Memoization Attacks and Copy Protection in Partitioned Applications
Application source code protection is a major concern for software architects today. Secure platforms have been proposed that protect the secrecy of application algorithms and enforce copy protection assurances. Unfortunately, these capabilities incur a sizeable performance overhead. Partitioning an...
| Main Authors: | , , , |
|---|---|
| Other Authors: | |
| Language: | en_US |
| Published: |
2006
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/1721.1/34954 |
| _version_ | 1811083332593647616 |
|---|---|
| author | O'Donnell, Charles W. Suh,, G. Edward Dijk, Marten vn Devadas, Srinivas |
| author2 | Srini Devadas |
| author_facet | Srini Devadas O'Donnell, Charles W. Suh,, G. Edward Dijk, Marten vn Devadas, Srinivas |
| author_sort | O'Donnell, Charles W. |
| collection | MIT |
| description | Application source code protection is a major concern for software architects today. Secure platforms have been proposed that protect the secrecy of application algorithms and enforce copy protection assurances. Unfortunately, these capabilities incur a sizeable performance overhead. Partitioning an application into secure and insecure regions can help diminish these overheads but invalidates guarantees of code secrecy and copy protection.This work examines one of the problems of partitioning an application into public and private regions, the ability of an adversary to recreate those private regions. To our knowledge, it is the first to analyze this problem when considering application operation as a whole. Looking at the fundamentals of the issue, we analyze one of the simplest attacks possible, a ``Memoization Attack.'' We implement an efficient Memoization Attack and discuss necessary techniques that limit storage and computation consumption. Experimentation reveals that certain classes of real-world applications are vulnerable to Memoization Attacks. To protect against such an attack, we propose a set of indicator tests that enable an application designer to identify susceptible application code regions. |
| first_indexed | 2024-09-23T12:31:23Z |
| id | mit-1721.1/34954 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T12:31:23Z |
| publishDate | 2006 |
| record_format | dspace |
| spelling | mit-1721.1/349542019-04-12T08:34:44Z Memoization Attacks and Copy Protection in Partitioned Applications O'Donnell, Charles W. Suh,, G. Edward Dijk, Marten vn Devadas, Srinivas Srini Devadas Computation Structures Security Architecture Trusted Execution Security Analysis Digital Rights Management Application source code protection is a major concern for software architects today. Secure platforms have been proposed that protect the secrecy of application algorithms and enforce copy protection assurances. Unfortunately, these capabilities incur a sizeable performance overhead. Partitioning an application into secure and insecure regions can help diminish these overheads but invalidates guarantees of code secrecy and copy protection.This work examines one of the problems of partitioning an application into public and private regions, the ability of an adversary to recreate those private regions. To our knowledge, it is the first to analyze this problem when considering application operation as a whole. Looking at the fundamentals of the issue, we analyze one of the simplest attacks possible, a ``Memoization Attack.'' We implement an efficient Memoization Attack and discuss necessary techniques that limit storage and computation consumption. Experimentation reveals that certain classes of real-world applications are vulnerable to Memoization Attacks. To protect against such an attack, we propose a set of indicator tests that enable an application designer to identify susceptible application code regions. 2006-12-08T16:51:48Z 2006-12-08T16:51:48Z 2006-12-08 MIT-CSAIL-TR-2006-080 http://hdl.handle.net/1721.1/34954 en_US Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory 11 p. 436268 bytes 1481611 bytes application/pdf application/postscript application/pdf application/postscript |
| spellingShingle | Security Architecture Trusted Execution Security Analysis Digital Rights Management O'Donnell, Charles W. Suh,, G. Edward Dijk, Marten vn Devadas, Srinivas Memoization Attacks and Copy Protection in Partitioned Applications |
| title | Memoization Attacks and Copy Protection in Partitioned Applications |
| title_full | Memoization Attacks and Copy Protection in Partitioned Applications |
| title_fullStr | Memoization Attacks and Copy Protection in Partitioned Applications |
| title_full_unstemmed | Memoization Attacks and Copy Protection in Partitioned Applications |
| title_short | Memoization Attacks and Copy Protection in Partitioned Applications |
| title_sort | memoization attacks and copy protection in partitioned applications |
| topic | Security Architecture Trusted Execution Security Analysis Digital Rights Management |
| url | http://hdl.handle.net/1721.1/34954 |
| work_keys_str_mv | AT odonnellcharlesw memoizationattacksandcopyprotectioninpartitionedapplications AT suhgedward memoizationattacksandcopyprotectioninpartitionedapplications AT dijkmartenvn memoizationattacksandcopyprotectioninpartitionedapplications AT devadassrinivas memoizationattacksandcopyprotectioninpartitionedapplications |