N-Version Obfuscation: Impeding Software Tampering Replication with Program Diversity

TL;DR

This paper introduces N-version obfuscation, a method to enhance software tamper-resistance by deploying functionally nonequivalent copies, thereby increasing the complexity for attackers and impeding tampering replication.

Contribution

It formally defines N-version obfuscation and demonstrates its effectiveness in increasing tampering difficulty through a scalable, linear complexity approach.

Findings

Breaking a software system becomes linearly more difficult with more versions.

N-version obfuscation effectively impedes tampering replication.

The approach increases security without significant performance overhead.

Abstract

Tamper-resistance is a fundamental software security research area. Many approaches have been proposed to thwart specific procedures of tampering, e.g., obfuscation and self-checksumming. However, to our best knowledge, none of them can achieve theoretically tamper-resistance. Our idea is to impede the replication of tampering via program diversification, and thus increasing the complexity to break the whole software system. To this end, we propose to deliver same featured, but functionally nonequivalent software copies to different machines. We formally define the problem as N-version obfuscation, and provide a viable means to solve the problem. Our evaluation result shows that the time required for breaking a software system is linearly increased with the number of software versions, which is O(n) complexity.