节点文献
嵌入式软件保护关键技术研究与应用
Key Techniques and Application for Embedded Software Protection
【作者】 鲁晓成;
【导师】 钟珞;
【作者基本信息】 武汉理工大学 , 计算机应用技术, 2011, 博士
【摘要】 随着嵌入式系统在人类生活各领域中的广泛应用,它们越来越多的被非法入侵和破坏,为国家和社会造成巨大的经济损失,有时甚至危害到国家和社会的安全。因此嵌入式系统的安全问题是一个当前急需解决的热点问题,必须给予充分的重视并设法解决。本文首先分析了嵌入式系统所面临的安全性问题及其安全需求,讨论了嵌入式系统的体系结构,提出了一种安全的嵌入式体系结构SESS, SESS能够较好的解决目前嵌入式系统面临的安全问题。给出了SESS的安全策略、设计策略等主要内容。为了对嵌入式系统进行更好的保护,本文在嵌入式软件加密、嵌入式软件水印、嵌入式软件混淆等方面提出新的方法和技术,以期解决嵌入式软件保护中的主要问题。本文研究的主要内容有:1.嵌入式系统安全体系结构由于硬件技术的逐渐成熟和公开,硬件成本不断下降,人们对如何保护产品的设计和版权的思考,转化成了对嵌入式应用软件的保护。本章对嵌入式系统面临的相关安全理论和安全问题进行了研究与分析,对嵌入式系统的体系结构方面进行了深入研究,从而提出了安全的嵌入式系统体系结构,这种体系结构能够较好的解决目前嵌入式系统面临的安全问题。本文研究了安全嵌入式系统设计的安全策略、设计策略和构建安全嵌入式系统的要点。2.嵌入式软件加密技术本文重点研究了分层的基于身份的加密方案(HIBE)以及密钥隔离机制,以探索更为安全和高效的基于身份的加密方案及密钥更新方案,改进嵌入式软件保护技术。本文将利用HIBE改善基于身份的加密机制的安全性,并对HIBE的安全性加以形式化证明。研究基于身份的密钥隔离机制进行密钥更新的具体过程与算法描述。证明了基于身份的密钥隔离机制是选择密文安全的,为与HIBE加密模型融合提供可靠的前提。在研究HIBE方案和密钥隔离机制的基础之上,提出了HIKE加密模型,在该模型中解决了单个PKG负担大威胁高的问题同时能够在减少交互情况下完成密钥更新,并且支持离线更新。3.嵌入式软件水印软件水印作为软件保护的一种新技术,为保护知识产权和追踪盗版提供新的途径。本文研究了动态图软件水印的拓扑结构、编码、算法以及保护措施,根据嵌入式系统的特点,提出了一种防篡改的软件水印方案。本文提出的防篡改的软件水印具有较高的数据率,同时将代码自检测技术和代码加密相结合以增强软件水印的抗攻击性能。4.嵌入式软件混淆技术本文介绍了软件混淆的基本理论和基本方法,并对几种常见软件混淆模型进行了详细的分析和说明。基于软件混淆的特点和零水印的设计思想提出了基于软件混淆的零水印设计方案,其核心思想是将编码后的水印信息通过软件混淆的过程嵌入到软件体中,不增加任何冗余水印信息,从而提高软件水印的安全性。
【Abstract】 Along with the widely use of embedded system in all areas of human life, they have been illegally invaded destructed more and more seriously, which have cause great economic losses for our country and society, sometimes it even threaten the security of country and society Therefore the security of embedded system is a hot issue to solve at present, which needs sufficient attention to solve.At the beginning, the paper analyzed the security and its safety need which the embedded system faced with, discussed the architecture of the embedded system, coming up with a secure embedded architecture SESS, which can better solve the security issue the embedded system faced with, at present, presenting the main content of the security police and design police of the embedded system, In order to better protect the embedded system, the paper proposed new methods and technology on embedded software encryption, embedded software watermark, embedded software obfuscation and so on, hoping to solve the main problem of embedded system protection.The main content of research of the paper1. The Security Architecture of Embedded SystemDue to the gradually mature and disclosure of hardware technique, the hardware cost falling continuous, the consideration of how to protect the design and copyright of the product, converting to the protection of embedded application software. This section studied and analyzed the security and relevant security theory the embedded system faced with,and studied deeply on the architecture of embedded system, thus came up with the safety embedded system architecture, the architecture can better solve the security issue the embedded system faced for the moment. The paper studied the security police and design police of the design of and the key point of constructing safety embedded system.2. Embedded Software Encryption TechnologyThe paper focus on the study of the layered, identity based encryption scheme and Key-Insulation mechanism, to explore more efficient and safer identity based encryption scheme and Key-Insulation scheme, improving the protection technology of embedded system. The article will use HIBE to improve the security of identity based encryption system and provide formal proof for the security of HIBE. The study of the specific process and arithmetic statement of identity based Key-Insulation mechanism proved the identity based Key-Insulation mechanism is to chose safe ciphertext, providing reliable premise for the obfuscation of encryption model with HIBE, on the basis of studying of HIBE scheme and Key-Insulation mechanism, coming up with HIKE encryption model. In this model,the problem of high burden threat of single PKG is solved and finish the update of encryption with less interact at the same time, and support offline update。3. Embedded Software WatermarkingAs a new technology of software protection, software watermarking provides new way of protecting intellectual property and tracking piracy. The article studied topological structure, encoding, arithmetic and protection measure, according to the feature of embedded system, carrying out a kind of software watermark scheme with tampering proofing. The tampering proofing software watermark proposed in the paper with high data rate. At the same time, it combines the code from testing technology with encrypted code to enhance the software watermark against attack performance.4. Embedded Software Obfuscation TechnologyThe paper introduced basic theory and method of software obfuscation. Detailed analyzed and explain were done to several common software obfuscation models. Based on the feature of code obfuscation and the design idea of Zero-Watermarking, the Zero-Watermarking design scheme based on code obfuscation was proposed. Its core idea is embed the coded watermark message into software, without adding redundant watermark message, thereby improving the security of watermark.
【Key words】 Embedded System; Key-Insulation; Zero-Watermarking; Code Obfuscation; Tamper-proofing;