Subclass 29	Subclass 30	Subclass 287
Public key

Method and system for providing tamper-resistant executable software

6567917

Abstract

Tamper-resistant software is provided by determining an initial value of a specified property for an executable file. The executable file is then encrypted based on the initial value of the specified property. The initial value of the specified property is associated with the encrypted executable file and later used to decrypt the encrypted executable file. An execution-time value of the specified property is determined for the decrypted executable file. The execution-time value of the specified property is compared to the initial value of the specified property to determine whether tampering has occurred. The decrypted executable file is executed in response to the execution-time value of the specified property matching the initial value of the specified property.

Claims

What is claimed is:

1. A method for providing tamper-resistant software, comprising:

receiving an executable file;

determining an initial hash value for the executable file;

encrypting the executable file based on the initial hash value;

inserting the initial hash value into the encrypted executable file;

determining an encrypted hash value for the encrypted executable file;

inserting the encrypted hash value into the encrypted executable file;

coupling a security file to the encrypted executable file for transport with the encrypted executable file;

transporting the encrypted executable file and the coupled security file to a remote location;

storing the encrypted executable file and the coupled security file at the remote location, wherein the security file is operable, while the encrypted executable filed is stored at the remote location, to:

extract the encrypted hash value from the encrypted executable file;

determine a storage hash value for the encrypted executable file;

compare the storage hash value to the encrypted hash value;

generate an alarm unless the storage hash value matches the encrypted hash value;

receiving a request to execute the encrypted executable file at the remote location; and

in response to receiving a request to execute the encrypted executable file at the remote location, executing the security file, wherein the security file is operable to:

extract the initial hash value from the encrypted executable file;

decrypt the encrypted executable file based on the initial hash value;

determine an execution-time hash value for the decrypted executable file;

compare the execution-time hash value to the initial hash value; and

prevent execution of the decrypted executable file unless the execution-time hash value matches the initial hash value.

2. The method of claim 1, further comprising during execution of the decrypted executable file at the remote location, the security file operable to:

determine a post execution hash value for the executing executable file;

compare the post execution hash value to the initial hash value; and

terminate execution of the executing executable file unless the post execution hash value matches the initial hash value.

3. A system for providing tamper-resistant software, comprising:

an executable file encrypted based on an initial value of a specified property for the executable file and including an encrypted value of the specified property;

the initial value of the specified property stored within the encrypted executable file for transport with the encrypted executable file;

a security file operable to be executed in response to a request for execution of the executable file, to extract the initial value of the specified property from the encrypted executable file, to decrypt the encrypted executable file based on the initial value of the specified property, to determine an execution-time value of the specified property for the decrypted executable file, to compare the execution-time value of the specified property to the initial value of the specified property, and to prevent execution of the executable file unless the execution-time value matches the initial value, wherein the security file is coupled to the encrypted executable file for transport with the encrypted executable file to a remote location; and

the security file operable during storage of the encrypted executable file at the remote location to extract the encrypted value of the specified property, to determine a storage value of the specified property for the encrypted executable file, to compare the storage value of the specified property to the encrypted value of the specified property, and to generate an alarm unless the storage value matches the encrypted value.

4. The system of claim 3, further comprising:

during execution of the decrypted executable file at the remote location, the security file operable to determine a post execution hash value for the executing executable file, to compare the post execution hash value to the initial hash value, and to terminate execution of the executing executable file unless the post execution hash value matches the initial hash value.

5. The system of claim 3, wherein the specified property is a hash of file length.

Description

TECHNICAL FIELD OF THE INVENTION

This invention relates generally to the field of computer security, and more particularly to a method and system for providing tamper-resistant executable software.

BACKGROUND OF THE INVENTION

Computer networks have become an increasingly important means for communicating public and private information between and within distributed locations. The Internet is one example of a public network commonly used for communicating public and private information. Internet web servers provide access to public information, such as news, business information and government information, which the Internet makes readily available around the world. The Internet is also becoming a popular forum for business transactions, including securities transactions and sales of goods and services. A large number of people have come to depend upon reliable Internet access and secure communications on a day-by-day and even second-by-second basis. Like the Internet, private networks also have become common means for communicating important information. Private networks, such as company intranets, local area networks (LANs), and wide area networks (WANs) generally limit access on a user-by-user basis and communicate data over dedicated lines or by controlling access through passwords, encryption or other security measures.

One danger to reliable and secure network communications is posed by hackers or other unauthorized users disrupting or interfering with network resources. The danger posed by unauthorized access to computer network resources can vary from simple embarrassment to substantial financial losses. For example, serious financial disruptions occur when hackers obtain financial account information or credit card information and use that information to misappropriate funds.

Typically, network administrators use various levels of security measures to protect the network against unauthorized use. Hackers, on the other hand, attempt to find and attack vulnerabilities of the security measures and network devices in order to obtain unauthorized entry to the computer network. Although sophisticated security measures can provide significant barriers to hackers, virtually any security measure can be breached through a vulnerability with enough effort.

SUMMARY OF THE INVENTION

The present invention provides tamper-resistant executable software that substantially eliminates or reduces disadvantages and problems associated with prior systems and methods. In particular, the software self-determines whether it has been tampered with and will refuse to execute if tampering is detected.

In accordance with one embodiment of the present invention, tamper-resistant software is provided by determining an initial value of a specified property for an executable file. The executable file is then encrypted based on the initial value of the specified property. The initial value of the specified property is associated with the encrypted executable file and later used to decrypt the encrypted executable file. An execution-time value of the specified property is determined for the decrypted executable file. The execution-time value of the specified property is compared to the initial value of the specified property to determine whether tampering has occurred. The decrypted executable file is executed in response to the execution-time value of the specified property matching the initial value of the specified property.

More particularly, in accordance with a particular embodiment of the present invention, an encrypted value of the specified property is determined for the encrypted executable file and inserted into the encrypted executable file along with the initial value of the specified property. During storage, the encrypted value may be periodically extracted and compared to a current value of the specified property for the encrypted executable file to determine if tampering has occurred. If tampering is detected during storage, prior to execution or during execution of the executable file, an alarm is generated to alert the operator to the tampering. In addition, the executable file may refuse to execute or terminate execution in response to detecting tampering. In this and other embodiments, the specified property may be a hash or check sum of file length.

Technical advantages of the present invention include providing tamper-resistant executable software. In particular, software, the only arbiter available at execution-time, self-determines whether or not unauthorized tampering has occurred. In addition, the software may self-determine whether unauthorized tampering has occurred during storage or execution of the software. As a result, applications into which viruses or other harmful code has been inserted will not execute.

Additional technical advantages of the present invention include providing a method and system by which a software provider may determine whether a customer has modified software in violation of a license agreement or such that the provider is not responsible for resulting problems or maintenance of the software. In particular, such modification with supplied software may cause the software to not execute or to generate an alarm. As a result, a software provider may be assured that customers are not modifying supplied software without authorization.

Other technical advantages will be readily apparent to one skilled in the art from the following figures, description, and claims.

BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of the present invention and its advantages, reference is now made to the following description taken in conjunction with the accompanying drawings, wherein like reference numerals represent like parts, in which:

FIG. 1 is a block diagram illustrating a computer system including tamper-resistant executable software in accordance with one embodiment of the present invention;

FIG. 2 is a flow diagram illustrating a computer method for generating tamper-resistant executable software in accordance with one embodiment of the present invention;

FIG. 3 is a flow diagram illustrating a computer method for determining whether the executable file of FIG. 1 has been tampered with during storage;

FIG. 4 is a flow diagram illustrating a computer method for executing the executable file of FIG. 1; and

FIG. 5 is a flow diagram illustrating a computer method for determining whether the executable file of FIG. 1 has been tampered with during execution.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 1 is a block diagram illustrating a computer system 10 having tamper-resistant executable software in accordance with one embodiment of the present invention. In this embodiment, the computer system 10 is connected to a network 12 through a communication line 14. The network 12 is a private Intranet, public Internet, or other suitable local or wide area network. The communication line 14 is any suitable type of communication link capable of supporting data transfer.

Referring to FIG. 1, the computer system 10 is a personal computer, file server, workstation, minicomputer, mainframe, or other general purpose or other computer capable of communicating and interconnecting with other computers. Generally described, the computer system 10 includes an input/output system 20, processor or processors 22, and system memory 24. Computer software is loaded into system memory 24 and executed by the processor 22. The computer software is generally identified by files, data values, and the like. It will be understood that the computer software may be otherwise combined and/or divided for processing without departing from the scope of the present invention. Accordingly, software labels are for illustrative purposes and may be suitably varied.

Software is stored in the computer system 10 as tamper-resistant files 30. The tamper-resistant files 30 may be generated by a software provider and transported to the client system 10 for use by a customer. The tamper-resistant files 30 may be transported by transmission over the network 12 or on a transportable storage medium, such as, for example, a floppy disk, a compact disk, or a magnetic tape. The tamper-resistant files 30 protect both the customer and the software provider from unauthorized modification of the files 30.

The tamper-resistant files 30 each include a security file 32 and an executable file 34. As described in more detail below, the security file 32 is executed in response to a request to execute the executable file 34 or other suitable event. The security file 32 determines whether tampering with the executable file 34 has occurred by addition, deletion, or other modification of the code for the executable file 34. In response to such tampering, the security file 32 generates an alarm indicating that tampering has occurred and, in one embodiment, refuses to execute the executable file 34. As a result, an operator will be notified of software into which viruses or other harmful code have been inserted and may replace the contaminated file.

The executable file 34 may be any suitable type of code capable of being executed. The executable file 34 is stored in an encrypted format as a barrier to tampering. In addition, the executable file 34 includes an initial value 36 of a specified property for the executable file 34 and an encrypted value 36 of the specified property for the encrypted executable file 34 in order to later determine whether the encrypted executable file 34 has nevertheless been modified from its initial state. The specified property is the hash, check sum, or other deterministic value of file length or other suitable file property capable of being used to determine whether a file has been modified from an initial state. The initial state may be any suitable previous state.

The initial and encrypted values 36 and 38 of the specified property are inserted into the encrypted executable file 34 after its encryption and are transported with the executed executable file 34. Accordingly, values 36 and 38 may be used at remote locations, such as the computer system 10, to determine whether tampering with the executable file 34 has occurred. It will be understood that the initial and encrypted values 36 and 38 may be otherwise suitably associated with the executable file 34, security file 32, or tamper-resistant file 30.

FIGS. 2-5 are a series of flow diagrams illustrating a computer method for providing tamper-resistant executable software in accordance with one embodiment of the present invention. In this embodiment, the specified property of a file is the hash of file length. The hash is a Message Digest 5 (MD5) hash, source hash algorithm (SHA), or any other suitable hash that is cryptographically strong. As previously described, although hashing is preferred because no two files can have the same hash, other suitable properties such as check sum values may be used.

Referring to FIG. 2, a computer method is illustrated for generating the tamper-resistant software. The method begins at step 50 in which an executable file 34 is received. As previously described, the executable file 34 may be virtually any type of code capable of being executed by a computing device. Next, at step 52, an initial hash value 36 is determined for the executable file 34. At step 54, the executable file 34 is encrypted based on the initial hash value 36. The initial hash value 36 is then inserted into the encrypted executable file 34 at step 56. Accordingly, the initial hash value 36 will be transported with the encrypted executable file 34 and may be later used at a remote location to determine whether tampering has occurred to the executable file 34.

Proceeding to step 58, an encrypted hash value 38 is determined for the encrypted executable file 34. Next, at step 60, the encrypted hash value 38 is inserted into the encrypted executable file 34. Accordingly, the encrypted hash value 38 is also transported with the encrypted executable file 34 and may be later used to determine whether tampering with the executable file 34 has occurred. The initial and encrypted hash values 36 and 38 may each be one byte of data and stored at a predefined location or position within the encrypted execution file 34. As used herein, each means each of at least a subset of the identified items.

Next, at step 62, the security file 32 is attached to the encrypted executable file 34. In this way, the security file 32 remains with the executable file 34 to detect tampering. As previously described, the security file 32 generates an alarm in response to tampering and may refuse to execute the executable file 34. It will be understood that the security file 32 may be otherwise suitably coupled to the executable file 34 or may be an independent file separately downloaded and executed by the computer system 10. In any of these embodiments, the security file 32 is preferably distinct to allow updating without requiring any changes to the encrypted executable file 34. Step 62 leads to the end of the process at which point the tamper-resistant file 30 has been generated and may be downloaded or otherwise transported to the computer system 10 for storage and execution.

Referring to FIG. 3, a computer method is illustrated for determining whether the executable file 34 has been tampered with during storage on the computer system 10. For this aspect of the present invention, the security file 32 is a separate add-on or other program capable of inspecting the executable file 34 while it is at rest during storage.

The method begins at step 80 in which a security event is received by the security file 32. The security event may be a user request, a periodic event such that the executable file 34 is checked regularly for tampering, or in response to an unauthorized intrusion into the computer system 10.

Proceeding to step 82, the security file 32 extracts the encrypted hash value 38 from the encrypted executable file 34. Next, at step 84, the security file 32 determines a storage hash value for the encrypted executable file 34. The storage hash value is the then-current hash value for encrypted executable file 34. Next, at step 86, the security file 32 compares the storage hash value to the encrypted hash value 38 to determine whether the encrypted executable file 34 has been modified from its initial state.

At decisional step 88, if the storage and encrypted hash values match, then it is determined that tampering has not occurred and the Yes branch of decisional step 88 leads to the end of the process. However, if the storage and encrypted hash values do not match, then the encrypted executable file 34 has been tampered with and the No branch of decisional step 88 leads to step 90. At step 90, an alarm is generated to indicate that tampering with the encrypted executable file 34 has occurred. Accordingly, an operator may delete the contaminated file and acquire a new copy. Step 90 also leads to the end of the process at which point it has been determined whether tampering with the encrypted executable file 34 has occurred. It will be understood that such tampering during storage may be otherwise determined without departing from the scope of the present invention. For example, the encrypted executable file 34 may be decrypted and the initial hash value 36 used to determine whether tampering has occurred.

Referring to FIG. 4, a computer method is illustrated for executing the executable file 34. The method begins at step 100 in which a request is received to execute the executable file 34. In response, the tamper-resistant file 30 executes the security file 32 to first determine whether the executable file 34 has been tampered with or otherwise modified without authorization.

Proceeding to step 102, the security file 32 extracts the initial and encrypted hash values 36 and 38 from the encrypted executable file 34. Next, at step 104, the security file 32 decrypts the encrypted executable file 34 based on the initial hash value 36. At step 106, the security file 32 determines an execution-time hash value for the decrypted executable file 34. The execution-time hash value is the then-current hash value for the executable file 34. Differences between the execution-time hash value and the initial hash value 36 indicate that the executable file 34 has been modified from its initial state.

Proceeding to step 108, the security file 32 compares the execution-time hash value to the initial hash value 36 to determine whether tampering has occurred. Next, at decisional step 110, if the execution-time and initial hash values do not match, then the executable file 34 has been modified and the No branch of decisional step 110 leads to step 112. At step 112, the security file 32 generates an alarm to indicate to an operator that tampering with the executable file 34 has occurred.

Returning to decisional step 110, if the execution-time and initial hash values match, then it is determined that tampering with executable file 34 has not occurred and the Yes branch of decisional step 110 leads to step 114. At step 114, the security file 32 executes the executable file 34. Steps 112 and 114 each lead to the end of the process by which tampering with an executable file is self-determined by the file at execution time and the file will not execute unless it is determined that such tampering has not occurred. It will be understood that execution of the file may nevertheless be allowed with only the alarm being generated in response to detecting tampering with the file.

Referring to FIG. 5, a computer method is illustrated for determining whether the executable file 34 has been tampered with during execution. The method begins at step 120 in which a security event is received. As previously described, the security event may be a user request, a periodic event in order to check the executable file 34 at a specified frequency during execution, or in response to an unauthorized intrusion into the computer system 10.

Proceeding to step 122, the security file 32 determines a post-execution hash value for the executing executable file 34. The post-execution hash value is the then-current hash value for the executable file 34. Next, at step 124, the security file 32 compares the post-execution hash value to the initial hash value 36. A change in the hash value indicates that the executable file 34 has been modified.

Next, at decisional step 126, if the post-execution and initial hash values match, then it is determined that tampering has not occurred and the Yes branch of decisional step 126 leads to the end of the process. However, if the post-execution and initial hash values do not match, then tampering has occurred and the No branch of decisional step 126 leads to step 128.

At step 128, the security file 32 halts execution of the executable file 34 to prevent damage or further damage to the computer system 10. Next, at step 130, the security file 32 generates an alarm to notify the operator that tampering with the executable file 34 has been detected. Step 130 leads to the end of the process by which tampering with an executing file has been detected and execution of the file terminated. It will be understood that execution of the file may be allowed to continue with only an alarm being generated to notify the user of the tampering.

In accordance with the foregoing, tampering with an executable file may be detected during storage, at execution time, and during execution. As a result, applications into which viruses or other harmful code has been inserted will not execute. In addition, a software provider may determine whether a customer has modified software in violation of a license agreement or such that the provider is not responsible for resulting problems or maintenance of the software. Thus, a software provider may be assured that customers are not modifying supplied software without authorization.

Although the present invention has been described with several embodiments, various changes and modifications may be suggested to one skilled in the art. It is intended that the present invention encompass such changes and modifications as fall within the scope of the appended claims.

Inventors
Ziese, Kevin J.;
Assignee
Cisco Technology, Inc. (San Jose, CA)
Published
May-20-2003
Current US Classes:
380/279
380/30
713/176
713/187
Application #
241249
International Classes
H04L 009/00
Field of Search
713/176 713/187 380/30 380/279
Examiner
Smithers; Matthew
Agent
Baker Botts L.L.P.
US Patent References:
5005200
5032979
5101402
5278901
5337360
5414833
5448724
5488715
5524238
5557742
5606668
5621889
5699513
5757915
5793763
5796942
5798706
5805801
5826014
5919257
5931946
5940513
5991399
5991881

Same subclass

Method for implementing the chinese remainder theorem	6963645
Simultaneous electronic transactions with visible trusted parties	5553145
Method for the secure distribution of electronic files in a distributed environment	5638446
Method for publishing certification information certified by a plurality of authorities and apparatus and portable data storage media used to practice said method	6738899
Transmitting messages over a network	6438691
Broadcast key distribution apparatus and method using Chinese Remainder	5663896
Public key method of encoding data	5835598
File transfer using facsimile modem	5905801
Secret-key certificates	5606617
Identity confidentiality method in radio communication system	5889861
Cryptographic key recovery system	5815573
Method and apparatus for generating hash value	6141421

Same class

Cryptographic system	6097812
Data encryption key failure monitor	4926475
Method for inducing upgrading of an expandable product	6913197
Time delayed key escrow	5768388
Rotating non-rotationally symmetrical halftone dots for encoding embedded data in a hyperacuity printer	5537223
Method and system for controlling and auditing content/service systems	6980972
Coincidence-free media key block for content protection for recordable media	6883097
Digital information system, digital audio signal processor and signal converter	6282611
Method and system for a public key cryptosystem having proactive, robust, and recoverable distributed threshold secret sharing	5625692
Extended key preparing apparatus, extended key preparing method, recording medium and computer program	6956951
Stream cipher encryption method and apparatus that can efficiently seek to arbitrary locations in a key stream	6862354
Information reproducing method and apparatus having protect function and recording medium used in apparatus	5646993

Consider this

Method and apparatus for providing a user configurable system which integrates and manages a plurality of different task and software tools	5423023
Software profiler with runtime control to enable and disable instrumented executable	5960198
Software development system with an executable working model in an interpretable intermediate modeling language	6212672
System for remotely identifying and providing information of unknown software on remote network node by comparing the unknown software with software audit file maintained on server	6574729
Method and system for providing build-to-order software applications	6668375
Method, system, and program for converting code to executable code using neural networks implemented in a software program	6832214
Software management system for providing software installation and maintenance over a network	6848101
Method and system for providing software utilizing a restore medium and a network	6922831
Automatically generated symbol-based debug script executable by a debug program for software debugging	6966051
Computer system for performing reusable software application development from a set of declarative executable specifications	7039898