Ever since software was first introduced, developers and crackers, product inventors and pirates, solid infrastructure builders and hackers have been engaged in an arms race. Regardless of where one stands in the debate between homegrown solutions and specialized technologies, conventional software protection often relies on the principle of “security through obscurity”. According to this principle, the security of a system is fundamentally tied to the secrecy of the protection mechanisms that are shielding it from attacks.
In 1883, Auguste Kerckhoffs published two articles in the Journal des sciences militaires, in which he surveyed the military ciphers of the time and proposed six principles for the design of new ciphers. Some of those principles were dependent on the technology available at the time, but one principle, known as Kerckhoffs’ Principle, is still valid today and has fundamentally shaped the mindset of modern cryptography (translated from the French):
The system should not require secrecy, and it must not be a problem if it falls into enemy hands
Kerckhoffs’ Principle provides a revolutionary approach to software protection, yet little work has been done to demonstrate its efficacy or practical business applications.
Blurry Box Cryptography
At its core, Blurry Box is based on the assumption that a hacker lacks the domain knowledge necessary to create a software product. The main idea is to split the program code into small pieces to make it practically infeasible to retrieve all pieces by running the code. The hacker’s lack of domain knowledge prevents him from creating additional pieces on his own. The following sequence describes the protection mechanisms of the Blurry Box scheme:
Each variant is encrypted with a different key, known as the variant key, using the Advanced Encryption Standard (AES). Each variant key is encrypted with a secret key stored on the dongle. During each program execution, only the variants that correspond to the current set of input are decrypted. The hacker can only see the parts of the program code that correspond to previous input values.
Up to now, the scheme described above can be trivially broken by simply decrypting one variant after another using the dongle. To prevent such a trivial attack, traps are introduced. Traps contain special variant keys that, when decrypted, force the dongle to lock itself, invalidating the license. Of course, during normal program execution, traps are never decrypted.
You can find the complete article about Blurry Box Encryption Scheme and Why it Matters to Industrial IoT in the Industrial Internet Consortium Journal of Innovation.
German IT Security Prize
©2017 WIBU-SYSTEMS AG
Blurry Box® is a registered trademark of WIBU-SYSTEMS AG.