Securing accessible systems using dynamic data mangling
US-9698973-B2 · Jul 4, 2017 · US
Securing accessible systems using variable dependent coding
US9906360B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9906360-B2 |
| Application number | US-201314389358-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 28, 2013 |
| Priority date | Mar 30, 2012 |
| Publication date | Feb 27, 2018 |
| Grant date | Feb 27, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method, implemented by one or more processors, comprising: receiving computer-executable program code comprising instructions to execute a first operation ƒ(x) for x encoded as aX+b and a second operation g(y), wherein a and b have constant values during execution of ƒ(x), and g(y) produces at least a first value c when executed; storing the computer-executable program code on a computer readable storage medium; and modifying, by the one or more processors, the computer-executable program code stored on the computer readable storage medium to encode x as cX+d, to execute f(cX+d), wherein c and d have constant values during execution of ƒ(cX+d) and to discard c and d. 2. The method of claim 1 , wherein the computer-executable program code further comprises instructions to execute a third operation h(z) that produces a value d when executed. 3. The method of claim 1 , further comprising: selecting c based upon the length of time that c is stored in a computer-readable memory. 4. The method of claim 1 , further comprising: modifying the computer-executable program code to accept a different value for c upon each execution of ƒ(cX+d). 5. The method of claim 1 , wherein at least one of a, b, c, or d is a value obtained from a portion of code present in the computer-executable program prior to the computer-executable program code being modified. 6. The method of claim 5 , wherein the at least one of a, b, c, or d is an output of a function present in the computer-executable program prior to the computer-executable program code being modified. 7. The method of claim 1 , wherein ƒ(x) is an operation in a code segment selected from the group consisting of: a base function; and the computer-executable program code. 8. The method of claim 1 , wherein ƒ(x) is a base function. 9. A method, implemented by one or more processors executing instructions stored on a computer readable medium, comprising: executing, by the one or more processors, a first operation g(y) that produces at least a first constant a as an output and recording the output on a computer readable storage medium; encoding, by the one or more processors, a first variable x as aX+b, wherein b is a second constant; executing, by the one or more processors, a second operation ƒ(aX+b) using aX+b as an input; performing, by the one or more processors, a decoding operation using a and b; and discarding, by the one or more processors, a and b. 10. The method of claim 9 , further comprising: executing a third operation h(z) that produces at least b as an output. 11. The method of claim 9 , further comprising: encoding a plurality of input values as aX+b, each input value encoded using a value of a based upon a different execution instance of g(y), and upon a value of b based upon a different execution instance of h(z). 12. The method of claim 9 , further comprising: encoding an input as aX+b a plurality of times, each time using a value of a based upon a different execution instance of g(y). 13. The method of claim 9 , further comprising: selecting a from a plurality of constants stored in a computer-readable memory based upon the expected duration of storage of a in the computer-readable memory and upon the execution time of ƒ(aX+b). 14. The method of claim 9 , further comprising: selecting a from a plurality of constants stored in a computer-readable memory based upon the expected duration of storage of a in the computer-readable memory and upon the combined execution time of ƒ(aX+b) and the decoding operation. 15. The method of claim 9 , further comprising: for each execution of ƒ(aX+b), encoding x using a value for at least one of a and b different from at least one previous value used for the at least one of a and b, respectively. 16. The method of claim 9 , wherein ƒ(x) is a base function. 17. A system comprising: one or more processors; and a computer-readable storage medium storing instructions which cause the one or more processors to: receive computer-executable program code comprising instructions to execute a first operation ƒ(x) for x encoded as aX+b and a second operation g(y), wherein a and b have constant values during execution of ƒ(x), and g(y) produces at least a first value c when executed; and modify the computer-executable program code to encode x as cX+d wherein c and d have constant values during execution of ƒ(x), to execute ƒ(cX+d), and to discard c and d. 18. A system comprising: one or more processors; and a computer-readable storage medium storing instructions which cause the one or more processors to: execute a first operation g(y) that produces at least a first constant a as an output; encode a first variable x as aX+b, wherein b is a second constant; execute a second operation ƒ(aX+b) using aX+b as an input; perform a decoding operation using a and b;and discard a and b.
Assignees
Inventors
Classifications
Test or assess a computer or a system · CPC title
- H04L9/0693Primary
Electricity · mapped topic
Obfuscation or hiding, e.g. involving white box · CPC title
Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation · CPC title
Protecting data · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9906360B2 cover?
- Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and…
- Who is the assignee on this patent?
- Irdeto Canada Corp, Irdeto Bv
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0693. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 27 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).