EP3234843A1 - Procédé de mise à disposition d'une application logicielle critique pour la sécurité sur une unité informatique - Google Patents

Procédé de mise à disposition d'une application logicielle critique pour la sécurité sur une unité informatique

Info

Publication number
EP3234843A1
EP3234843A1 EP15816668.6A EP15816668A EP3234843A1 EP 3234843 A1 EP3234843 A1 EP 3234843A1 EP 15816668 A EP15816668 A EP 15816668A EP 3234843 A1 EP3234843 A1 EP 3234843A1
Authority
EP
European Patent Office
Prior art keywords
software application
computer unit
code
software
mobile terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP15816668.6A
Other languages
German (de)
English (en)
Inventor
Daniel Albert
Frank Schäfer
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Build38 GmbH
Original Assignee
Giesecke and Devrient Mobile Security GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient Mobile Security GmbH filed Critical Giesecke and Devrient Mobile Security GmbH
Publication of EP3234843A1 publication Critical patent/EP3234843A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1015Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to users
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software

Definitions

  • the invention relates to a method for providing a safety-critical software application on a computer unit.
  • the invention relates to a method for providing a security-critical Java application on a mobile terminal. Background of the invention
  • Mobile terminals for example in the form of smartphones or tablet computers, are increasingly being used to carry out digital transactions, for example cashless payment at an NFC terminal or the purchase of a product or service from an online mail order company.
  • a software application implemented on the mobile terminal usually interacts with a terminal or server.
  • a cryptographic algorithm e.g. an encryption algorithm
  • part of the software application implemented on the mobile terminal which accesses security-critical data, e.g. PINs, passwords, keys, etc., accesses.
  • security-critical data has generally been deposited on an independent security element of the mobile terminal in the form of a removable SIM card from the mobile terminal in order to protect it against an attack by unauthorized persons.
  • An approach that can be advantageously used, in particular, when carrying out digital transactions with a mobile terminal that does not have an independent security element for securely storing security-critical data is based on the idea of security-critical software applications and data contained therein by means of software measures to protect from an attacker.
  • One of these software measures is to make a software application more resistant to attacks by obfuscating the software application's program code so that an attacker who has access to that program code can do virtually nothing with it.
  • the Java code obfuscator "ProGuard" may be mentioned here
  • a method for providing a software application on a computer unit comprises the following steps: performing an AOT compilation of the software application in the form of bytecode in order to generate assembler code from the bytecode of the software application; obfuscating the assembly code of the software application; setting the obfuscated assembler code of the software application in a software distribution platform; and downloading the obfuscated assembler code to the computer unit.
  • the software application is a Java application or one in the form of an interpreted language that is executed or interpreted in a virtual machine.
  • the software distribution platform is the Google Play Store.
  • the computer unit is operated with the operating system Android (version 4.4 or higher).
  • different assembly codes for different processor architectures are set in the software distribution platform.
  • the computer unit is a mobile terminal.
  • FIG. 1 shows a schematic representation of a communication system with a computer unit in the form of a mobile terminal, in which the present invention is advantageously used
  • FIG. 2 shows a conventional method for providing a safety-critical software application on the mobile terminal of FIG. 1, and a preferred embodiment of FIG Method for providing a safety-critical software application on the mobile terminal of FIG. 1.
  • FIG. 1 shows a schematic representation of an exemplary communication system 10, in which the invention can be used advantageously.
  • the communication system 10 comprises a computer unit 20 in the form of a mobile terminal, preferably in the form of a smartphone or a tablet computer.
  • the mobile terminal 20 is configured to communicate with a server or terminal 60 via a communication channel 50.
  • the communication channel 50 may, for example, be the Internet, a mobile radio network, an NFC channel or the like.
  • the server 60 could be a NFC terminal of a service provider, with which a software application, for example the software application 34, carries out transactions on the mobile terminal 20.
  • ren for example, a payment transaction in which the software application on the mobile terminal device 20 handles a payment process.
  • the mobile terminal 20 has a chip 22 with a central processing unit (CPU), for example, in the form of a microprocessor 24.
  • CPU central processing unit
  • the primary tasks of the processor 24 include performing arithmetic and logic functions and reading and writing data elements as defined by a software application running on the processor 24.
  • a preferred hardware and software architecture of the processor 24 in Figure 1 outside the mobile terminal 20 is shown again schematically in detail.
  • the processor 24 is in communication with a memory unit 26, which preferably comprises a volatile random access memory (RAM), for example for receiving the program code of a software application to be executed by the processor 24.
  • the memory unit 26 further comprises a non-volatile, preferably rewritable memory, for example, to receive the program code of a software application to be executed by the processor 24 in the de-energized state of the mobile terminal.
  • the nonvolatile, rewritable memory is preferably a flash memory (flash EEPROM). This may be, for example, a flash memory with a NAND or a NOR architecture.
  • the memory unit 26 may also comprise a read-only memory (ROM).
  • ROM read-only memory
  • a runtime environment 32 is implemented in the processor 24 at runtime, which depends on hardware-related functionality. can be accessed by an operating system 30.
  • the operating system 30 is the Android operating system and the runtime environment 32 is the runtime environment "Android Runtime (ART)".
  • the runtime environment 32 is implemented in such a way that at least one software application 34 can be executed therein.
  • the software application 34 is a Java application.
  • the program code of the operating system 30, the runtime environment 32 and / or the software application 34 may be stored in a non-volatile area of the memory unit 26.
  • FIG. 2 shows the sequence of a conventional method for providing the software application 34 on the mobile terminal 20, wherein the software application 34 is a Java application.
  • the Java application 34 is created, i. the program or source code of the Java application 34 is written.
  • step SDT2 of FIG. 2 obfuscation measures of the program or source code of the Java application 34 can now be undertaken. Due to the form in which the program code of the Java application 34 is present at this time, no strong obfuscation measures can be performed in step SDT2 of FIG.
  • the obfuscated program code of the Java application 34 is set in step SDT3 of Figure 2 in an accessible over the Internet software application distribution platform.
  • the software application distribution platform may, for example, be provided on an Internet server, such as the server 60 of FIG.
  • the software application distribution platform is the Google Play Store.
  • the program code of the Java application 34 can be downloaded to a mobile terminal, such as the mobile terminal 20 of FIG. 1, in step SDT4 of FIG.
  • a mobile terminal such as the mobile terminal 20 of FIG. 1
  • the Java application 34 can be executed by known in the execution on the mobile terminal 20, a JIT compilation ("just in time” compilation).
  • the program code of the Java application 34 takes place (see step SDT5 of FIG. 2).
  • FIG. 3 shows the sequence of a preferred embodiment of a method according to the invention for providing the software application 34 on the mobile terminal 20, wherein the software application 34 is preferably a Java application.
  • the Java application 34 is created, i. the program or source code of the Java application 34 is written.
  • an AOT compilation ("" ahead of time "compilation") of the program code of the Java application 34 already takes place in step S2 of FIG. 3.
  • the program code of the Java application 34 now in assembler, ie as assembler code (also called "native code").
  • the Java application 34 which is now present in assembler code, is obfuscated in step S3 of FIG.
  • step S3 of FIG. Byte code and assembler code significantly more effective obfuscation measures can be taken than is possible in step SDT2 of the method of Figure 2.
  • steps S 1 to S 3 of FIG. 3 can be carried out in a development environment, for example in the developer of the Java application 34.
  • the assembly code of the Java application 34 After the assembly code of the Java application 34 has been obfuscated in step S3 of FIG. 3, it can be set in step S4 of FIG. 3 into a software application distribution platform accessible via the Internet.
  • the software application distribution platform may, for example, be provided on an Internet server, such as the server 60 of FIG.
  • the software application distribution platform is the Google Play Store.
  • the assembly code of the Java application 34 can be downloaded in step S5 of Figure 3 to a mobile terminal, such as the mobile terminal 20 of Figure 1, down.
  • the Java application 34 can be executed by executing the assembly code of the Java application 34 (see step S6 of FIG. 3).
  • the person skilled in the art will recognize that the provision of the Java application 34 on the software application distribution platform in the form of assembly code can make it necessary for mobile terminals with different processor architectures and processor versions to have correspondingly different versions of the Java application 34 in the form must be held by assembler code.
  • the person skilled in the art will recognize that due to the differences between Java byte code and assembler code in the inventive method according to FIG. 3, significantly more effective obfuscation measures can advantageously be used than in the case of the conventional method according to FIG.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Stored Programmes (AREA)
  • Telephone Function (AREA)

Abstract

L'invention concerne un procédé de mise à disposition d'une application logicielle sur une unité informatique. Le procédé comprend ici les étapes suivantes : réalisation d'une compilation anticipée de l'application logicielle présente sous la forme d'un code source afin de générer un code d'assembleur à partir du code source de l'application logicielle; obfuscation du code d'assembleur de l'application logicielle; conditionnement du code d'assembleur obfusqué de l'application logicielle dans une plate-forme de distribution de logiciel; et téléchargement du code d'assembleur obfusqué sur l'unité informatique. L'invention concerne également une unité informatique.
EP15816668.6A 2014-12-18 2015-12-17 Procédé de mise à disposition d'une application logicielle critique pour la sécurité sur une unité informatique Withdrawn EP3234843A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102014019090.0A DE102014019090A1 (de) 2014-12-18 2014-12-18 Verfahren zum Bereitstellen einer sicherheitskritischen Softwareapplikation auf einer Computereinheit
PCT/EP2015/002551 WO2016096139A1 (fr) 2014-12-18 2015-12-17 Procédé de mise à disposition d'une application logicielle critique pour la sécurité sur une unité informatique

Publications (1)

Publication Number Publication Date
EP3234843A1 true EP3234843A1 (fr) 2017-10-25

Family

ID=55024989

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15816668.6A Withdrawn EP3234843A1 (fr) 2014-12-18 2015-12-17 Procédé de mise à disposition d'une application logicielle critique pour la sécurité sur une unité informatique

Country Status (4)

Country Link
US (2) US20180276373A1 (fr)
EP (1) EP3234843A1 (fr)
DE (1) DE102014019090A1 (fr)
WO (1) WO2016096139A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102018004996A1 (de) * 2018-06-22 2019-12-24 Build38 Gmbh Überprüfung einer Ortsinformation
EP3745287B1 (fr) 2019-05-28 2022-03-16 Giesecke+Devrient Mobile Security GmbH Protection d'une application du logiciel
DE102019004398A1 (de) * 2019-06-21 2020-12-24 Giesecke+Devrient Mobile Security Gmbh Obfuskierung einer Softwareapplikation

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8984299B1 (en) * 2013-08-14 2015-03-17 Soongsil University Research Consortium Techno-Park Apparatus for code obfuscation and method thereof

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7430670B1 (en) * 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
WO2001086372A2 (fr) * 2000-05-12 2001-11-15 Xtreamlok Pty. Ltd. Procédé et un système de sécurité de l'information
WO2009010338A1 (fr) * 2007-07-13 2009-01-22 Siemens Aktiengesellschaft Procédé d'obfuscation assistée par ordinateur d'un programme logiciel et produit-programme informatique
EP2482184A1 (fr) * 2011-02-01 2012-08-01 Irdeto B.V. Machine virtuelle adaptative impénétrable
US8898629B2 (en) * 2011-04-06 2014-11-25 Media Direct, Inc. Systems and methods for a mobile application development and deployment platform
CN103324481B (zh) * 2013-06-26 2016-08-31 网宿科技股份有限公司 通过汇编实现代码混淆的编译方法和***

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8984299B1 (en) * 2013-08-14 2015-03-17 Soongsil University Research Consortium Techno-Park Apparatus for code obfuscation and method thereof

Also Published As

Publication number Publication date
WO2016096139A1 (fr) 2016-06-23
US20200074077A1 (en) 2020-03-05
DE102014019090A1 (de) 2016-06-23
US20180276373A1 (en) 2018-09-27

Similar Documents

Publication Publication Date Title
DE102016205289A1 (de) Verfahren, Prozessor und Gerät zur Integritätsprüfung von Nutzerdaten
EP3435270B1 (fr) Dispositif et procédé de fonctionnement protégé par cryptographie d'une machine virtuelle
EP3234843A1 (fr) Procédé de mise à disposition d'une application logicielle critique pour la sécurité sur une unité informatique
EP2885907B1 (fr) Procédé d'installation des applications de sécurite dans un élèment de sécurité d'un terminal
DE102016204684A1 (de) Verfahren und Einrichtung zum Bereitstellen einer kryptographischen Sicherheitsfunktion für den Betrieb eines Geräts
WO2016096118A1 (fr) Procédé d'exploitation d'une unité informatique ainsi qu'une unité informatique de ce genre
EP2987078B1 (fr) Procédé de chargement d'une application sur un module de sécurité et module de sécurité de ce type
DE102005046696B4 (de) Verfahren zum Erzeugen von geschütztem Programmcode und Verfahren zum Ausführen von Programmcode eines geschützten Computerprogramms sowie Computerprogrammprodukt
DE602004007368T2 (de) Verfahren zum verwalten eines in einem umprogrammierbaren onboard-system heruntergeladenen ausführbaren codes
EP3248136B1 (fr) Procédé de fonctionnement d'une unité d'ordinateur avec un environnement de temps d'exécution sécurisé et unité d'ordinateur
EP3745287B1 (fr) Protection d'une application du logiciel
EP3159821B1 (fr) Système avec processeur présentant des réglages de sécurité pour applets
DE102015112837A1 (de) Vorrichtung und Verfahren zur Verhinderung des Klonens von Code
EP3243154B1 (fr) Procédé de fonctionnement sûr d'une unite informatique, application logicielle et unité informatique
EP1634472B1 (fr) Carte a puce comportant au moins une application
EP2569726B1 (fr) Procédé pour contrôler si des instructions de programme ont été excutées par un terminal portable
DE102012022874A1 (de) Applikationsinstallation
AT508649A2 (de) Chipkarte mit überwachung der integrität auf softwarebasis
DE102014113441A1 (de) Schutz vor Software-Komponenten mittels Verschlüsselung
DE102007041873A1 (de) Installieren eines Patch in einem Smartcard-Modul
DE102004047191A1 (de) Manipulationsgeschütztes Mikroprozessorsystem und Betriebsverfahren dafür
DE102020002055A1 (de) Datenverarbeitungsvorrichtung zur Provisionierung eines Hardware-Prozessorsystems
EP1720096B1 (fr) Procédé pour l'addition de fonctionnalité à un module d'un paquetage de logiciel
DE102015207004A1 (de) Verfahren zum geschützten Zugriff auf Sicherheitsfunktionen eines Sicherheitsmoduls eines Hostsystems
EP4044051A1 (fr) Randomisation d'un code de programme binaire

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20170718

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: BUILD38 GMBH

17Q First examination report despatched

Effective date: 20200107

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20200717