Stories
Slash Boxes
Comments

SoylentNews is people

A Crypto Trick that Makes Software Nearly Impossible to Reverse-Engineer

posted by martyb on Wednesday February 18 2015, @04:55AM   Printer-friendly
from the cracker-jack-anti-crack-hack dept.

AnonTechie writes:

Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It’s also what allows those same hackers’ dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder.

At the SyScan conference next month in Singapore, security researcher Jacob Torrey plans to present a new scheme he calls Hardened Anti-Reverse Engineering System, or HARES. Torrey’s method encrypts software code such that it’s only decrypted by the computer’s processor at the last possible moment before the code is executed. This prevents reverse engineering tools from reading the decrypted code as it’s being run. The result is tough-to-crack protection from any hacker who would pirate the software, suss out security flaws that could compromise users, and even in some cases understand its basic functions.

http://www.wired.com/2015/02/crypto-trick-makes-software-nearly-impossible-reverse-engineer/

 
This discussion has been archived. No new comments can be posted.
A Crypto Trick that Makes Software Nearly Impossible to Reverse-Engineer | Log In/Create an Account | Top | 25 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by GeminiDomino on Wednesday February 18 2015, @02:32PM

    by GeminiDomino (661) on Wednesday February 18 2015, @02:32PM (#146523)

    Just perfect. Another "trick" that's going to prove ultimately worthless for the stated use case, but will come in real handy for scumbags writing malware.

    --
    "We've been attacked by the intelligent, educated segment of our culture"
    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 1) by monster on Thursday February 19 2015, @08:26AM

    by monster (1260) on Thursday February 19 2015, @08:26AM (#146891) Journal

    Encrypted code being unencrypted at runtime (with even keys composed on the fly with bits from here and there) has been a staple functionality of malware in the last 25 years, at least. Doesn't seem so novel, at least on first look.

    • (Score: 2) by GeminiDomino on Thursday February 19 2015, @04:09PM

      by GeminiDomino (661) on Thursday February 19 2015, @04:09PM (#146994)

      True, it's a new technique to the same end, which means there will be a period before the anti-malware programs catch up, and when they do, any program that uses it is going to be flagged as a false positive, thus rendering it all but useless.

      --
      "We've been attacked by the intelligent, educated segment of our culture"