-1

Person A owns a server (in particular, an Amazon EC2 instance).

I have to upload a binary (written in C++) onto this server which periodically receives data from a third party server, and then periodically and strategically sends HTTP requests to some other third party server.

These strategically-sent HTTP requests ultimately generate financial gain, which will be shared between Person A and myself.

I wrote the source code of the binary, which contains a number of trade secrets.

For various reasons, the binary has to be run on Person A's server (and not my own).

Thus, I want to ensure 2 things:

1) That Person A cannot somehow reverse engineer the binary to obtain the aforementioned trade secrets.

2) That Person A cannot copy this binary and run it by himself in perpetuity.

If I'm unable to ensure both of these things, then Person A would be able to cut me out of the process, allowing Person A to reap the entirety of the financial gain himself.

The financial gain may be very large, so it's possible that Person A may be willing to expend a lot of time and resources to do this.

Any thoughts on how to accomplish what I described above? Thanks so much!

galpo
  • 183
  • 1
  • 7
  • 1
    There is no way to prevent a skilled person from reverse engineering. My best advice is to buy a paid product to attempt to make the task more difficult. – drescherjm Nov 26 '19 at 20:43
  • 1
    Migrate your "Trade Secret" business logic from a module to a hosted service, removing the capability of decompilation and reverse engineering... just an idea. Logically, if you're making money off of the product, why are you not paying to protect your investment? Moreover, other than not distributing it, there is no definitive way to divert maliciousness... – Trae Moore Nov 26 '19 at 20:54
  • 1
    that doesnt sound like you have a good professional relationship with Person A but rather something based on distrust, perhaps reevaluate the various reasons to work with them ;) – 463035818_is_not_an_ai Nov 26 '19 at 21:03
  • Realistically, how much time is required for a skilled person to reverse engineer a complex program and make some logical sense of the output (I know that's a vague question)? The hosted service is a good idea, but the problem is that the application is very latency-sensitive, so there are performance issues with that solution. – galpo Nov 26 '19 at 22:58

3 Answers3

2

Buy your own EC 2 instance.

Break your program into two pieces, a stub and a server.

The stub connects to the server and relays requests, the sever makes the decisions, and the stub responds.

If the server is taken down, the stub won't work; it has no significant IP.

Yakk - Adam Nevraumont
  • 262,606
  • 27
  • 330
  • 524
  • Technically, OP is still vulnerable to Amazon reverse engineering / pirating their binary. – eerorika Nov 26 '19 at 21:40
  • Thanks for the suggestion. The problem in my case is that the program is very latency-sensitive. Information would have to be relayed from the stub to the server and vice versa, which would take a non-trivial amount of time. – galpo Nov 26 '19 at 22:46
2

If it were only data that you store on the untrusted server, solution would be simple: encryption (although, the A would have ample opportunity to attempt cracking the encryption, which would have to be taken into consideration when choosing the strength of said encryption).

But you want A to be able to execute the "secret" program, which makes the problem harder. To summarise what you're asking:

  1. How do I prevent reverse engineering?
  2. How do I do prevent software piracy? In other words: How to implement copy protection?

These are sort of related. If A successfully reverse engineers your program, then they should be able to create a "tampered" version that avoids any copy protection scheme that you attempt to employ.

There is no way to prevent A - or rather A's CPU - from seeing exactly what the program does. These tasks are theoretically impossible to achieve. See for example On the (Im)possibility of Obfuscating Programs (Barak, 2001) for theoretical analysis.

The best that you can achieve through obfuscation is to make it (more or less) harder to reverse engineer. There is plenty of research into obfuscation techniques; I'm sure that you can find a book or two about the subject.

If it is an option to require the program to have access to the internet, then you could have the distributed binary be a hollow shell without any trade secrets. The trade secrets could then be stored on your own server, and the distributed binary could make requests to that trusted server which does the secret thing and responds with the result.

This of course has performance implications as well as responsibility of maintaining your own public server.

If your secrets are valuable enough, you might not want to trust a cloud provider to host the server - safer to buy your own hardware. Then again, how much do you trust Intel? It could be even safer to design your own CPU. Then again, how much do you trust your own engineers...

eerorika
  • 232,697
  • 12
  • 197
  • 326
  • Thanks for your input! The issue with storing the trade secrets on my own server are the performance implications - this application is extremely latency sensitive. On the first part of your answer, while it's impossible to prevent A's CPU to see the instructions the program executions, realistically speaking how easy would it be for A to make any sense of those instructions, assuming the binary is fairly complex in nature? – galpo Nov 26 '19 at 22:54
0

I didn't study this in detail but at first sight it looks like solution: Software Guard Extensions

Rado
  • 1
  • 2