pattern match

By Douglas Peterson,2014-11-25 18:04
11 views 0
pattern match

    Security Protection of Software Programs by Information Sharing and Authentication Techniques Using Invisible


    ASCII Control Codes

    1,31,2,;I-Shi Lee and Wen-Hsiang Tsai

    1Department of Computer Science

    National Chiao Tung University, Hsinchu, Taiwan 30010

    2Department of Information Communication

    Asia University, Taichung, Taiwan 41354

    3Department of Management Information

    Technology and Science Institute of Northern Taiwan, Taipei, Taiwan

    Tel: +886-3-5715900 Fax: +886-3-5721490

    E-mails: &

    * This work was supported partially by the NSC project Advanced Technologies and Applications for Next Generation Information Networks (II) Subproject 5: Network Security, No.

    96-2752-E-009-006-PAE and partially by the NSC project No. 96-2422-H-009-001. ; To whom all correspondence should be sent.



    A new method for software program protection by information sharing and authentication techniques using invisible ASCII control codes is proposed. A scheme for sharing a secret

    ++source program written in Visual C among a group of participants, each holding a

    camouflage program to hide a share, is first proposed for safe keeping of the secret program. Only when all the shares hidden in the camouflage programs are collected can the secret program be recovered. The secret program, after being exclusive-ORed with all the camouflage programs, is divided into shares. Each share is encoded next into a sequence of special ASCII control codes which are invisible when the codes are inserted in the comment

    ++++of the Visual C program and viewed in the window of the Microsoft VC editor. These

    invisible codes then are hidden in the camouflage program, resulting in a stego-program for a participant to keep. Each stego-program can still be compiled and executed to perform the original function of the camouflage program. A secret program recovery scheme is also proposed. To enhance security under the assumption that the sharing and recovery algorithms are known to the public, three security measures via the use of a secret random key are also proposed, which not only can prevent the secret program from being recovered illegally without providing the secret key, but also can authenticate the stego-program provided by each participant, during the recovery process, by checking whether the share or the camouflage program content in the stego-program have been tampered with incidentally or intentionally. Experimental results show the feasibility of the proposed method.

    Key words: software program, security protection, source program, information sharing,

    authentication, invisible ASCII control codes, secret program, program sharing,

    camouflage program, stego-program.


    1. Introduction

    Software programs written in various computer languages are important resources of intellectual properties. They need protection from being tampered with. One technique of information protection is information sharing. When applied to software programs, this

    technique means that a secret program is, via a certain sharing scheme, transformed into several copies, called shares. Each share is individually different from the original secret program in appearance, content, and/or function. The secret program cannot be recovered unless the shares are collected and manipulated with a reverse sharing scheme. Such a technique of program sharing may be regarded as one way of secret keeping, which is

    necessary in many software-developing organizations.

    The concept of secret sharing was proposed first by Shamir [1]. By a so-called (k,

    n)-threshold scheme, the idea is to encode a secret data item into n shares for n participants to

    keep, and any k or more of the shares can be collected to recover the original secret, but any (k ; 1) or fewer of them will gain no information about it. A similar scheme, called visual

    cryptography, was proposed by Naor and Shamir [2] for sharing an image. The scheme provides an easy and fast decryption process consisting of xeroxing the shares onto transparencies and stacking them to reveal the original image for visual inspection. This technique has been investigated further in [3-5], though it is suitable for binary images only. Verheul and van Tilborg [6] extended the visual cryptography technique for processing images with small numbers of gray levels or colors. Lin and Tsai [7] proposed a digital version of the visual cryptography scheme for color images with no limit on the number of colors. The n shares obtained from a color image are hidden in n camouflage images which

    may be selected to have well-known contents, like famous characters or paintings, to create additional steganographic effects for security protection of the shares.

    Sharing of software programs in source form has not been studied yet. In this paper, we


    propose a method for this purpose, which is based on the use of some specific ASCII control codes invisible in certain software editors. Invisibility of such ASCII control codes is a finding of this study through a systematic investigation of the visibility of all the ASCII

    ++codes in the window of the Visual C editor of Microsoft Visual Studio .NET 2003, Service

    ++Pack 1 (abbreviated as the VC editor in the sequel). By the use of the logic operation of exclusive-OR, each source program to be shared is transformed into a number of shares, say N ones, which are then hidden respectively into N pre-selected camouflage source

    ach stego-program still can be compiled and programs, resulting in N stego-programs. E

    executed to perform the function of the original camouflage program, and each camouflage program may be selected arbitrarily, thus enhancing the steganographic effect.

    To improve the security protection effect further, we propose additionally an authentication scheme for verifying the correctness of the contents of the stego-programs brought by the participants to join the process of secret program recovery. This is advantageous to prevent any of the participants from accidental or intentional provision of a false or destructed stego-program. The verified contents include the share data and the camouflage program contained in each stego-program. Any “bad” share or camouflage

    program will be identified and picked out in the secret program recovery process. This double capability of authentication is based on the use of certain authentication signals

    embedded in the stego-programs. Each signal is generated from the contents of the share data and the camouflage program content. A third measure proposed to enhance security protection in this study is to prohibit recovery of the secret program with illegally collected

    stego-programs. All of these protection capabilities are carried out with the provision of a secret random key through the use of certain mathematical operations.

    In the remainder of this paper, we describe in Section 2 the finding of the invisible ASCII codes and a scheme of binary data encoding into such codes for use in generating stego-programs. In Section 3, an algorithm describing the proposed source program sharing


    and authentication signal generation schemes is presented, and in Section 4, an algorithm for stego-program authentication and secret source program recovery is described. In Section 5, discussions on and measures for security issues are given. And finally in Section 6, some experimental results are presented, followed by a conclusion in Section 7.

    2. Invisible ASCII Control Codes for Binary Data Encoding

    ASCII codes, usually expressed as hexadecimal numbers, are used very commonly to represent texts for information interchanges on computers. Some of the ASCII codes of 00 through 1F were used as control codes to control computer peripheral devices like printers,

    tape drivers, teletypes, etc. (see Table 1). But now they are rarely used for their original purposes because of the rapid development of new peripheral hardware technologies, except those codes for text display controls, such as 0A and 08 with the meanings of line feed and

    backspace, respectively. It is found in this study that some of the ASCII control codes, when displayed by certain text editors under some OS environments, are invisible. Such

    ASCII codes may be utilized for various secret data hiding purposes [8].

    The finding of such invisible codes resulted from a systematic test of all the ASCII

    ++control codes in the environment of the VC editor of Microsoft Visual Studio .NET 2003,

    Service Pack 1. Four of such codes so found are 1C, 1D, 1E, and 1F, which are invisible in

    ++the comments or character strings of VC programs (see Table 2). Such codes will simply

    be said invisible in subsequent discussions.

    As an illustrative example, in Fig. 1 we show a simple source program in Fig. 1(a) with a short comment “test a file.” In the comment, we inserted consecutively the four codes 1C, 1D, 1E, and 1F between the letters “s” and “t” in the word “test.” Their existences can be

    checked with the text editor UltraEdit 32, as can be seen from Fig. 1(b). But the four codes

    ++are invisible in the VC editor, as can be seen from Fig. 1(a). Such invisibility usually will arouse no suspicion and so achieve a steganographic effect, since, unless necessary, people


    ++will always use the VC editor for program inspection and development. We utilize such an

    “invisibility phenomenon for hiding both share data and authentication signals in source programs in this study, as described in the following.

    Table 1. ASCII control codes and descriptions.

    Dec Hex Char Description Dec Hex Char Description

    0 0 NUL null character 16 10 DLE data link escape

    1 1 SOH start of header 17 11 DC1 device control 1

    2 2 STX start of text 18 12 DC2 device control 2

    3 3 ETX end of text 19 13 DC3 device control 3

    4 4 EOT end of transmission 20 14 DC4 device control 4

    5 5 ENQ enquiry 21 15 NAK negative acknowledge

    6 6 ACK acknowledge 22 16 SYN synchronize

    7 7 BEL bell (ring) 23 17 ETB end transmission block

    8 8 BS backspace 24 18 CAN cancel

    9 9 HT horizontal tab 25 19 EM end of medium

    10 A LF line feed 26 1A SUB substitute

    11 B VT vertical tab 27 1B ESC escape

    12 C FF form feed 28 1C FS file separator

    13 D CR carriage return 29 1D GS group separator

    14 E SO shift out 30 1E RS record separator

    15 F SI shift in 31 1F US unit separator

    Table 2 Invisible character coding table.

    Bit pair Corresponding invisible ASCII code

    00 1C

    01 1D

    10 1E

    11 1F

    For the purpose of program sharing among several participants, after a given secret

    source program is transformed into shares, each share is transformed further into a string of

    the above-mentioned invisible ASCII control codes, which is then embedded into a

    corresponding camouflage source program held by a participant. And for the purpose of


    security protection, authentication signals, after generated, are transformed as well into invisible ASCII control codes before embedded. These two data transformations are based on a binary-to-ASCII mapping proposed in this study, which is described as a table as shown in Table 2, called invisible character coding table by regarding each ASCII code as a character.

    Specifically, after the share and the authentication signal data are transformed into binary strings, the bit pairs 00, 01, 10, and 11 in the strings are encoded into the hexadecimal ASCII control codes 1C, 1D, 1E, and 1F, respectively. To promote security, a secret random key is also used in generating the authentication signal. The details are described in the next section.

(a) A source program with four invisible ASCII control codes inserted in the comment “test a


    Fig. 1 Illustration of invisible ASCII control codes in a comment of a source program.


    (b) The program seen in the window of the text editor UltraEdit with the four ASCII control

    codes visible between the letters “s” and “t” of the word “test” in the comment.

    Fig. 1 Illustration of invisible ASCII control codes in a comment of a source program


    3. Proposed Program Sharing Scheme

    In the sequel, by a program we always mean a source program. A sketch of the proposed

    process for sharing a secret program is described as follows. We assume that the number of participants in the secret program sharing activity is N, and that the input secret random key

    has a value of Y.

     Apply exclusive-OR operations to the contents of the secret program (1) Creating shares ---

    and all the camouflage programs, and divide the resulting string into N segments as

    shares, with the one for the k-th participant to keep being denoted as E. k

    (2) Generating authentication signals --- For each camouflage program P, use the random k


    key value Y to compute two modulo-Y values from the binary values of the contents of P k

    and E, respectively; and concatenate them as the authentication signal A for P. kkk

    (3) Encoding and hiding shares and authentication signals --- Encode E and A respectively kk

    into invisible ASCII control codes by the invisible character coding table (Table 2) and

    hide them evenly at the right sides of all the characters of the comments of camouflage

    program P, resulting in a stego-program for the k-th participant to keep. k

    A detailed algorithm for the above scheme is given in the following. We assume that the length of a program is measured as the number of the ASCII characters in it. Also, given two

    d...d, we ASCII characters C and D, each with 8 bits, denoted as C = cc...c and D = d017017

    define the result of exclusive-ORing the two characters as E = CD = ee...e with e = 017i

    cd for i = 0, 1, ..., 7 where denotes the bitwise exclusive-OR operation. Note that E has ii

    eight bits, too. And given two equal-lengthed character strings S and T, we define the result

    of exclusive-ORing them, U = ST, as that resulting from exclusive-ORing the corresponding characters in the two strings.

    Algorithm 1. Program sharing and authentication.

    Input: (1) a secret program P of length ;; (2) N pre-selected camouflage programs P, P, ..., ss12

    P of lengths ;, ;, ..., ;, respectively; and (3) a secret key which is a random binary N12N

    number Y with length ; (in the unit of bit). Y

    Output: N stego-programs, P', P', ..., P', in each of which a share and an authentication 12N

    signal are hidden.


    Stage 1. Creating shares from the secret program.

    1. Create N + 1 character strings, all of the length ; of P, from the secret program and the ss

    camouflage programs in the following way.


1.1 Scan the characters (including letters, spaces, and ASCII codes) in the secret program

    P line by line, and concatenate them into a character string S. ss

    1.2 Do the same to each camouflage program P, k = 1, 2, ..., N, to create a character k

    string S of length ; (not ;) either by discarding the extra characters in P if ; > ; or kskkks

    by repeating the characters of P at the end of S if ; < ;, when ; ;. kkksks2. Compute the new string E = SSS...S. s12N

    3. Divide E into N segments E, E, ..., E as shares. 12N

    Stage 2. Generating authentication signals from the contents of the shares and the

    camouflage programs.

    4. Generate an authentication signal A for each camouflage program P, k = 1, 2, ..., N, kk

    using the data of S and E as follows. kk

    4.1 Regarding S as a sequence of 8-bit integers with each character in S composed of 8 kk

    bits, compute the sum of the integers, take the modulo-Y value of the sum as A, Sk

    transform A into a binary number, and adjust its length to be ;, the length of the key SYk

    Y, by padding leading 0’s if necessary.

    4.2 Do the same to E to obtain a binary number A with length ;, too. kEYk

    4.3 Concatenate A and A to form a new binary number A with length 2; as the SEkYkk

    authentication signal of P. k

    Stage 3. Encoding and hiding the share data and authentication signals.

    5. For each camouflage program P, k = 1, 2, ..., N, perform the following tasks. k

    5.1 Concatenate the share E and the authentication signal A as a binary string F. kkk

    5.2 Encode every bit pair of F into an invisible ASCII control code according to the k

    invisible coding table (Table 2), resulting in a code string F'. k

    5.3 Count the number m of characters in all the comments of P. k

    5.4 Divide F' evenly into m segments, and hide them in order into P, with each segment kk


Report this document

For any questions or suggestions please email