1. Field of the Invention
The present invention relates to tamper-resistant software technology that makes it difficult to analyze a computer program.
2. Description of the Related Art
In recent years, the use of encryption programs (encryption software) in computer systems containing processors that operate in accordance with computer programs has become common in applications such as communicating secret information and authenticating communication partners.
In such applications, unauthorized use may occur if software containing keys, encryption algorithms, and the like is installed in its original state on a computer system and the installed software is analyzed. To solve this problem, Patent Document 1 discloses a technology that converts operations and data fields so as to make it difficult to infer original operations and data.
Suppose, for example, that there is an addition program that performs an addition on input data a and b, and outputs the result a+b.
The integers k1 and k2 are stored in advance and used to convert the input data a and b to ta=k1×a+k2 and tb=k1×b+k2, respectively. Note that “×” is an operator denoting a multiplication.
Next, tab=ta+tb is calculated from ta and tb.
Also, c=(tab−2k2)/k1 is calculated from tab.
Next, an operation result c is output.
The above process gives
                                          t            ab                    =                                    t              a                        +                          t              b                                                                    =                                                    k                1                            ×              a                        +                          k              2                        +                                          k                1                            ×              b                        +                          k              2                                                                    =                                                    k                1                            ×                              (                                  a                  +                  b                                )                                      +                          2              ⁢                              k                2                            ⁢                                                          ⁢              which              ⁢                                                          ⁢              gives                                                              (                              t            ab                    -                      2            ⁢                          k              2                                      )            /              k        1              =          a      +      b      
Thus c=a+b, and the result of the addition of a and b is obtained by the addition program.
Patent Document 1: U.S. Pat. No. 6,594,761
Patent Document 2: Japanese Patent Application No. 3402441
Patent Document 3: Japanese Laid-open Patent Application 2760799
Non-patent Document 1: Tatsuaki OKAMOTO, Hirosuke YAMAMOTO “Gendai Ango” (Modern Cryptography), Sangyotosho (1997)
Non-patent Document 2: Henri Cohen, “A Course in Computational Algebraic Number Theory”, GTM 138, Springer-Verlag, 1993, pp. 19-20
Non-patent Document 3: I. Blake, G. Seroussi and N. Smart, “Elliptic Curves in Cryptography”, CAMBRIDGE UNITVERSITY PRESS, 1999
Non-patent Document 4: N. Kunihiro and K. Koyama, “Two Discrete Log Algorithms for Super-Anomalous Elliptic Curves”, SCIS '99, 1999, pp. 869-874