RE-TRUST: Trustworthy Execution of SW on Remote Untrusted Platforms

  • Brecht Wyseur


A major challenge in software security is preserving software integrity. Traditionally this problem is addressed through the development of software (self-) checking techniques that verify the integrity of its code and execution. Unfortunately no satisfactory solutions for run-time verification of software integrity have been presented. In this paper, we approach the problem of run-time software integrity verification in a networked context. That is, we present techniques to enable remote verification of the execution of software, given the availability of a continuous network connection between the verification entity and the untrusted execution platform.


Smart Card Trust Platform Module Trust Computing Verification Technique Protection Technique 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. David Aucsmith “Tamper Resistant Software: An Implementation”, In Information Hiding 1996.Google Scholar
  2. Jean-Daniel Aussel, Jerome d’Annoville, “Smart Cards and remote entrusting”, in proceedings of The Future of Trust in Computing, 2nd conference, Berlin, Germany, June 30-July 2, 2008.Google Scholar
  3. M. Baldi, Y. Ofek, M. Young, “Idiosyncratic Signatures for Authenticated Execution of Management Code”, 14th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM 2003), Heidelberg, Germany, Oct. 2003.Google Scholar
  4. Cataldo Basile, Stefano Di Carlo, Thomas Herlea, Jasvir Nagra, and Brecht Wyseur. “Towards a Formal Model for Software Tamper Resistance”. Work in progress, 16 pages, 2009.Google Scholar
  5. Boris Balacheff, Liqun Chen, Siani Pearson, David Plaquin, Graeme Proudler, “Trusted Computing Platforms: TCPA Technology in Context”, Prentice Hall, 2002.Google Scholar
  6. Jan Cappaert, Bart Preneel, Bertrand Anckaert, Matias Madou, and Koen De Bosschere, “Towards Tamper Resistant Code Encryption: Practice and Experience”, In Information Security Practice and Experience, 4th International Conference, ISPEC 2008, Lecture Notes in Computer Science 4991, L. Chen, Y Mu, and W Susilo (eds.), Springer-Verlag, pp. 86-100, 2008.Google Scholar
  7. Mariano Ceccato, Mila Dalla Preda, Anirban Majumdar, Paolo Tonella. “Remote software protection by orthogonal client replacement”. In Proceedings of the 24th ACM Symposium on Applied Computing. ACM, March 2009Google Scholar
  8. K. Compton and S. Hauck, “Reconfigurable computing: A survey of systems and software,” ACM Computing Surveys, vol. 34, no. 2, pp. 171–210, 2002.CrossRefGoogle Scholar
  9. Jonathon T Giffm, Mihai Christodorescu, and Louis Kruger. "Strengthening Software Self-Checksum-ming via Self-Modifying Code,” In Proceedings of the 21st Annual Computer Security Applications Conference (ACSAC 2005), pages 23-32, Washington, DC, USA, 2005. IEEE Computer Society.Google Scholar
  10. Bill Horne, Lesley R. Matheson, Casey Sheehan, and Robert Endre Tarjan. “Dynamic self-checking techniques for improved tamper resistance.” In DRM ’01: Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management, pages 141-159, London, UK, 2002. Springer-Verlag.Google Scholar
  11. Paul C. Van Oorschot, Anil Somayaji, and Glenn Wurster. “Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance,” In IEEE Transactions on Dependable and Secure Computing, 2(2), pp. 82-92, 2005.CrossRefGoogle Scholar
  12. G. Picco, “Understanding code mobility,” in Proceedings of the 2000 International Conference on Software Engineering, 2000., 2000, pp. 834–834.Google Scholar
  13. Vaclav T Rajlich and Keith H. Bennett. “A Staged Model for the Software Life Cycle”. IEEE Software, 33(7):66–71, July 2000.Google Scholar
  14. Amitabh Saxena, Brecht Wyseur, and Bart Preneel, “Towards Security Notions for White-Box Cryptography,” In Information Security – 12th International Conference, ISC 2009, Lecture Notes in Computer Science, Springer-Verlag, 18 pages, 2009.Google Scholar
  15. Dries Schellekens, Brecht Wyseur, and Bart Preneel, “Remote Attestation on Legacy Operating Systems with Trusted Platform Modules,”. in Science of Computer Programming 74(1-2), pp. 13-22, 2008.MATHCrossRefGoogle Scholar
  16. Arvind Seshadri, Mark Luk, Elaine Shi, Adrian Perrig, Leendert van Doorn, and Pradeep K. Khosla. “Pioneer: Verifying Code Integrity and Enforcing Untampered Code Execution on Legacy Systems,” in Proceedings of the 20th ACM Symposium on Operating Systems Principles 2005 (SOSP 2005), pages 1–16. ACM Press, 2005.Google Scholar
  17. Claes Wohlin, Per Runeson, Martin Höst, Magnus C. Ohlsson, Bjöorn Regnell, Anders Wesslén. “Experimentation in Software Engineering: an Introduction”. The Kluwer International Series In Software Engineering, 2000.Google Scholar
  18. Brecht Wyseur, “White-Box Cryptography,” PhD thesis, Katholieke Universiteit Leuven, Bart Preneel (promotor), 169+32 pages, 2009.Google Scholar

Copyright information

© Vieweg+Teubner | GWV Fachverlage GmbH 2010

Authors and Affiliations

  • Brecht Wyseur
    • 1
  1. 1.Department of Electrical Engineering ESAT / COSIC-IBBTKatholieke Universiteit LeuvenHeverleeBelgium

Personalised recommendations