Re: Request: tamper-proofing executables

[Mike Johnson second login <exabyte!gedora!mikej2@uunet.uu.net>]

On Fri, 8 Jul 1994, Dan Marner wrote:
>    I would appreciate any pointers to documents, source code or
> programs that deal with using cryptographic techniques to detect
> or prevent modification of executable code. I am looking for 
> something that uses either a signature or a one-way hash to detect
> modifications at run time. 
>    Of particular interest is information on signing a file that
> includes the signature as part of the file. Is this possible with
> any of the common algorithms?

There are lots of ways to detect modification of executable code, and 
possibly take some action based on the outcome.  The hard part comes when 
you consider that the code doing the checking may itself be hacked.  A 
determined hacker would just patch the code to jump around the test.  I 
suggest three things to make it harder:`

1.  Make more than one test in more than one place in the code, making it 
harder to find all of them.

2.  If you use any embeded keys, create them at run time from pieces 
stored in different places in the code and/or data.

3.  Store the code in compressed format.  One nice way to do this is with 
PKLite Professional with the -e option.

The choice of algorithms used to sign the files (i. e. DSA vs RSA vs 
salted hash vs simple CRC) is probably less important than the details 
mentioned above.  The only way to substantially increase the security of 
the check is to add a hardware device (i. e. dongle or custom hardware 
card), but people generally hate those since they are usually used just 
for copy protection.  On the other hand, clever application of the above 
software techniques is probably good enough to avoid common virii, 
unintentional damage to files, and the average hacker.

Peace to you.
Mike Johnson