Blurry Box Encryption Scheme and Why it Matters to Industrial IoT
together cover the entire input range for the original function block, retaining the functionality of the original function block in the protected program. Furthermore, moving the wrapper functions into the dongle does not alter the functionality if inputs are mapped to correct variants, i. e. the variants that compute the correct outputs for the respective input values. If a variant is constructed using an approximation technique, it has to be shown that this approximation is good enough. The approximation error has to be smaller than a given value ε that depends on the application. Due to limited machine accuracy, the original program may already have an approximation error.
An implementation of these mechanisms in protection solutions requires experience with tools to create robust protected applications while avoiding false positives in traps. Decrypted program code is checked with hashes and executed only if these are correct. Restarting and using specified functions needs no preset state.
5. MARKET RELEVANCE, USE CASES, AND INDUSTRIAL APPLICATIONS
Know-how protection is key for keeping Unique Selling Points( USPs) and retaining competitive advantages. Protection against counterfeiting secures revenue streams. Integrity protection reduces liability risks and improves safety for society, human life, and the environment. Innovative business models using software licensing enable new earning and post-sales opportunities.
The protection mechanisms described in this article exceed the standard required by the market, but give manufacturers a clear sense for the effectiveness of a protection solution prior to implementing it. In times of increasing cyberattacks and espionage, as well as smart grids in critical infrastructure and industrial automation systems, preventive protection systems have become more important than ever before.
5.1 PROTECTION AGAINST REVERSE ENGINEERING
Reverse engineering can be used to reveal the algorithms and mechanisms realized through software. Typical tools are disassemblers or de-compilers, including sophisticated tools like IDApro for native code, Reflector with plugins for. NET, and Java de-compilers like JD. In combination with memory dumps of executable code, these tools can analyze executable code. Competitors can use this knowledge to implement the mechanisms in their own software without having to invest major efforts in R & D.
When unscrupulous attackers know the program code, there is also a risk for the data processed by it. Hackers use this knowledge to develop malware and other attacks by detecting weak implementations and security holes.
Mechanisms that can make reverse engineering very difficult include:
1. Code encryption 2. Code duplication
IIC Journal of Innovation- 13-