A Generic Attack on Checksumming-Based Software Tamper Resistance

Oakland, California May 08-May 11

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/SP.2005.2

2005 IEEE Symposium on Security and P ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Glenn Wurster Articles by P.C. van Oorschot Articles by Anil Somayaji

	ASCII Text	x
	Glenn Wurster, P.C. van Oorschot, Anil Somayaji, "A Generic Attack on Checksumming-Based Software Tamper Resistance," Security and Privacy, IEEE Symposium on, pp. 127-138, 2005 IEEE Symposium on Security and Privacy (S&P'05), 2005.

	BibTex	x
	@article{ 10.1109/SP.2005.2, author = {Glenn Wurster and P.C. van Oorschot and Anil Somayaji}, title = {A Generic Attack on Checksumming-Based Software Tamper Resistance}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2005}, issn = {1081-6011}, pages = {127-138}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2005.2}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - A Generic Attack on Checksumming-Based Software Tamper Resistance SN - 1081-6011 SP127 EP138 A1 - Glenn Wurster, A1 - P.C. van Oorschot, A1 - Anil Somayaji, PY - 2005 KW - null VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Glenn Wurster, Carleton University, Canada

P.C. van Oorschot, Carleton University, Canada

Anil Somayaji, Carleton University, Canada

Self-checking software tamper resistance mechanisms employing checksums, including advanced systems as recently proposed by Chang and Atallah (2002) and Horne et al. (2002), have been promoted as an alternative to other software integrity verification techniques. Appealing aspects include the promise of being able to verify the integrity of software independent of the external support environment, as well as the ability to automatically integrate checksumming code during program compilation or linking. In this paper, we show that the rich functionality of many modern processors, including UltraSparc and x86-compatible processors, facilitates automated attacks which defeat such checksumming by self-checking programs.

Citation:

Glenn Wurster, P.C. van Oorschot, Anil Somayaji, "A Generic Attack on Checksumming-Based Software Tamper Resistance," sp, pp.127-138, 2005 IEEE Symposium on Security and Privacy (S&P'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.