self-hashing. The attack has implications for digital rights management, as well as other areas where software tamper resistance is employed. The attack uses the rich functionality of most modern general-purpose processors (including UltraSparc, x86, PowerPC, AMD64, Alpha, and ARM). The attack defeats self-hashing on most modern general-purpose processors. The generality and efficiency of our attack suggests that current self-hashing techniques are not viable strategies for high-security tamper resistance on modern computer systems. I will discuss the effects our attack has on self-hashing software tamper resistance, including what must be done in order for a defender to successfully guard against our attack.

BIOGRAPHY

Glenn Wurster completed his undergraduate work in Computer Science as part of the Mathematics faculty at the University of Waterloo. His interests also include digital hardware fundamentals, and are reflected by a minor in electrical engineering. Glenn is currently completing a Masters of Computer Science at Carleton University under the supervision of Paul Van Oorschot. After graduating, Glenn plans on remaining at Carleton University to work on a Ph.D. He has worked at several companies including Research in Motion (RIM) and Entrust. While working at RIM, he was involved in firmware (operating system) development for Blackberry personal e-mail pagers.