Hardware-Assisted Circumvention of Self-Hashing
Software Tamper Resistance
Glenn Wurster (Carleton University)
ABSTRACT
Self-hashing has been proposed as a technique for verifying software
integrity. Appealing aspects of this approach to software tamper
resistance include the promise of being able to verify the integrity
of software independent of the external support environment, as well
as the ability to integrate code protection mechanisms
automatically. In my talk I will discuss an automated, generic attack
which defeats such self-hashing. The attack has implications for
digital rights management, as well as other areas where software
tamper resistance is employed. The attack uses the rich functionality
of most modern general-purpose processors (including UltraSparc, x86,
PowerPC, AMD64, Alpha, and ARM). The attack defeats self-hashing on
most modern general-purpose processors. The generality and efficiency
of our attack suggests that current self-hashing techniques are not
viable strategies for high-security tamper resistance on modern
computer systems. I will discuss the effects our attack has on
self-hashing software tamper resistance, including what must be done
in order for a defender to successfully guard against our attack.
BIOGRAPHY
Glenn Wurster completed his undergraduate work in Computer Science as
part of the Mathematics faculty at the University of Waterloo. His
interests also include digital hardware fundamentals, and are
reflected by a minor in electrical engineering. Glenn is currently
completing a Masters of Computer Science at Carleton University under
the supervision of Paul Van Oorschot. After graduating, Glenn plans
on remaining at Carleton University to work on a Ph.D. He has worked
at several companies including Research in Motion (RIM) and Entrust.
While working at RIM, he was involved in firmware (operating system)
development for Blackberry personal e-mail pagers.