Paper 2008/150
Robust Combiners for Software Hardening
Amir Herzberg and Haya Shulman
Abstract
All practical software hardening schemes, as well as practical encryption schemes, e.g., AES, were not proven to be secure. One technique to enhance security is {\em robust combiners}. An algorithm $C$ is a robust combiner for specification $S$, e.g., privacy, if for any two implementations $X$ and $Y$, of a cryptographic scheme, the combined scheme $C(X,Y)$ satisfies $S$ provided {\em either} $X$ {\em or} $Y$ satisfy $S$. We present the first robust combiners for software hardening, specifically for obfuscation \cite{barak:obfuscation}, and for White-Box Remote Program Execution (\w) \cite{herzberg2009towards}. WBRPE and obfuscators are software hardening techniques that are employed to protect execution of programs in remote, hostile environment. \w\ provides a software only platform allowing secure execution of programs on untrusted, remote hosts, ensuring privacy of the program, and of the inputs to the program, as well as privacy and integrity of the result of the computation. Obfuscators protect the code (and secret data) of the program that is sent to the remote host for execution. Robust combiners are particularly important for software hardening, where there is no standard whose security is established. In addition, robust combiners for software hardening are interesting from software engineering perspective since they introduce new techniques of reductions and code manipulation.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- White-box securitysoftware hardeningobfuscationrobust combinerscryptographic protocolstwo-party computation.
- Contact author(s)
-
haya shulman @ gmail com
amir herzberg @ gmail com - History
- 2010-02-10: last of 2 revisions
- 2008-04-08: received
- See all versions
- Short URL
- https://ia.cr/2008/150
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2008/150, author = {Amir Herzberg and Haya Shulman}, title = {Robust Combiners for Software Hardening}, howpublished = {Cryptology {ePrint} Archive, Paper 2008/150}, year = {2008}, url = {https://eprint.iacr.org/2008/150} }