Re: A scheme of software protection
From: Matt Mahoney (matmahoney_at_yahoo.com)
Date: 16 Jul 2005 09:26:05 -0700
JiXian Yang wrote:
> Matt Mahoney wrote:
> > I am not convinced. Tha attacker can modify any branch either in the
> > compiled program or in the virtual CPU. At most he does this n times
> > until the program works. How does your system protect against this?
> > -- Matt Mahoney
> Thank you very much for your reply.
> Assume that results of the functions f1, f2, f3, ..., fn can not be
> confirmed by the adversary, but the final functions f1·f2, f2·f3,
> f3·f4, ..., fn·f1 can be confirmed absolutely. The compiler inserts
> the various verification code into f1, f2, f3, ..., fn, when f1 was
> modified, it can be detected by the other functions, so the other
> functions return the wrong results, i.e. at least the result of f1·f2
> is wrong. An adversary has to modify all the function to get a
> successful tamper. For each node, an adversary have two or more
> choices, just one of the choices leads to the correct entry, i.e. the
> probability is less than 1/2. Thus, the joint probability is less than
> The paper was revised:
> Thanks again for your time.
> JiXian Yang
You need to provide an implementation for us to try to break. You
can't prove security. You can only conjecture it based on lots of
people trying and failing to break it. Based on your paper, I believe
it would be easy to break. A virtual CPU is easily modified and can't
be made tamper proof.
-- Matt Mahoney