From: Paul Brook <paul@codesourcery.com>
To: qemu-devel@nongnu.org
Cc: Blue Swirl <blauwirbel@gmail.com>,
"Bud P. Bruegger" <bruegger@ancitel.it>,
John@mail.uk2.net, Forrester <forrester@ancitel.it>
Subject: Re: [Qemu-devel] QEMU as a "virtual smart card"?
Date: Fri, 4 Sep 2009 13:08:08 +0100 [thread overview]
Message-ID: <200909041308.09485.paul@codesourcery.com> (raw)
In-Reply-To: <20090903170931.1e7d5772@bud-laptop>
> Assume that I wanted to protect a secret algorithm in some C program.
You're never going to be able to do this. At best you're going to add a few
levels of obfuscation. At worst you're going to give yourself a false sense of
security, while actually making it easier to defeat.
The reason the Windows DRM stuff works is because it's protected by the lowest
level of the OS/hardware, and that protection extends up the whole software
stack. As soon as you loose this link (e.g. by running inside a virtual
machine, or as a userspace application without host kernel magic) then you're
vulnerable to anyone with a copy of gdb.
The whole point of a smartcard is that it's a black box where you can't
observe its operation at all, only its output.
> Normally this is compiled into the machine code of a certain processor
> and there are standard tools (disassembler, debugger) that can be used
> to figure out what the secret algorithm does.
> A virtual machine has a virtual processor. Assume now that I was to
> shuffle around machine instructions both in the processor of the
> virtual machine and in the back-end of my c-compiler. I imagine that
> it would be possible to automate this process (some refactoring tool?)
> and to do some random shuffling.
This is no different from a simple bytecoded execution engine, and fairly
straightforward to reverse-engineer. An experienced hacker will have no
problem writing their own reverse engineering tools to strip away your
obfuscation. Remember that your "encryption" is still native host code, with
any keys plainly visible.
Paul
next prev parent reply other threads:[~2009-09-04 12:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-31 16:08 [Qemu-devel] QEMU as a "virtual smart card"? Bud P. Bruegger
2009-09-01 22:27 ` Laurent Vivier
2009-09-01 23:47 ` Jamie Lokier
2009-09-02 14:58 ` Blue Swirl
2009-09-03 15:09 ` Bud P. Bruegger
2009-09-03 18:51 ` Blue Swirl
2009-09-04 12:08 ` Paul Brook [this message]
2009-09-04 13:12 ` Lennart Sorensen
2009-09-04 13:40 ` Bud P. Bruegger
2009-09-05 2:21 ` Jamie Lokier
2009-09-02 6:58 ` [Qemu-devel] " Paolo Bonzini
2009-09-02 9:17 ` François Revol
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200909041308.09485.paul@codesourcery.com \
--to=paul@codesourcery.com \
--cc=John@mail.uk2.net \
--cc=blauwirbel@gmail.com \
--cc=bruegger@ancitel.it \
--cc=forrester@ancitel.it \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).