Establishing trust in encrypted programs
Xia, Ying Han
MetadataShow full item record
Encryption is increasingly being used as deterrence for software piracy and vulnerability exploitation. Unencrypted or insecure programs can be the subject of intensive scrutiny by attackers in an attempt to disable protective features or to find buffer overflows as an avenue of attack of other systems. The application of encrypted programs, however, leads to other security concerns as users are no longer able to distinguish between malicious and benign behavior due to the secretive nature of encryption. Furthermore, should an attacker gain access to the software update process then malicious updates or modifications can be made to the system without the knowledge of the users. Therefore, system administrators running encrypted software now have a need for techniques that would allow such encrypted software to execute properly while minimizing the possibility of the system being compromised. The goal of this research is to develop a methodology that can enable users to trust encrypted software to allow their execution.