Hiding Information in Software With Respect to a White-box Security Model

Typ
Examensarbete för masterexamen
Master Thesis
Program
Computer systems and networks (MPCSN), MSc
Publicerad
2015
Författare
Löfström, Erica
Malm, André
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
In the digital society we rely upon our devices to both function correctly and securely. With more and more general purpose devices these properties become increasingly difficult to assure. Traditionally hardware specific devices with dedicated usage scenarios have been used to provide a safe environment for safety critical applications. With more complex devices, such as smartphones, it is however very difficult to guarantee a safe execution environment. This thesis will investigate the possibilities of hiding sensitive information in an insecure host environment. By combining several state of the art obfuscation techniques such as white-box cryptography and control flow attening a proof of concept implementation have been created and evaluated. Although security through obscurity will offer far from perfect protection it can increase the cost of an attack. Depending on the level of security required and the types of adversaries expected it can in some scenarios offer an acceptable protection level.
Beskrivning
Ämne/nyckelord
Data- och informationsvetenskap , Computer and Information Science
Citation
Arkitekt (konstruktör)
Geografisk plats
Byggnad (typ)
Byggår
Modelltyp
Skala
Teknik / material
Index