TY - GEN
T1 - Towards a theory of white-box security
AU - Herzberg, Amir
AU - Shulman, Haya
AU - Saxena, Amitabh
AU - Crispo, Bruno
PY - 2009
Y1 - 2009
N2 - Program hardening for secure execution in remote untrusted environment is an important yet elusive goal of security, with numerous attempts and efforts of the research community to produce secure solutions. Obfuscation is the prevailing practical technique employed to tackle this issue. Unfortunately, no provably secure obfuscation techniques currently exist. Moreover, Barak et. al., showed that not all programs can be obfuscated. Theoretical research exhibits provably secure albeit inefficient constructions, e.g. using tools from encrypted domain. We present a rigorous approach to software execution in remote environment based on a new white box primitive, the White Box Remote Program Execution (WBRPE), whose security specifications include confidentiality and integrity of both the local and the remote hosts. WBRPE can be used for many applications, e.g. grid computing, digital rights management, mobile agents. We then present a construction of a specific program such that if there exists a secure WBRPE for that program, then there is a secure WBRPE for any program, reducing its security to the underlying WBRPE primitive. The security of WBRPE construction is established by reduction among two white box primitives and it introduces new techniques of programs manipulation.
AB - Program hardening for secure execution in remote untrusted environment is an important yet elusive goal of security, with numerous attempts and efforts of the research community to produce secure solutions. Obfuscation is the prevailing practical technique employed to tackle this issue. Unfortunately, no provably secure obfuscation techniques currently exist. Moreover, Barak et. al., showed that not all programs can be obfuscated. Theoretical research exhibits provably secure albeit inefficient constructions, e.g. using tools from encrypted domain. We present a rigorous approach to software execution in remote environment based on a new white box primitive, the White Box Remote Program Execution (WBRPE), whose security specifications include confidentiality and integrity of both the local and the remote hosts. WBRPE can be used for many applications, e.g. grid computing, digital rights management, mobile agents. We then present a construction of a specific program such that if there exists a secure WBRPE for that program, then there is a secure WBRPE for any program, reducing its security to the underlying WBRPE primitive. The security of WBRPE construction is established by reduction among two white box primitives and it introduces new techniques of programs manipulation.
UR - http://www.scopus.com/inward/record.url?scp=84885053942&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-01244-0_30
DO - 10.1007/978-3-642-01244-0_30
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84885053942
SN - 3642012434
SN - 9783642012433
SN - 9783642012433
T3 - IFIP Advances in Information and Communication Technology
SP - 342
EP - 352
BT - Emerging Challenges for Security, Privacy and Trust - 24th IFIP TC 11 International Information Security Conference, SEC 2009, Proceedings
T2 - 24th IFIP TC11 International Information Security Conference, SEC 2009
Y2 - 18 May 2009 through 20 May 2009
ER -