data obfuscation
DESCRIPTION
Data obfuscation is the ugly process of trying to hide data on a computer from its owner. It is far from perfect, but it is an important security tool for deal with cheating and piracy, software licensing, and is really what DRM depends on. This is part 3 of my game security course. For the rest of this course, visit http://free2secure.com/. You may also want to check out my book "Protecting Games" - see http://playnoevil.com/ for details.TRANSCRIPT
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Security in the Client – Part 2
Data Obfuscation
Steven Davis
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
CAUTION: Obfuscation and the Language of
Security• Language here is confusing
and non-standard!• Other problems with encrypt,
encode, secure….• Security is full of sloppy
language
And causes real problems both between security people and with REAL people
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Obfuscation & Code Obfuscation Confusion
• Anti-Tamper– Altering code so that
changes to code can be detected by code
– Adding sequence checks, control flags, etc.
• Anti-Reverse Engineering– Making decompilation
and extraction of code logic more difficult
– Extra, non-standard assembly code (loops, jumps, etc.) that break up apparent code logic
DO
ES N
OT
STO
P C
OD
E TH
EFT
Cop
ying
with
out u
nder
stan
ding
is n
ot s
topp
ed!
Als
o do
es n
ot s
top
data
alte
ratio
n
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Data Obfuscation
– What is it?• Hiding Data so that it can’t be found• Storing Data so that it cannot be
undetectably altered
– Tactics• Splits• Keyed Split• Encryption• Multiple Stores• Local vs. Remote verification
– Challenges• Programming Complexity
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
• The game cheater and hackers Best Friend!• Provides direct access to computer RAM• Application independent cheat tools… easy and powerful and
customizable
Memory EditorsMemory Editors
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Classic Trap – Private Keys
• Flawed assumption of many security systems• … and Virtually All DRM systems• Private Keys aren’t Secret from their user!
– (Good luck with that “trusted hardware”)– They have to be exposed on their platform– Signature keys can also be replaced
• No recovery mechanism
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Asymmetric Warfare
Security is about making the other guys work hard without much work on
your part
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
General Data Obfuscation Approach
• Usually Protected_XXX_Class or Template– Makes it easy to specify values that are being protected– Limits performance impact– Separates Obfuscation design from Main code
• BetterBetter – Use Macro or Script at Compile time– Language dependent– Puts obfuscation in-line, so harder to identify remove
Can be used with Code Obfuscation (to hide Data Obfuscation)
HighScore = new ProtectedInt();
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Data Obfuscation Internals - Split
• Easy and quick• Can be detected and
countered without too much difficulty– Memory editor looks
for changed memory– Make arbitrary
changes to identified changed memory and look at visible results
// pseudo code splitClass ProtectedInt() {
private Int a;private Int b;
// initialize valuesProtectedInt(x) {
a = new Int();a = randomInt();b = new Int();b = x-a;
}// retrieval method
getProtectedInt() {return a+b;
}}
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Data Obfuscation Internals – Keyed Split• Easy and quick• Can be detected and
countered without too much difficulty– Memory editor looks
for changed memory– Make arbitrary
changes to identified changed memory and look at visible results
• Basis of most license registration and license spoofing scenarios
// pseudo code keyed splitClass ProtectedInt() {
private Int b;// initialize values
ProtectedInt(x) {a = new Int();a = get_Platform_IDx();// or other local valueb = new Int();b = x-a;
}// retrieval method
getProtectedInt() {return b+get_Platform_IDx();
}
}
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Data Obfuscation Internals – Encrypt• Slow (depending on
algorithm)– This can be a real
issue.. Full encryption gives little benefit
• Hacker needs to find algorithm and key– If only used locally,
binary code can be replaced sometimes
– Remember: key is still present!
// pseudo code encryptClass ProtectedInt() {
private Int b;// initialize values
ProtectedInt(x) {a = new ByteArray();a = ByteArray.fromInt(x);b = getKey();a = Encrypt(a,b);
}// retrieval method
getProtectedInt() {d = Decrypt(a,b);return Int.fromByteArray(d);
}
}
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Blind Functions
– Hackers like to “plug out” security functions to bypass them
– To detect this, structure security functions as “blind functions”
Security Test
Yes/No
Security Function
Data
Output
ExternalVerification
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Alternatives to Encryption
– Full encryption is time consuming….– So, use “really bad” encryption instead– Based on Cipher-Block Chaining– Create a non-linear function that is reversible and affect the
entire data stream
Byte-based sample:
Store randomized 256 entry table (T)Key stream (K) – m bytes Data bytes (B) – n bytes
If n = 1
E = B[0];
for (i = 0; i<m;i++) {E = T[E+K[i]];
}return E;
If n > 1If n > 2*m then l = 2*n else l=
2*mE[0] = T[B[0]+K[0]];for (i = 1; i<l;i++) {
x = i mod n;E[i] = T[E[i-1]+B[i]+K[i]];
}return E;
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Multiple Stores// pseudo code multiple store using splitClass ProtectedInt() {
private Int a;private Int b;private Int c;
// initialize valuesProtectedInt(x) {
a = new Int();a = randomInt();b = new Int();b = x-a;c = x;
}// retrieval method
getProtectedInt() {return c;
}}
• Store both an unprotected and protected version of data
• … let the hacker think he’s won
• … and, of course, you can combine all of the methods together.
incrementProtectedInt(y) {c = c+y;d = new Int();
d = randomInt();a = a+d;b = b+y-d
}
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
Verification – Local & Remote
– Verification can either occur locally or remotely– If remote, pass all versions of data to the server and
let the server make the decision (and decrypt or recover all of the data).
– Action on verification does not need to be taken immediately
verifyProtectedInt() {if (c-(a+b)==0) {
return true};
return false;}
For multiple stores:
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
What next?• Don’t give up!
• More security presentations at: http://free2secure.com/
• Check out my book “Protecting Games”– Additional information at http://playnoevil.com/
• You can “win” the security game
Security eBooks
Games, iGaming, and Gambling [email protected]+1.650.278.7416
About Me• Steven Davis
– 25+ Years of Security Expertise
– I have worked on everything from online games and satellite TV to Nuclear Command and Control and military communications
• http://www.linkedin.com/in/playnoevil
– Author, “Protecting Games”
• Why Free2Secure?– Security is too expensive and isn’t working. There has to be a better way.
I’m exploring these issues for IT security, ebooks, games, and whatever else strikes my fancy at http://free2secure.com/
– Join me there, ask questions, challenge assumptions, let’s make things better