| CPC G06F 8/447 (2013.01) [G06F 8/433 (2013.01); G06F 21/602 (2013.01); H04L 9/0662 (2013.01)] | 16 Claims |
|
1. A method of protecting a computer program against side-channel attacks, the method comprising:
receiving input source code of the computer program, the source code comprising code instructions of the computer program;
generating a graph structure representative of the code instructions, the graph structure comprising nodes representative of portions of the code instructions and links representative of dependencies between the portions of the code instructions, wherein the nodes can be traversed in a plurality of orders without invalidating the dependencies between the portions of the code instructions;
constructing a plurality of function definitions based on the graph structure, each function definition is configured to execute one or more nodes of the graph structure and each node of the graph structure is executable by one or more function definitions;
transforming the input source code into transformed source code based on combining the graph structure and the plurality of function; and
wherein the method further comprising:
identifying portions of the code instructions and constructing the nodes based on the identified portions of the code instructions;
for each code instruction, identifying dependencies between a respective portion of the code instructions based on inputs into and outputs from the respective portion of the code instructions;
generating the links based on the identified dependencies;
merging subsets of the nodes based on the dependencies between each subset of the nodes;
appending the portions of the code instructions represented by at least a first node of the subset to the code instructions represented by at least a second node of the subset;
removing the at least the second node from the graph structure; and
updating the graph structure based on the merge.
|