1 / 15

Authors : I-Shi Lee and Wen-Hsiang Tsai

Security Protection of Software Programs by Information Sharing and Authentication Techniques Using Invisible ASCII Control Codes. Authors : I-Shi Lee and Wen-Hsiang Tsai Source : International Journal of Network Security, vol. 10, no. 1, pp. 1-10, 2010

dillan
Download Presentation

Authors : I-Shi Lee and Wen-Hsiang Tsai

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Protection of Software Programs by Information Sharing and Authentication Techniques Using Invisible ASCII Control Codes Authors : I-Shi Lee and Wen-Hsiang Tsai Source : International Journal of Network Security, vol. 10, no. 1, pp. 1-10, 2010 Presenter : Ping-Kun Hsu (許鈵昆) Date : 11/26/2010

  2. Outline • Introduction • ASCII control codes • The proposed method • Experimental result • Conclusions

  3. Introduction • Goals • Information Sharing • Authentication • Related Works • Invisible Character Coding Table • Exclusive-OR

  4. ASCII control codes(1/2) invisible in the comments or characters string of VC++ programs

  5. ASCII control codes(2/2)

  6. The proposed method(1/8) • Invisible Character Coding Table

  7. The proposed method(2/8) • Flow Chat ⊕ ⊕ Secret random key Shares Secret program Camouflage programs Invisible Character Coding Table Authentication signs Stego-programs

  8. The proposed method(3/8) • Creating shares from the secret program • Ss:Secret program string • Pk: Camouflage program, , k = 1, 2, … , n • Sk: Camouflage programs string, k = 1, 2, …, n • Y’: The expanded key • Ek: The shares, k = 1, 2, …, n Pk Sk = c1c2c3 … S2 = E S1 S3 Sn-1 Sn Y’ Ss ⊕ ⊕ ⊕ ⊕ ‧‧‧ ⊕ ⊕ ⊕ En-1 E1 En E2 E3 ‧‧‧ E

  9. The proposed method(4/8) • Generating authentication signs • Sk: Camouflage programs string, k = 1 ,2, …, n • Ek: The shares, k = 1, 2, …, n • Ak: The authentication signs, k = 1, 2, … ,n • Y : The secret random key Sk = (ABC)16 =(65 66 67)10 65+66+67 mod 170 = 28 Ek = (DEF)16 =(68 69 70)10 68+69+70 mod 170 = 37 Y = (10101010)2 = (170)10 00011100 00100101 = Ak

  10. The proposed method(5/8) • Encoding and hiding the shares and signs • Ek: The shares, k = 1, 2,…, n • Ak: The authentication signs, k = 1, 2,… , n • Fk: Binary string, k = 1, 2,… , n • Pk: Camouflage program, , k = 1, 2, … , n • Pk’: Stego-programs, k = 1, 2, … , n Fk = Ek || Ak = 01000100 01000101 01000110 00011100 00100101 Invisible character coding table 1D1C1D1C1D1C1D1D1D1C1D1E1C1D1F1C1C1E1D1D Pk Pk’

  11. The proposed method(6/8) • Extracting hidden shares and signs • Ek: The shares, k = 1, 2,…, n • Ak: The authentication signs, k = 1, 2,… , n • Fk’: The extracted character string, k = 1, 2,… , n • Pk: Camouflage program, , k = 1, 2, … , n • Pk’: Stego-programs, k = 1, 2, … , n Pk’ = Pk || Fk’ Fk’ = 1D1C1D1C1D1C1D1D1D1C1D1E1C1D1F1C1C1E1D1D Invisible character coding table 01000100 01000101 01000110 00011100 00100101 Ek Ak

  12. The proposed method(7/8) • Authenticating • Ek: The shares, k = 1, 2,…, n • Ak’: The authentication signs, k = 1, 2,… , n • Pk: Camouflage program, , k = 1, 2, … , n • Sk: Camouflage programs string, k = 1, 2, …, n • Y : The secret random key Ak’ =00011100 00100101 Ak = 00011100 00100101 Pk Sk = c1c2c3 … 65+66+67 mod 170 = 28 68+69+70 mod 170 = 37 Sk = (ABC)16 =(65 66 67)10 Y = (10101010)2 = (170)10 00011100 00100101 = Ak’ Ek = (DEF)16 =(68 69 70)10

  13. The proposed method(8/8) • Recovering the secret program • Ss:Secret program string • Sk: Camouflage programs string, k = 1, 2, …, n • Y’: The expanded key • Ek: The shares, k = 1, 2, …, n = E ⊕ S2 S1 S3 Sn-1 Sn Y’ Ss ⊕ ⊕ ⊕ ‧‧‧ ⊕ ⊕ ⊕ E1 || E2 || E3 || En-1 || En = E ‧‧‧

  14. Experimental result

  15. Conclusions • The proposed method may decrease the doubts of malicious attackers. • The proposed method may be extended to deal with web pages.

More Related