System for executing encrypted Java programs

Michael Kiperberg, Amit Resh, Asaf Algawi, Nezer J. Zaidenberg

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

An important aspect of protecting software from attack, theft of algorithms, or illegal software use, is eliminating the possibility of performing reverse engineering. One common method to deal with these issues is code obfuscation. However, it is proven to be ineffective. Code encryption is a much more effective means of defying reverse engineering, but it requires managing a secret key available to none but the permissible users. Adequate systems for managing secret keys in a protected trust-zone and supporting execution of encrypted native code have been proposed in the past. Nevertheless, these systems are not suitable as is for protecting managed code. In this paper we propose enhancements to these systems so they support execution of encrypted Java programs that are resistant to reverse engineering. The main difficulty underlying Java protection with encryption is the interpretation that is performed by the JVM. The JVM will require the key to decrypt the encrypted portions of Java code and there is no feasible way of securing the key inside the JVM. To solve this, the authors propose implementing a Java bytecode interpreter inside a trust-zone, governed by a thin hypervisor. This interpreter will run in parallel to the standard JVM, both cooperating to execute encrypted Java programs.

Original languageEnglish
Title of host publicationICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy
EditorsPaolo Mori, Steven Furnell, Olivier Camp
Pages245-252
Number of pages8
ISBN (Electronic)9789897582097
DOIs
StatePublished - 2017
Externally publishedYes
Event3rd International Conference on Information Systems Security and Privacy, ICISSP 2017 - Porto, Portugal
Duration: 19 Feb 201721 Feb 2017

Publication series

NameICISSP 2017 - Proceedings of the 3rd International Conference on Information Systems Security and Privacy
Volume2017-January

Conference

Conference3rd International Conference on Information Systems Security and Privacy, ICISSP 2017
Country/TerritoryPortugal
CityPorto
Period19/02/1721/02/17

Keywords

  • Hypervisor
  • Java
  • Remote Attestation
  • Trusted Computing
  • Virtualization

Fingerprint

Dive into the research topics of 'System for executing encrypted Java programs'. Together they form a unique fingerprint.

Cite this