Field of the Invention
The present invention relates to a method for verifying the integrity of a program using a hash.
Description of the Related Art
It should be noted that the contents described below simply provide background information related to embodiments of the present invention and does not constitute a prior art.
A hash code is an output bit string of a Hash Function. Since a unique hash code is extracted according to an input value of the hash function, the input of a binary file into the hash function enables a hash code unique to each binary file to be extracted. Therefore, if a hash is applied to a binary file, a hash code may be referred to as a digital fingerprint of the binary file which is an input value of the hash function.
If there is a difference of even one bit in the contents of two binary files which are desired to be compared with each other, different hash codes are output respectively. In case of using this point, although an original file is not compared with all of compared files, the comparison of a hash code of the original file with hash codes of the compared files makes it possible to determine whether a file has been altered. In addition, in order to verify whether the file has been altered, the content of the original file is not required to be stored and only the hash code of the original is required to be stored. Therefore, the verification is simple and the hash code is easily and conveniently stored and is not easily exposed to a person who desires to attack a program.
A file hash method is generally used to verify the integrity of a file. However, when there are a plurality of binary files of a program which are verified, methods for verifying the plurality of binary files provide different efficiency and security. A program may be constituted by one binary file but, when a dynamic library is used, a plurality of binary files may constitute one program. Further, integrity verification may be required between a plurality of application programs.
When a program includes multiple binary files, there are various verification methods for guaranteeing the integrity by using a hash. However, such methods do not consider a time point of verifying a hash which is verified. One method, conveniently used, for verifying the integrity of multiple binary files is to verify, by any one of a plurality of binary files constituting a program, file hashes of the remaining binary files. Another method is to arrange a plurality of binaries constituting a program in a circulating form and verify, by each binary, file hashes of binaries adjacent to both sides thereof.
The method for verifying, by any one binary file of a program including a plurality of binaries, file hashes of the remaining binary files has a simple structure, in which one binary verifies the integrity of other binary files, and therefore can be easily developed. However, the method has security vulnerability in that, when a code which verifies a hash, is exposed, the hash verification of all files can be invalidated by a simple code change.
The method for arranging a plurality of binaries constituting a program in a circulating form and verifying, by each binary, file hashes of binaries adjacent to both sides thereof provides more improved security than the first method in that since two binaries verify each other, it is difficult to determine the location of a code which verifies a file hash and even when hash verification codes of some binary files is exposed and invalidated, it is possible to verify the integrity of other remaining files. However, the other remaining files are verified not before a program file is loaded but when the program file is loaded, and the method depends on the time point of loading of the other remaining files. As a result, the method may not be a fundamental solution in that a time gap hole due to order is generated.