dr. miguel ángel oros hernández 8. cracking. cracking magnitude of piracy  all...

Click here to load reader

Post on 16-Dec-2015

218 views

Category:

Documents

2 download

Embed Size (px)

TRANSCRIPT

  • Slide 1
  • DR. MIGUEL NGEL OROS HERNNDEZ 8. Cracking
  • Slide 2
  • Cracking Magnitude of piracy All kinds of digital content (music, software, movies) Huge economic repercussions Cracking Process of attacking a copy protection technology One kind of reversing Modification of an applications binary to cause or prevent a specific key branch in the programs execution
  • Slide 3
  • Cracking 1. Piratera y proteccin de copias 2. Tipos de proteccin 3. Conceptos avanzados de proteccin 4. Marca de agua
  • Slide 4
  • Piratera y proteccin de copias
  • Slide 5
  • Slide 6
  • Applying reverse engineering until the software cracker reaches the subroutine that containts the primary method of protecting the software Elimination of the expiration period from a time-limited trial of an application Scanning for the use of a commercial copy protection application (CD, DVD) CloneCD Alcohol 120% Game Jackal Daemon Tools
  • Slide 7
  • Piratera y proteccin de copias The open architecture of todays personal computers makes impossible to create an uncrackable copy protection technology
  • Slide 8
  • Piratera y proteccin de copias Class break Problem in practically every copy protection technology Takes place when a security technology or product fails in a way that affects every user of that technology or product, and not just the specific system that is under attack Huge efforts of developers of copy protection technologies Problem Publishing the results of defeating the protection mechanism
  • Slide 9
  • Piratera y proteccin de copias copy protection mechanism Definition A delicate component Invisible to legitimate users Design considerations Resistance to Attack End-User Transparency Flexibility
  • Slide 10
  • Tipos de proteccin
  • Slide 11
  • Media-Based Protections The primary copy protection approach in the 1980s Idea: have a program check the media with which it is shipped and confirm that it is an original Floppy disks: creating special bad sectors Programs: CopyWrite Transcopy Are they legals? Serial numbers Idea: the software vendor ships each copy of the software with a unique serial number printed somewhere on the product package or on the media itself The installation requires this number If the program is installed, the user is registered When the user contact customer support, the software vendor can verify that the user has a valid installation of the product
  • Slide 12
  • Tipos de proteccin Challenge response and online activations The program sends a challenge response (an protocol used for authenticating specific users or computers in networks) Idea: the both parties share a secret key that is known only to them Improvement to the serial number Challenge response Vendors approval Crackable: create a keygen program that emulates the servers challegne mechanism and generate a valid response on demand
  • Slide 13
  • Tipos de proteccin keygen A license or product key generator (sometimes stylized as keygen) is a computer program that generates a product licensing key, serial number, or some other registration information necessary to activate for use a software applicationproduct licensing keyserial numbersoftware
  • Slide 14
  • Tipos de proteccin Hardware-based protections Idea: add a tamper- proof, non-software- based component into the mix assists in authenticating the running software Use of attached chip to the computer like USB
  • Slide 15
  • Conceptos avanzados de proteccin
  • Slide 16
  • Cripto-Processors A well-known software copy protection approach ProposedRobert M. Best Idea: design a microprocessor that can directly executed encrypted code by decrypting it on the fly Hard to crack because the decrypted code would never be accessible to attackers Digital Rights Management DRM Models Encrypting the protect content Try their best to hide the decryption key and control the path in which content flows after it has been decrypted
  • Slide 17
  • Conceptos avanzados de proteccin Digital Rights Management The Windows Media Rights Manager Idea: separate the media from the licence file (encryption key required to decrypt and playback the media file) Digital Rights Management Secure Audio Path Attempts to control the flow of copyrighted, unencrypted audio within Windows Problem: anyone can write a simulated audio device driver that would just steal the decrypted content while the media playback software is sending it to the sound card
  • Slide 18
  • Marca de agua
  • Slide 19
  • Watermaking Processing to adding an additional channel of imperceptible data alongside a visible stream of data Invisble (or inaudible) data stream that is hidden within the file Properties Difficult to remove It contains as much information as possible Imperceptible Difficult to detect Encrypted Robust
  • Slide 20
  • Marca de agua aplicaciones Enabling authors to embed indentifying information in their intellectual property Identifying the specific owner of an individual copy by using a watermarked fingerprint Identifying the original,unmodified data through a validation mark
  • Slide 21
  • Bibliografa Reversing: Secrets of Reverse Engineering Eldad Eilam Wiley Publishing, Inc. 2005
  • Slide 22
  • Fin