[Cryptography] Crypto Trick Makes Software Nearly Impossible to Reverse-Engineer
Jon Callas
jon at callas.org
Fri Feb 13 12:25:14 EST 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Feb 12, 2015, at 6:27 PM, Peter Gutmann <pgut001 at cs.auckland.ac.nz> wrote:
> This looks like a modern update of an old trick from the late 1908s/early
> 1990s, you set the trap bit on the CPU and decrypt each instruction before
> it's executed, then re-encrypt it afterwards. Unfortunately this only worked
> under DOS, as soon as protected-mode anything came along (e.g. a DOS box under
> Windows 3.1), it didn't work any more (or at least I couldn't be bothered
> trying to figure out what was required). The downside was that it made
> execution really, really slow, but if you ran just a few core bits of code
> that way then it was manageable.
It also reminds me of a thing Intel did in the late '90s, as well. There was also a published paper on it in, I believe one of the early Information Hiding workshops.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 3.3.0 (Build 9060)
Charset: us-ascii
wsBVAwUBVN4zffD9H+HfsTZWAQgtsAf/QIE/wjUbFvAbHd5RUHSnHPYpdopMShyk
rZ87yij9s7raBdUhE/uDLraXmhY5UlVpn35S++sbhZTwYLka2pPCPcYuvFcTdZIJ
OylqQcLh39oLEDi9iXFmNjJ8zyab0KR77JWo9wcCzMZlnzVVb19qntk8br0llKqj
R3HIpcxARn5MuzwdxDCd5CKVhXgesrOiPKPKAJOOZb8x9ZwH/vY369UqCQEkyWHi
Dh6qvMvgHJtqjona1VTsjM4qkKiR39FOueE34TM4TfKJqZNWWZ1XOYHI4xNQRvWZ
HCB406QjZoeFoiZ4ijbjMJ3eGCOaak1wG9L3lLeOYG4bSCKH7wM0XA==
=euNL
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list