Browse Prior Art Database

Server-based testing of the authenticity of a client app using an executable challenge

IP.com Disclosure Number: IPCOM000240532D
Publication Date: 2015-Feb-05
Document File: 3 page(s) / 190K

Publishing Venue

The IP.com Prior Art Database

Abstract

Server-based testing of the authenticity of a client app using an executable challenge

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 44% of the total text.

Page 01 of 3

Server-based testing of the authenticity of a client app using an executable challenge

There is a need for servers to perform verification on their client applications, to ensure that the running client code is legitimate and has not been modified (e.g. to steal credentials, make premium rate calls/SMSes, steal high value transactions, etc) before allowing it to connect to the server.

   Since the code under attack is remote to the server, it is impossible to guarantee that the code has not been modified, however it should be possible to make it sufficiently difficult that the cost of impersonating the genuine application is many orders of magnitude higher than the potential value gained by doing so, even on a mass scale.

   Modern mobile applications rely on "App Stores"to ensure that trusted code runs on the mobile platform, verifying the code integrity via code signing mechanisms. The safeguards involved can be bypassed by a malicious attacker, and it is also common for mobile device owners to "jailbreak" their device and remove the protection granted by the provider. Thus, even when an application on a mobile device claims to a server that it has been signed, the server has no real assurance that the application has truly been verified and that an attacker has not manipulated it.

   Similar work to that documented in this disclosure has been carried out by the University of Minnesota (footnote1: http://www-users.cs.umn.edu/~vkher/papers/2005_shaneck_kmahad_vkher_kyd.pdf), which describes detection of compromised sensors in a wireless sensor network. That work relies on the client having direct access to the memory content of the hardware on which it is running, which is not the case for code running under mobile operating systems. Thus while the UoM work is a valid solution to the problem, the approach will not work with mobile devices.

    Another piece of existing work in this field is from Carnegie Mellon University ( footnote2: https://sparrow.ece.cmu.edu/group/externally_verifiable_code_execution.html), specifically the "Pioneer"software-based primitive for externally verifiable code execution. Pioneer solves the same problem as the disclosure documented here, but likewise relies on low level access to the client hardware, making use of CPU clock speed and memory latency, which are not available to code running under a mobile operating system. This approach too will not work with mobile devices.

    There remains a need to provide a solution for verification of remote client code while running within the constraints of a mobile operating system on a mobile device. Existing solutions, while valid with a different class of device, cannot be implemented on mobile devices.

   This disclosure describes a system that authenticates the client code by means of a challenge-response protocol based on selective salted checksums of random selections of object code and/or application memory.

   The advantage of using the invention is that it does not rely...