{"id":13122,"date":"2021-12-06T18:47:09","date_gmt":"2021-12-06T23:47:09","guid":{"rendered":"https:\/\/carleton.ca\/scs\/?page_id=13122"},"modified":"2021-12-06T18:47:09","modified_gmt":"2021-12-06T23:47:09","slug":"tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance","status":"publish","type":"page","link":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/","title":{"rendered":"TR-04-09: A generic attack on checksumming-based software tamper resistance"},"content":{"rendered":"

Carleton University
\nTechnical Report<\/a> TR-04-09
\nNovember 2004<\/p>\n

A generic attack on checksumming-based software tamper resistance<\/h2>\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
Glenn Wurster, Paul Van Oorschot, Anil Somayaji<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n

Abstract<\/h3>\n

Self-checking software tamper resistance mechanisms employing checksums, including advanced systems as recently proposed by Chang and Atallah (2002) and Horne et al. (2002), have been promoted as an alternative to other software integrity verification techniques. Appealing aspects include the promise of being able to verify the integrity of software independent of the external support environment, as well as the ability to automatically integrate checksumming code during program compilation or linking. In this paper, we show that the rich functionality of many modern processors, including UltraSparc and x86-compatible processors, facilitates automated attacks which defeat such checksumming by self-checking programs.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

TR-04-09.pdf<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Carleton University Technical Report TR-04-09 November 2004 A generic attack on checksumming-based software tamper resistance Glenn Wurster, Paul Van Oorschot, Anil Somayaji Abstract Self-checking software tamper resistance mechanisms employing checksums, including advanced systems as recently proposed by Chang and Atallah (2002) and Horne et al. (2002), have been promoted as an alternative to other software […]<\/p>\n","protected":false},"author":49,"featured_media":0,"parent":12325,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_mi_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":"","_links_to":"","_links_to_target":""},"yoast_head":"\nTR-04-09: A generic attack on checksumming-based software tamper resistance - School of Computer Science<\/title>\n<meta name=\"description\" content=\"Carleton University Technical Report TR-04-09 November 2004 A generic attack on checksumming-based software tamper resistance Glenn Wurster, Paul Van\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/\",\"url\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/\",\"name\":\"TR-04-09: A generic attack on checksumming-based software tamper resistance - School of Computer Science\",\"isPartOf\":{\"@id\":\"https:\/\/carleton.ca\/scs\/#website\"},\"datePublished\":\"2021-12-06T23:47:09+00:00\",\"dateModified\":\"2021-12-06T23:47:09+00:00\",\"description\":\"Carleton University Technical Report TR-04-09 November 2004 A generic attack on checksumming-based software tamper resistance Glenn Wurster, Paul Van\",\"breadcrumb\":{\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/carleton.ca\/scs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Research\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SCS Technical Reports\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Technical Reports 2004\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"TR-04-09: A generic attack on checksumming-based software tamper resistance\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/carleton.ca\/scs\/#website\",\"url\":\"https:\/\/carleton.ca\/scs\/\",\"name\":\"School of Computer Science\",\"description\":\"Carleton University\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/carleton.ca\/scs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TR-04-09: A generic attack on checksumming-based software tamper resistance - School of Computer Science","description":"Carleton University Technical Report TR-04-09 November 2004 A generic attack on checksumming-based software tamper resistance Glenn Wurster, Paul Van","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/","url":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/","name":"TR-04-09: A generic attack on checksumming-based software tamper resistance - School of Computer Science","isPartOf":{"@id":"https:\/\/carleton.ca\/scs\/#website"},"datePublished":"2021-12-06T23:47:09+00:00","dateModified":"2021-12-06T23:47:09+00:00","description":"Carleton University Technical Report TR-04-09 November 2004 A generic attack on checksumming-based software tamper resistance Glenn Wurster, Paul Van","breadcrumb":{"@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/tr-04-09-a-generic-attack-on-checksumming-based-software-tamper-resistance\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/carleton.ca\/scs\/"},{"@type":"ListItem","position":2,"name":"Research","item":"https:\/\/carleton.ca\/scs\/research\/"},{"@type":"ListItem","position":3,"name":"SCS Technical Reports","item":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/"},{"@type":"ListItem","position":4,"name":"Technical Reports 2004","item":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2004\/"},{"@type":"ListItem","position":5,"name":"TR-04-09: A generic attack on checksumming-based software tamper resistance"}]},{"@type":"WebSite","@id":"https:\/\/carleton.ca\/scs\/#website","url":"https:\/\/carleton.ca\/scs\/","name":"School of Computer Science","description":"Carleton University","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/carleton.ca\/scs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"acf":{"banner_image_type":"none","banner_button":"no"},"_links":{"self":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13122"}],"collection":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/users\/49"}],"replies":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/comments?post=13122"}],"version-history":[{"count":1,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13122\/revisions"}],"predecessor-version":[{"id":13123,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13122\/revisions\/13123"}],"up":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/12325"}],"wp:attachment":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/media?parent=13122"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}