Blackbox system. Secure software on custom host computer

Question

I am looking for a way to build a blackbox system that can securely run my algorithm and that can output data to a user.

The system would be my own custom linux computer that runs my algorithm and that I would give away to the user. Now what I want is that the user can configure the algorithm through some predefined ports and also receives data from a predefined port. However, the user should not be able to see any source code of the algorithm and at best should not be able to copy the program (however this is not my main regard)

What would be the best approach to do this? It does not have to be super un-hackable security (since this is probably impossible). Just some sort of good security that does not make it too straight forward to see and copy the source code.

The hardware is my custom computer that I can configure how I want it. The program does not need to run anywhere else.

C++. Proabably also some python, but this would not be the "to be secured" part. — Marcel_marcel1991, Jul 09 '19 at 17:26
If you want secure, don't give anything to the user. Make it a cloud service that they can upload the data to and then download the result. Total black box that way. — NathanOliver, Jul 09 '19 at 17:27
Since its a real-time critical application a cloud service is not an option. — Marcel_marcel1991, Jul 09 '19 at 17:27
if you are running it a in c++. just use a light weight linux os such as kali os. — Dean Van Greunen, Jul 09 '19 at 17:27

score 1 · Accepted Answer · answered Jul 09 '19 at 17:38

1

Setup your box as follows:

Use a lightweight linux os like Kali Mini OS

Application Setup

Write an application which will load itself into computer memory then delete it's own executable file from the file system. This will provide your base security as you look for.
- self deleting program after execution - Stack Overflow
Write A Pipe (This will allow two or more application to communicate)
- Unix C++ Guide Background Inter Process Communication
- IPC Stack Overflow Question

using the BG IPC (Background Inter Process Communication) you will be able to connect through the piping port through another application to talk to the user.

Application Security (optional)

The application could be self-deleting and self-decrypting.

On Applicaiton Startup, it would require the user to enter a password (to start the app) then it will delete the file from the file system,

Extra Secuirty

The application execuatable could be zero or random byte nulled. this would replace every byte in the executable with a random byte value, before deleting. this will ensure that the file is un-recoverable.

answered Jul 09 '19 at 17:38

Dean Van Greunen

5,060
2
14
28

But the self-deleting program does not work on a restart anymore. Or am I wrong? – Marcel_marcel1991 Jul 09 '19 at 17:45
self-deleting meaning that if the app crashes, or if the computer restarts, then you would need to "re-install" the application and then enter the security password in again as the program has been removed from memory and the executable file would be missing. – Dean Van Greunen Jul 09 '19 at 17:46
This is how some enterprise software I've work with in the past runnings. We would use a flash drive to store the application on, then plug it in, run the app, enter the password, then the flash drive would be formatted/emptied, then we would unplug the flash drive. – Dean Van Greunen Jul 09 '19 at 17:47
this works on linux only, see https://gist.github.com/DeanVanGreunen/a155bfb13d7b68033c0a398e14b3d107 – Dean Van Greunen Jul 27 '19 at 06:54

Blackbox system. Secure software on custom host computer

1 Answers1

Setup your box as follows:

Application Setup

Application Security (optional)

Extra Secuirty