authors : i-shi lee and wen-hsiang tsai
DESCRIPTION
Security Protection of Software Programs by Information Sharing and Authentication Techniques Using Invisible ASCII Control Codes. Authors : I-Shi Lee and Wen-Hsiang Tsai Source : International Journal of Network Security, vol. 10, no. 1, pp. 1-10, 2010 - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/1.jpg)
Security Protection of Software Programs by Information Sharing and Authentication
Techniques Using Invisible ASCII Control Codes
Authors : I-Shi Lee and Wen-Hsiang TsaiSource : International Journal of Network Security, vol. 10, no. 1, pp. 1-10, 2010Presenter : Ping-Kun Hsu (許鈵昆 )Date : 11/26/2010
![Page 2: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/2.jpg)
2
Outline Introduction ASCII control codes The proposed method Experimental result Conclusions
![Page 3: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/3.jpg)
3
Introduction Goals
Information Sharing Authentication
Related Works Invisible Character Coding Table Exclusive-OR
![Page 4: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/4.jpg)
4
ASCII control codes(1/2)
Hex Char Hex Char Hex Char Hex Char
0 NUL 8 BS 10 DLE 18 CAN
1 SOH 9 HT 11 DC1 19 EM
2 STX A LF 12 DC2 1A SUB
3 ETX B VT 13 DC3 1B ESC
4 EOT C FF 14 DC4 1C FS
5 ENQ D CR 15 NAK 1D GS
6 ACK E SO 16 SYN 1E RS
7 BEL F SI 17 ETB 1F US
invisible in the comments or characters string of VC++ programs
![Page 5: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/5.jpg)
5
ASCII control codes(2/2)
![Page 6: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/6.jpg)
6
The proposed method(1/8) Invisible Character Coding Table
Hex Invisible ASCII Code Bit Pair
1C FS 00
1D GS 01
1E RS 10
1F US 11
![Page 7: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/7.jpg)
The proposed method(2/8) Flow Chat
7
Secret program Camouflage programs Secret random key
⊕ ⊕
Shares
Authentication signs
Stego-programs
Invisible Character Coding Table
![Page 8: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/8.jpg)
The proposed method(3/8) Creating shares from the secret program
Ss : Secret program string Pk: Camouflage program, , k = 1, 2, … , n Sk: Camouflage programs string, k = 1, 2, …, n Y’: The expanded key Ek: The shares, k = 1, 2, …, n
8
S1 S2 S3 Sn-1 Sn Ss⊕ ⊕ ⊕ ⊕‧‧‧ ⊕ ⊕⊕ Y’
E E1 E2 En-1 E3 En‧‧‧
= E
Pk = c1c2c3 … Sk
![Page 9: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/9.jpg)
9
The proposed method(4/8) Generating authentication signs
Sk: Camouflage programs string, k = 1 ,2, …, n Ek: The shares, k = 1, 2, …, n Ak: The authentication signs, k = 1, 2, … ,n Y : The secret random key
Sk
Ek
Y
= (ABC)16 =(65 66 67)10
= (10101010)2 = (170)10
= (DEF)16 =(68 69 70)10
65+66+67 mod 170 = 28
68+69+70 mod 170 = 37
00011100 00100101 = Ak
![Page 10: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/10.jpg)
10
The proposed method(5/8) Encoding and hiding the shares and signs
Ek: The shares, k = 1, 2,…, n Ak: The authentication signs, k = 1, 2,… , n Fk: Binary string, k = 1, 2,… , n Pk: Camouflage program, , k = 1, 2, … , n Pk’: Stego-programs, k = 1, 2, … , n
Ek Ak Fk = ||
= 01000100 01000101 01000110 00011100 00100101
Invisible character coding table
1D1C1D1C 1D1C1D1D 1D1C1D1E 1C1D1F1C 1C1E1D1D
Pk Pk’
![Page 11: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/11.jpg)
11
The proposed method(6/8) Extracting hidden shares and signs
Ek: The shares, k = 1, 2,…, n Ak: The authentication signs, k = 1, 2,… , n Fk’: The extracted character string, k = 1, 2,… , n Pk: Camouflage program, , k = 1, 2, … , n Pk’: Stego-programs, k = 1, 2, … , n
Pk’ Pk
1D1C1D1C 1D1C1D1D 1D1C1D1E 1C1D1F1C 1C1E1D1D
= Fk’||
Invisible character coding table
Fk’ =
01000100 01000101 01000110 00011100 00100101
Ek Ak
![Page 12: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/12.jpg)
The proposed method(7/8) Authenticating
Ek: The shares, k = 1, 2,…, n Ak’: The authentication signs, k = 1, 2,… , n Pk: Camouflage program, , k = 1, 2, … , n Sk: Camouflage programs string, k = 1, 2, …, n Y : The secret random key
12
=00011100 00100101 Ak’
Ak = 00011100 00100101 Pk = c1c2c3 … Sk
Sk
Ek
= (ABC)16 =(65 66 67)10
= (DEF)16 =(68 69 70)10
65+66+67 mod 170 = 28
68+69+70 mod 170 = 37
Y = (10101010)2 = (170)10 00011100 00100101 = Ak’
![Page 13: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/13.jpg)
13
The proposed method(8/8) Recovering the secret program
Ss : Secret program string Sk: Camouflage programs string, k = 1, 2, …, n Y’: The expanded key Ek: The shares, k = 1, 2, …, n
E E1 E2 En-1 E3 En‧‧‧|| || || || =
Ss⊕ S1 S2 S3 Sn-1 Sn
⊕ ⊕ ⊕ ⊕‧‧‧ ⊕ ⊕ Y’= E
![Page 14: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/14.jpg)
14
Experimental result
![Page 15: Authors : I-Shi Lee and Wen-Hsiang Tsai](https://reader035.vdocument.in/reader035/viewer/2022081513/56815fe5550346895dcee8eb/html5/thumbnails/15.jpg)
15
Conclusions The proposed method may decrease the
doubts of malicious attackers.
The proposed method may be extended to deal with web pages.