Patents by Inventor Cedric Tessier
Cedric Tessier has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9639673Abstract: The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion.Type: GrantFiled: June 17, 2014Date of Patent: May 2, 2017Assignee: Apple Inc.Inventors: Pierre Betouin, Augustin J. Farrugia, Benoit Chevallier-Mames, Bruno Kindarji, Cédric Tessier, Jean-Baptiste Aviat, Mathieu Ciet, Thomas Icart
-
Publication number: 20150363580Abstract: The fake cryptographic layer obfuscation technique can be used to lure an attacker into expending reverse engineering efforts on sections of code the attacker would normally ignore. To do this the obfuscation technique can identify sections of code that are likely to be of lesser interest to the attacker and disguise them as higher value sections. This can be achieved by transforming a lower value section of code to include code patterns, constants, or other characteristics known to exist in sections of code of higher value, such as cryptographic routines. To transform a code section, the obfuscation technique can use one or more program modifications including control flow modifications, constant value adjustments to simulate well-known cryptographic scalars, buffer extensions, fake characteristic table insertion, debug-like information insertion, derivation function-code generation linking, and/or cryptographic algorithm specific instruction insertion.Type: ApplicationFiled: June 17, 2014Publication date: December 17, 2015Inventors: Pierre Betouin, Augustin J. Farrugia, Benoit Chevallier-Mames, Bruno Kindarji, Cédric Tessier, Jean-Baptiste Aviat, Mathieu Ciet, Thomas Icart
-
Patent number: 9047448Abstract: A branch auditing system can be automatically injected into a computer program, in one embodiment, in response to a programming call provided in source code by a programmer who has selected a particular branch, in a set of possible branches, for auditing. The branch auditing system can record, in an obfuscated data structure, a path taken at the particular branch and the parameters associated with the branch and later an auditor can determine whether the path taken was valid, and if the path taken was invalid, operations can be performed to protect the program, system and/or user.Type: GrantFiled: January 14, 2013Date of Patent: June 2, 2015Assignee: Apple Inc.Inventors: Cedric Tessier, Daniel Reynaud, Jean-Baptiste Aviat, Jonathan Gregory McLachlan, Julien Lerouge, Pierre Betouin
-
Publication number: 20140201720Abstract: A branch auditing system can be automatically injected into a computer program, in one embodiment, in response to a programming call provided in source code by a programmer who has selected a particular branch, in a set of possible branches, for auditing. The branch auditing system can record, in an obfuscated data structure, a path taken at the particular branch and the parameters associated with the branch and later an auditor can determine whether the path taken was valid, and if the path taken was invalid, operations can be performed to protect the program, system and/or user.Type: ApplicationFiled: January 14, 2013Publication date: July 17, 2014Applicant: Apple Inc.Inventors: Cedric Tessier, Daniel Reynaud, Jean-Baptise Aviat, Jonathan Gregory McLachlan, Julien Lerouge, Pierre Betouin
-
Patent number: 8756434Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for executing encrypted computer code. A system configured to practice the method receives a request to execute encrypted computer code. In response to the request, the system identifies a portion of the encrypted computer code for execution and decrypts the portion to yield decrypted computer code. Then the system stores the decrypted computer code in a pool of memory and executes the decrypted computer code from the pool of memory. The system can store the decrypted computer code in the pool of memory based on a randomization algorithm so that identical executions of the encrypted computer code result in selections of different available memory locations within the pool of memory. Related portions can be stored non-consecutively in the pool of memory. The pool of memory can store different portions of decrypted computer code over time.Type: GrantFiled: April 8, 2011Date of Patent: June 17, 2014Assignee: Apple Inc.Inventors: Ganna Zaks, Pierre Betouin, Augustin J. Farrugia, Julien Lerouge, Jon McLachlan, Gideon M. Myles, Cédric Tessier
-
Patent number: 8615735Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating a computer program. A system configured to practice the method identifies a set of executable instructions at a first location in an instruction section of the computer program and identifies a second location in a data section of the computer program. Then the system moves the set of executable instructions to the second location and patches references in the computer program to the set of executable instructions to point to the second location. The instruction section of the computer program can be labeled as _TEXT,_text and the data section of the computer program is labeled as _DATA,_data. The set of executable instructions can include one or more non-branching instructions optionally followed by a branching instruction. The placement of the first and second locations can be based on features of a target computing architecture, such as cache size.Type: GrantFiled: May 3, 2011Date of Patent: December 24, 2013Assignee: Apple Inc.Inventors: Jon McLachlan, Ganna Zaks, Julien Lerouge, Pierre Betouin, Augustin J. Farrugia, Gideon M. Myles, Cédric Tessier
-
Publication number: 20120284688Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating a computer program. A system configured to practice the method identifies a set of executable instructions at a first location in an instruction section of the computer program and identifies a second location in a data section of the computer program. Then the system moves the set of executable instructions to the second location and patches references in the computer program to the set of executable instructions to point to the second location. The instruction section of the computer program can be labeled as _TEXT,_text and the data section of the computer program is labeled as _DATA,_data. The set of executable instructions can include one or more non-branching instructions optionally followed by a branching instruction. The placement of the first and second locations can be based on features of a target computing architecture, such as cache size.Type: ApplicationFiled: May 3, 2011Publication date: November 8, 2012Applicant: Apple Inc.Inventors: Jon McLachlan, Ganna Zaks, Julien Lerouge, Pierre Betouin, Augustin J. Farrugia, Gideon M. Myles, Cédric Tessier
-
Publication number: 20120260102Abstract: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for executing encrypted computer code. A system configured to practice the method receives a request to execute encrypted computer code. In response to the request, the system identifies a portion of the encrypted computer code for execution and decrypts the portion to yield decrypted computer code. Then the system stores the decrypted computer code in a pool of memory and executes the decrypted computer code from the pool of memory. The system can store the decrypted computer code in the pool of memory based on a randomization algorithm so that identical executions of the encrypted computer code result in selections of different available memory locations within the pool of memory. Related portions can be stored non-consecutively in the pool of memory. The pool of memory can store different portions of decrypted computer code over time.Type: ApplicationFiled: April 8, 2011Publication date: October 11, 2012Applicant: Apple Inc.Inventors: Ganna Zaks, Pierre Betouin, Augustin J. Farrugia, Julien Lerouge, Jon McLachlan, Gideon M. Myles, Cédric Tessier