This invention relates generally to the field of computer security, and more particularly to a method and system for providing tamper-resistant executable software.
Computer networks have become an increasingly important means for communicating public and private information between and within distributed locations. The Internet is one example of a public network commonly used for communicating public and private information. Internet web servers provide access to public information, such as news, business information and government information, which the Internet makes readily available around the world. The Internet is also becoming a popular forum for business transactions, including securities transactions and sales of goods and services. A large number of people have come to depend upon reliable Internet access and secure communications on a day-by-day and even second-by-second basis. Like the Internet, private networks also have become common means for communicating important information. Private networks, such as company intranets, local area networks (LANs), and wide area networks (WANs) generally limit access on a user-by-user basis and communicate data over dedicated lines or by controlling access through passwords, encryption or other security measures.
One danger to reliable and secure network communications is posed by hackers or other unauthorized users disrupting or interfering with network resources. The danger posed by unauthorized access to computer network resources can vary from simple embarrassment to substantial financial losses. For example, serious financial disruptions occur when hackers obtain financial account information or credit card information and use that information to misappropriate funds.
Typically, network administrators use various levels of security measures to protect the network against unauthorized use. Hackers, on the other hand, attempt to find and attack vulnerabilities of the security measures and network devices in order to obtain unauthorized entry to the computer network. Although sophisticated security measures can provide significant barriers to hackers, virtually any security measure can be breached through a vulnerability with enough effort.
The present invention provides tamper-resistant executable software that substantially eliminates or reduces disadvantages and problems associated with prior systems and methods. In particular, the software self-determines whether it has been tampered with and will refuse to execute if tampering is detected.
In accordance with one embodiment of the present invention, tamper-resistant software is provided by determining an initial value of a specified property for an executable file. The executable file is then encrypted based on the initial value of the specified property. The initial value of the specified property is associated with the encrypted executable file and later used to decrypt the encrypted executable file. An execution-time value of the specified property is determined for the decrypted executable file. The execution-time value of the specified property is compared to the initial value of the specified property to determine whether tampering has occurred. The decrypted executable file is executed in response to the execution-time value of the specified property matching the initial value of the specified property.
More particularly, in accordance with a particular embodiment of the present invention, an encrypted value of the specified property is determined for the encrypted executable file and inserted into the encrypted executable file along with the initial value of the specified property. During storage, the encrypted value may be periodically extracted and compared to a current value of the specified property for the encrypted executable file to determine if tampering has occurred. If tampering is detected during storage, prior to execution or during execution of the executable file, an alarm is generated to alert the operator to the tampering. In addition, the executable file may refuse to execute or terminate execution in response to detecting tampering. In this and other embodiments, the specified property may be a hash or check sum of file length.
Technical advantages of the present invention include providing tamper-resistant executable software. In particular, software, the only arbiter available at execution-time, self-determines whether or not unauthorized tampering has occurred. In addition, the software may self-determine whether unauthorized tampering has occurred during storage or execution of the software. As a result, applications into which viruses or other harmful code has been inserted will not execute.
Additional technical advantages of the present invention include providing a method and system by which a software provider may determine whether a customer has modified software in violation of a license agreement or such that the provider is not responsible for resulting problems or maintenance of the software. In particular, such modification with supplied software may cause the software to not execute or to generate an alarm. As a result, a software provider may be assured that customers are not modifying supplied software without authorization.
Other technical advantages will be readily apparent to one skilled in the art from the following figures, description, and claims.