TETRACOM: Technology Transfer in Computing Systems FP7 Coordination and support action to fund 50 technology transfer projects (TTP) in computing systems. FP7 Coordination and Support Action to fund 50 technology transfer projects (TTP) in computing systems. This project has received funding from the European Union’s Seventh Framework Programme for research, This project has received funding from the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement n⁰ 609491. technological development and demonstration under grant agreement n⁰ 609491. Software protection of native Android libraries Bjorn De Sutter, Koen De Bosschere, Ghent University, Belgium Samsung Research, United Kingdom TTP Problem • relatively open platform, mostly running ARM / x86 processors • used for smartphones, tablets, TVs • customization and apps added by the device vendor 1.Native libraries provide security-critical and performance-critical functionality 2.So protection is needed against reverse engineering and tampering 3.Open source compilers are used in Android NDK (LLVM, gcc) TTP Solution • Link-time rewriting framework • Used for many code rewriting applications • Compatible with open source compilers • Supports multiple architectures, incl. x86 & ARM • More than a decade of research source code #include <stdio.h> int#include main(int <stdio.h> argc, char **argv) { #include <stdio.h> int main(int argc, char **argv) { printf(“hello, world!\n”); #include <stdio.h> int main(int argc, char **argv) { printf(“hello, world!\n”); } int main(int argc, char **argv) { printf(“hello, world!\n”); } printf(“hello, world!\n”); } } gcc / llvm object files 00100100111101 11100011001011010010101010010101 00100100111101 00100100111101 01010110101010101010101010101010 111000110010110100101010100101010 00100100111101 11100011001011010010101010010101 10101010101010110101010010101010 101011010101010101010101010101010 11100011001011010010101010010101 01010110101010101010101010101010 10 10101010101011010101001010101010 01010110101010101010101010101010 10101010101010110101010010101010 10 10101010101010110101010010101010 10 ld & obfuscated executable before the project: after the project: • statically linked binaries • • • statically linked binaries dynamically linked binaries dynamically linked libraries • x86 and ARMv4 • x86 and ARMv7 (incl. Thumb2) • C & Fortran • • C & Fortran C++ (incl. exceptions) • • GCC 3.2.2/4.3.6 Linux only • • • GCC 4.8.1 LLVM 3.4 Android 4.3 (NDK API-level 18) • x86 software protection • x86 & ARM software protection _ 111000110010110100101010100101010101 011010101010101010101010101010101010 101010110101 111000110010110100101010100101010101 011010101010101010101010101010 TTP Facts Contact: Bjorn De Sutter E-mail: [email protected] TETRACOM contribution: 25,000 EUR Duration: 06/01/2014-31/09/2014 TETRACOM coordinator: Prof. Rainer Leupers, [email protected] http://www.tetracom.eu | @TetracomProject