A class of computer applications exist in which certain operations are preformed, using certain data, either or both of which must be maintained secret. In general, this is not a problem since most users will simply use the application for its intended purpose and are unconcerned with the secrets contained therein. However, some users (i.e., “hackers”) may try to pry into the application and its components, either to reveal the internal secrets or to modify the application in such a way as to perform restricted or prohibited operations. In general, hackers typically employ either static disassembly and analysis, or live debugging of the subject application in order to learn its operations. Once learned, the hacker can then modify the operation according to an intended purpose. In response, tamper-resistant techniques are often applied to an application to inhibit these hacking attempts.
A variety of means can be employed to make an application and its components tamper-resistant. One of these is to make a digital “fingerprint” or signature of the application and its binary information. During initialization or at run-time (or both), modification of the protected application can be detected via an examination of the digital fingerprint in comparison to the current binary state of the application. When such activities or modifications are detected, the protected application can then intentionally fail in such a way that the secrets contained within are not exposed.
Reliable means to detect tampering activities are often difficult to implement and must become more complex as the sophistication of hackers increases. The present invention is directed to meeting this need.