N-Version Obfuscation: Impeding Software Tampering Replication with Program Diversity
This addresses software security for systems requiring tamper-resistance, but it is incremental as it builds on existing obfuscation methods.
The paper tackles the problem of software tampering by proposing N-version obfuscation, which delivers functionally nonequivalent copies to different machines to impede replication, and shows that the time to break the system increases linearly with the number of versions, achieving O(n) complexity.
Tamper-resistance is a fundamental software security research area. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, to our best knowledge, none of them can achieve theoretically tamper-resistance. Our idea is to impede the replication of tampering via program diversification, and thus increasing the complexity to break the whole software system. To this end, we propose to deliver same featured, but functionally nonequivalent software copies to different machines. We formally define the problem as N-version obfuscation, and provide a viable means to solve the problem. Our evaluation result shows that the time required for breaking a software system is linearly increased with the number of software versions, which is O(n) complexity.