TY - GEN
T1 - Robust combiners for software hardening
AU - Herzberg, Amir
AU - Shulman, Haya
PY - 2010
Y1 - 2010
N2 - Practical software hardening schemes, as well as practical encryption schemes, e.g., AES, are heuristic and do not rely on provable security. One technique to enhance security is robust combiners. An algorithm C is a robust combiner for specification S, e.g., privacy, if for any two implementations X and Y , of a cryptographic scheme, the combined scheme C(X, Y ) satisfies S provided either X or Y satisfy S. We present the first robust combiners for software hardening, specifically for White-Box Remote Program Execution (WBRPE) [10]. WBRPE is a software hardening technique that is employed to protect execution of programs in remote, hostile environment. WBRPE provides a software only platform allowing secure execution of programs on untrusted, remote hosts, ensuring privacy of the program, and of the inputs to the program, as well as privacy and integrity of the result of the computation. Robust combiners are particularly important for software hardening, where there is no standard whose security is established. In addition, robust combiners for software hardening are interesting from software engineering perspective since they introduce new techniques of reductions and code manipulation.
AB - Practical software hardening schemes, as well as practical encryption schemes, e.g., AES, are heuristic and do not rely on provable security. One technique to enhance security is robust combiners. An algorithm C is a robust combiner for specification S, e.g., privacy, if for any two implementations X and Y , of a cryptographic scheme, the combined scheme C(X, Y ) satisfies S provided either X or Y satisfy S. We present the first robust combiners for software hardening, specifically for White-Box Remote Program Execution (WBRPE) [10]. WBRPE is a software hardening technique that is employed to protect execution of programs in remote, hostile environment. WBRPE provides a software only platform allowing secure execution of programs on untrusted, remote hosts, ensuring privacy of the program, and of the inputs to the program, as well as privacy and integrity of the result of the computation. Robust combiners are particularly important for software hardening, where there is no standard whose security is established. In addition, robust combiners for software hardening are interesting from software engineering perspective since they introduce new techniques of reductions and code manipulation.
KW - White-box security
KW - cryptographic protocols
KW - robust combiners
KW - software hardening
UR - http://www.scopus.com/inward/record.url?scp=77954715669&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-13869-0_20
DO - 10.1007/978-3-642-13869-0_20
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:77954715669
SN - 3642138683
SN - 9783642138683
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 282
EP - 289
BT - Trust and Trustworthy Computing - Third International Conference, TRUST 2010, Proceedings
T2 - 3rd International Conference on Trust and Trustworthy Computing, TRUST 2010
Y2 - 21 June 2010 through 23 June 2010
ER -