Proof of code execution

Question

Is there a way to prove, I mean technically and legally prove, that a piece of code has been ran at a certain time on a computer ?

I think this could be achieved by involving cryptographic techniques like checksums and trusted timestamps, what do you think ?

Just to clear something up: Do you want it to show if it run in history or do you want to check it in the future? — Dave, Oct 01 '14 at 11:23
This question appears to be off-topic because it is not about programming. — Eugene Mayevski 'Callback, Oct 01 '14 at 18:56
@Dave If I understand correctly your question, I want it to show if it has been ran in history. — Silas, Oct 02 '14 at 12:20
@Silas ahh alright, thought so already. I'm sorry in that case I have no idea how to do it — Dave, Oct 02 '14 at 12:22
@Alex K. What do you call an identifiable/auditable output? Currently the process generate an unique ID for each output, I don't know if this what you mean. — Silas, Oct 02 '14 at 12:22
@EugeneMayevski'EldoSCorp Sorry if the question is off-topic. I thought there might be a way to build a technical proof with programming tips, among other things. — Silas, Oct 02 '14 at 12:29

score 1 · Answer 1 · answered Oct 01 '14 at 11:39

Technically, the question is if you prepare the computer beforehand for this task or not and also how strictly you define a "piece of code", as two programs can yield the same executed instruction sequence due to branches.

In a lose definition of "piece of code", if you prefer the computer beforehand, you could create a virtual machine that creates a history of executed instructions (or alternatively and space saving, the executed programs) and send this history in real time using public key cryptography to a trusted machine, the "history keeper", which marks the history stream with time stamps. For a lower security level you could also save that history locally, outside the content accessible from users inside the virtual machine. While there are still possibilities of tampering (e.g. compromising the virtual machine), in a company where the virtual machine startup is reasonably secured (no usable USB ports, BIOS locked, boot sequence not changeable using "save mode" or something, workers are under supervision so they can't modify the hardware and remove/switch components), this would not give you 100% security but work reasonably well for many cases.

Legally, it depends on the jurisdiction and the circumstances. At least in Germany and the U.S.A., criminal law needs a much higher certainty then civil law, so I would assume that enough for a civil law process but depending on the circumstances for a criminal law one.

Interesting. Let me be more specific. Imagine a software that produces reports containing very sensitive datas. These reports are signed and timestamped by trusted authorities. However, in order to produce valid reports, this software **MUST** proceed to a lot of pre-processing operations. The point here is to prove that those operations have been made, and that a _particular_ binary has been executed at a _particular_ time to generate a _particular_ report. In other words, there is a need to bond the software with the reports it generates. I don't know if it's really possible. — Silas, Oct 02 '14 at 12:36
Sure, just add the report file to the history along with the programs or instructions in my virtual machine suggestion. — Konrad Höffner, Oct 02 '14 at 13:33
Hmm, in that case, why should one trust the "history keeper" machine ? Isn't that a "chicken and egg" problem ? :) — Silas, Oct 02 '14 at 17:10
No, because the history keeper is your own machine in your own room that only you access while the other machines are used by the workers. — Konrad Höffner, Oct 03 '14 at 09:52

Proof of code execution

1 Answers1