Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Related Work
Conclusion and Future Work
References
All Topics
Law
Intellectual Property Law

Algorithmic Information Theory for Obfuscation Security

Profile image of Rabih MohsenRabih Mohsen

2015, Proceedings of the 12th International Conference on Security and Cryptography

https://doi.org/10.5220/0005548200760087
visibility

description

12 pages

link

1 file

Abstract

The main problem in designing effective code obfuscation is to guarantee security. State of the art obfuscation techniques rely on an unproven concept of security, and therefore are not regarded as provably secure. In this paper, we undertake a theoretical investigation of code obfuscation security based on Kolmogorov complexity and algorithmic mutual information. We introduce a new definition of code obfuscation that requires the algorithmic mutual information between a code and its obfuscated version to be minimal, allowing for controlled amount of information to be leaked to an adversary. We argue that our definition avoids the impossibility results of Barak et al. and is more advantageous then obfuscation indistinguishability definition in the sense it is more intuitive, and is algorithmic rather than probabilistic.

Related papers

How to use indistinguishability obfuscation
Amit Sahai

Proceedings of the forty-sixth annual ACM symposium on Theory of computing, 2014

We introduce a new technique, that we call punctured programs, to apply indistinguishability obfuscation towards cryptographic problems. We use this technique to carry out a systematic study of the applicability of indistinguishability obfuscation to a variety of cryptographic goals. Along the way, we resolve the 16-year-old open question of Deniable Encryption, posed by Canetti, Dwork, Naor, and Ostrovsky in 1997: In deniable encryption, a sender who is forced to reveal to an adversary both her message and the randomness she used for encrypting it should be able to convincingly provide "fake" randomness that can explain any alternative message that she would like to pretend that she sent. We resolve this question by giving the first construction of deniable encryption that does not require any pre-planning by the party that must later issue a denial. In addition, we show the generality of our punctured programs technique by also constructing a variety of core cryptographic objects from indistinguishability obfuscation and one-way functions (or close variants). In particular we obtain: public key encryption, short "hash-and-sign" selec-

View PDFchevron_right
Computation-Trace Indistinguishability Obfuscation and its Applications
Wei-Kai Lin

IACR Cryptol. ePrint Arch., 2015

We introduce a new, instance-based notion of indistinguishability obfuscation, called computation-trace indistinguishability obfuscation (CiO), for (parallel) RAM computation. CiO only obfuscates a fixed, single computation instance, as opposed to iO which obfuscates a function on all input instances. Specifically, for Π defined by (P, x) consisting of a (parallel) RAM program P and an input x, the obfuscations of two instances Π and Π′ are required to be indistinguishable only when the execution of Π and Π′ generate an identical computation trace; namely, identical sequences of CPU states and memory content. On the other hand, we require the obfuscation to be (i) fully succinct: the runtime of the obfuscator (and thus the size of the obfuscated instance) depends only on the description and input/output size of Π, but is independent of the time and space complexities of Π, and (ii) efficiency preserving: the obfuscated instance is a (parallel) RAM program that preserves parallel/tot...

View PDFchevron_right
Program obfuscation
Bruno De Bus

Proceedings of the 2007 ACM workshop on Quality of protection - QoP '07, 2007

Despite the recent advances in the theory underlying obfuscation, there still is a need to evaluate the quality of practical obfuscating transformations more quickly and easily. This paper presents the first steps toward a comprehensive evaluation suite consisting of a number of deobfuscating transformations and complexity metrics that can be readily applied on existing and future transformations in the domain of binary obfuscation. In particular, a framework based on software complexity metrics measuring four program properties: code, control flow, data and data flow is suggested. A number of well-known obfuscating and deobfuscating transformations are evaluated based upon their impact on a set of complexity metrics. This enables us to quantitatively evaluate the potency of the (de)obfuscating transformations.

View PDFchevron_right
An Information Obfuscation Calculus for Encrypted Computing
Peter Breuer

IACR Cryptol. ePrint Arch., 2019

Relative cryptographic semantic security for encrypted words of user data at runtime holds in the emerging field of encrypted computing, in conjunction with an appropriate instruction set and compiler. An information obfuscation calculus for program compilation in that context is introduced here that quantifies the security exactly, improving markedly on the result.

View PDFchevron_right
A family of experiments to assess the effectiveness and efficiency of source code obfuscation techniques
mariano ceccato, Paolo Falcarin

Context: code obfuscation is intended to obstruct code understanding and, eventually, to delay malicious code changes and ultimately render it uneconomical. Although code understanding cannot be completely impeded, code obfuscation makes it more laborious and troublesome, so as to discourage or retard code tampering. Despite the extensive adoption of obfuscation, its assessment has been addressed indirectly either by using internal metrics or taking the point of view of code analysis, e.g., considering the associated computational complexity. To the best of our knowledge, there is no publicly available user study that measures the cost of understanding obfuscated code from the point of view of a human attacker. Aim: this paper experimentally assesses the impact of code obfuscation on the capability of human subjects to understand and change source code. In particular, it considers code protected with two well-known code obfuscation techniques, i.e., identifier renaming and opaque predicates. Method: We have conducted a family of five controlled experiments, involving undergraduate and graduate students from four Universities. During the experiments, subjects had to perform comprehension or attack tasks on decompiled clients of two Java network-based ap-2 plications, either obfuscated using one of the two technique, or not. To assess and compare the obfuscation techniques, we measured the correctness and the efficiency of the performed task.

View PDFchevron_right
Capturing the Essence of Practical Obfuscation
Jeffrey McDonald

Communications in Computer and Information Science

In the realm of protecting programs from illegitimate use, obfuscation offers a modicum of defense against malicious reverse engineering and tampering. As a field of study, obfuscation would benefit from a unifying framework that has solid theoretical foundation yet provides value in empirical study and implementation. The essence of obfuscation (in practice) is best described as a measurable loss of abstraction. We argue that mathematical frameworks such as abstract interpretation and Boolean algebras may provide an ideal marriage of theory and practice, providing focused direction for future research.

View PDFchevron_right
Non-malleable Obfuscation
Ran Canetti

Lecture Notes in Computer Science, 2009

Existing definitions of program obfuscation do not rule out malleability attacks, where an adversary that sees an obfuscated program is able to generate another (potentially obfuscated) program that is related to the original one in some way.

View PDFchevron_right
On Perfect Obfuscation: Local Information Geometry Analysis
Behrooz Razeghi

2020 IEEE International Workshop on Information Forensics and Security (WIFS), 2020

We consider the problem of privacy-preserving data release for a specific utility task under perfect obfuscation constraint. We establish the necessary and sufficient condition to extract features of the original data that carry as much information about a utility attribute as possible, while not revealing any information about the sensitive attribute. This problem formulation generalizes both the information bottleneck and privacy funnel problems. We adopt a local information geometry analysis that provides useful insight into information coupling and trajectory construction of spherical perturbation of probability mass functions. This analysis allows us to construct the modal decomposition of the joint distributions, divergence transfer matrices, and mutual information. By decomposing the mutual information into orthogonal modes, we obtain the locally sufficient statistics for inferences about the utility attribute, while satisfying perfect obfuscation constraint. Furthermore, we develop the notion of perfect obfuscation based on χ 2-divergence and Kullback-Leibler divergence in the Euclidean information space.

View PDFchevron_right
Towards Experimental Evaluation of Code Obfuscation Techniques
Paolo Falcarin

Proceedings of the …, 2008

View PDFchevron_right
Lockable Obfuscation
rishab goyal

2017 IEEE 58th Annual Symposium on Foundations of Computer Science (FOCS), 2017

In this paper we introduce the notion of lockable obfuscation. In a lockable obfuscation scheme there exists an obfuscation algorithm Obf that takes as input a security parameter λ, a program P , a message msg and "lock value" α and outputs an obfuscated program P . One can evaluate the obfuscated program P on any input x where the output of evaluation is the message msg if P (x) = α and otherwise receives a rejecting symbol ⊥. We proceed to provide a construction of lockable obfuscation and prove it secure under the Learning with Errors (LWE) assumption. Notably, our proof only requires LWE with polynomial hardness and does not require complexity leveraging. We follow this by describing multiple applications of lockable obfuscation. First, we show how to transform any attribute-based encryption (ABE) scheme into one in which the attributes used to encrypt the message are hidden from any user that is not authorized to decrypt the message. (Such a system is also know as predicate encryption with one-sided security.) The only previous construction due to Gorbunov, Vaikuntanathan and Wee is based off of a specific ABE scheme of Boneh et al. By enabling the transformation of any ABE scheme we can inherent different forms and features of the underlying scheme such as: multi-authority, adaptive security from polynomial hardness, regular language policies, etc. We also show applications of lockable obfuscation to separation and uninstantiability results. We first show how to create new separation results in circular encryption that were previously based on indistinguishability obfuscation. This results in new separation results from learning with error including a public key bit encryption scheme that it IND-CPA secure and not circular secure. The tool of lockable obfuscation allows these constructions to be almost immediately realized by translation from previous indistinguishability obfuscation based constructions. In a similar vein we provide random oracle uninstantiability results of the Fujisaki-Okamoto transformation (and related transformations) from the lockable obfuscation combined with fully homomorphic encryption. Again, we take advantage that previous work used indistinguishability obfuscation that obfuscated programs in a form that could easily be translated to lockable obfuscation.

View PDFchevron_right

References (15)

  1. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sa- hai, A., Vadhan, S., and Yang, K. (2012). On the (im)possibility of obfuscating programs. J. ACM, 59(2):6:1-6:48.
  2. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sa- hai, A., Vadhan, S. P., and Yang, K. (2001). On the (im)possibility of obfuscating programs. IACR Cryp- tology ePrint Archive, 2001:69.
  3. Collberg, C., Thomborson, C., and Low, D. (1997). A Tax- onomy of Obfuscating Transformations.
  4. Gács, P. (1974). On the symmetry of algorithmic information. Soviet Math. Dokl, 15:1477-1480.
  5. Garg, S., Raykova, M., Gentry, C., Sahai, A., Halevi, S., and Waters, B. (2013). Candidate indistinguishability obfuscation and functional encryption for all circuits. In In FOCS.
  6. Gauvrit, N., Zenil, H., and Delahaye, J. (2011). Assess- ing cognitive randomness: A kolmogorov complexity approach. CoRR, abs/1106.3059.
  7. Goldwasser, S. and Rothblum, G. N. (2007). On best- possible obfuscation. In Proceedings of the 4th con- ference on Theory of cryptography, TCC'07, pages 194-213, Berlin, Heidelberg. Springer-Verlag.
  8. Jbara, A. and Feitelson, D. G. (2014). On the effect of code regularity on comprehension. In Proceedings of the 22Nd International Conference on Program Compre- hension, ICPC 2014, pages 189-200, New York, NY, USA. ACM.
  9. Kieffer, J. C. and Yang, E. H. (1996). Sequential codes, lossless compression of individual sequences, and Kol- mogorov complexity. IEEE Trans. on Information Theory, 42(1):29-39.
  10. Lathrop, J. I. (1997). Compression depth and the behavior of cellular automata. Complex Systems.
  11. Li, M. and Vitányi, P. M. (2008). An Introduction to Kol- mogorov Complexity and Its Applications. Springer Publishing Company, Incorporated, 3 edition.
  12. McCabe, T. J. (1976). A complexity measure. IEEE Trans. Software Eng., 2(4):308-320.
  13. Shen, A. (1982). Axiomatic description of the entropy notion for finite objects. VIII All-USSR Conference (Logika i metodologija nauki),Vilnjus, pages 104 -105. The paper in Russian.
  14. Shen, A., Uspensky, V., and Vereshchagin, N. (2014). Kol- mogorov complexity and algorithmic randomness. MC- CME Publishing house.
  15. Taveneaux, A. (2011). Towards an axiomatic system for kolmogorov complexity. Electronic Colloquium on Computational Complexity (ECCC), 18:14.

Related papers

On the (im)possibility of obfuscating programs
Steven Rudich

Journal of the ACM, 2012

Informally, an obfuscator O is an (efficient, probabilistic) "compiler" that takes as input a program (or circuit) P and produces a new program O(P ) that has the same functionality as P yet is "unintelligible" in some sense. Obfuscators, if they exist, would have a wide variety of cryptographic and complexity-theoretic applications, ranging from software protection to homomorphic encryption to complexity-theoretic analogues of Rice's theorem. Most of these applications are based on an interpretation of the "unintelligibility" condition in obfuscation as meaning that O(P ) is a "virtual black box," in the sense that anything one can efficiently compute given O(P ), one could also efficiently compute given oracle access to P .

View PDFchevron_right
On Best-Possible Obfuscation
Jonathan Katz

Journal of Cryptology, 2013

An obfuscator is a compiler that transforms any program (which we will view in this work as a boolean circuit) into an obfuscated program (also a circuit) that has the same input-output functionality as the original program, but is "unintelligible". Obfuscation has applications for cryptography and for software protection. Barak et al. (CRYPTO 2001, pp. 1-18, 2001) initiated a theoretical study of obfuscation, which focused on black-box obfuscation, where the obfuscated circuit should leak no information except for its (black-box) input-output functionality. A family of functionalities that cannot be obfuscated was demonstrated. Subsequent research has showed further negative results as well as positive results for obfuscating very specific families of circuits, all with respect to black box obfuscation. This work is a study of a new notion of obfuscation, which we call best-possible obfuscation. Best possible obfuscation makes the relaxed requirement that the obfuscated program leaks as little information as any other program with the same functionality (and of similar size). In particular, this definition allows the program to leak information that cannot be obtained from a black box. Best-possible obfuscation guarantees that any information that is not hidden by the obfuscated program is also not hidden by any other similar-size program computing the same functionality, and thus the obfuscation is (literally) the best possible. In this work we study best-possible obfuscation and its relationship to previously studied definitions. Our main results are: (1) A separation between blackbox and best-possible obfuscation. We show a natural obfuscation task that can be

View PDFchevron_right
Quantitative measures for code obfuscation security
Rabih Mohsen

2016

In this thesis we establish a quantitative framework to measure and study the security of code obfuscation, an effective software protection method that defends software against malicious reverse engineering. Despite the recent positive result by Garg et al.[ GGH+13] that shows the possibility of obfuscating using indistinguishability obfuscation definition, code obfuscation has two major challenges: firstly, the lack of theoretical foundation that is necessary to define and reason about code obfuscation security; secondly, it is an open problem whether there exists security metrics that measure and certify the current state-of-the-art of code obfuscation techniques. To address these challenges, we followed a research methodology that consists of the following main routes: a formal approach to build a theory that captures, defines and measures the security of code obfuscation, and an experimental approach that provides empirical evidence about the soundness and validity of the propo...

View PDFchevron_right
On Perfect Correctness in (Lockable) Obfuscation
rishab goyal

Theory of Cryptography, 2020

In a lockable obfuscation scheme [GKW17a, WZ17] a party takes as input a program P , a lock value α, a message msg and produces an obfuscated program P . The obfuscated program can be evaluated on an input x to learn the message msg if P (x) = α. The security of such schemes states that if α is randomly chosen (independent of P and msg), then one cannot distinguish an obfuscation of P from a "dummy" obfuscation. Existing constructions of lockable obfuscation achieve provable security under the Learning with Errors assumption. One limitation of these constructions is that they achieve only statistical correctness and allow for a possible one-sided error where the obfuscated program could output the msg on some value x where P (x) = α. In this work we motivate the problem of studying perfect correctness in lockable obfuscation for the case where the party performing the obfuscation might wish to inject a backdoor or hole in the correctness. We begin by studying the existing constructions and identify two components that are susceptible to imperfect correctness. The first is in the LWE-based pseudo-random generators (PRGs) that are non-injective, while the second is in the last level testing procedure of the core constructions. We address each in turn. First, we build upon previous work to design injective PRGs that are provably secure from the LWE assumption. Next, we design an alternative last level testing procedure that has additional structure to prevent correctness errors. We then provide surgical proof of security (to avoid redundancy) that connects our construction to the construction by Goyal, Koppula, and Waters (GKW) . Specifically, we show how for a random value α an obfuscation under our new construction is indistinguishable from an obfuscation under the existing GKW construction.

View PDFchevron_right
Software obfuscation on a theoretical basis and its implementation
Masakazu Soshi, Atsuko Miyaji

IEICE Transactions on Fundamentals, Vol.E86-A

Software obfuscation is a promising approach to protect intellectual property rights and secret information of software in untrusted environments. Unfortunately previous software obfuscation techniques share a major drawback that they do not have a theoretical basis and thus it is unclear how effective they are. Therefore we propose new software obfuscation techniques in this paper. The techniques are based on the difficulty of interprocedural analysis of software programs. The essence of our obfuscation techniques is a new complexity problem to precisely determine the address a function pointer points to in the presence of arrays of function pointers. We show that the problem is NP-hard and the fact provides a theoretical basis for our obfuscation techniques. Furthermore, we have already implemented a prototype tool that obfuscates C programs according to our proposed techniques and in this paper we describe the implementation and discuss the experiments results.

View PDFchevron_right

Related topics

  • Computer Science
  • Intellectual Property Protection
  • Code Obfuscation
    • 580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved