Re: A scheme of software protection

From: Matt Mahoney (matmahoney_at_yahoo.com)
Date: 07/16/05


Date: 16 Jul 2005 09:26:05 -0700

JiXian Yang wrote:
> Matt Mahoney wrote:
> >
> > I am not convinced. Tha attacker can modify any branch either in the
> > compiled program or in the virtual CPU. At most he does this n times
> > until the program works. How does your system protect against this?
> >
> > -- Matt Mahoney
>
> Thank you very much for your reply.
>
> Assume that results of the functions f1, f2, f3, ..., fn can not be
> confirmed by the adversary, but the final functions f1f2, f2f3,
> f3f4, ..., fnf1 can be confirmed absolutely. The compiler inserts
> the various verification code into f1, f2, f3, ..., fn, when f1 was
> modified, it can be detected by the other functions, so the other
> functions return the wrong results, i.e. at least the result of f1f2
> is wrong. An adversary has to modify all the function to get a
> successful tamper. For each node, an adversary have two or more
> choices, just one of the choices leads to the correct entry, i.e. the
> probability is less than 1/2. Thus, the joint probability is less than
> 1/2^n.
>
> The paper was revised:
> http://www.freewebs.com/md6hash/
> http://yjxonline.hostrocket.com/
>
> Thanks again for your time.
>
> Sincerely,
>
> JiXian Yang

You need to provide an implementation for us to try to break. You
can't prove security. You can only conjecture it based on lots of
people trying and failing to break it. Based on your paper, I believe
it would be easy to break. A virtual CPU is easily modified and can't
be made tamper proof.

-- Matt Mahoney