Research Assistants: G. Krishnan, M. Kuhn
Sponsor: COAST Laboratory sponsors
Vendors often find flaws in their software after it has been widely deployed. To remedy these flaws, the vendors must issue patches to the code. By their nature, these patches are widely distributed and implicity contain information about the nature of the flaw being fixed. Thus, the fix itself can be examined by recipients (legitimate and otherwise) so as to exploit it against other users how have not yet installed the pathc. The purpose of this project is to develop methods of safely distributing security-relevant patches to critical systems. It is directed to methods of distributing software patches in such a way that they cannot be reverse-engineered and used against other sites.