Ivannikov Institute for System Programming of the RAS


On the concept of software obfuscation in computer security.

Authors

Kuzurin N.N., Shokurov A.V., Varnovskij N.P., Zakharov V.A.

Abstract

Program obfuscation is a semantic-preserving transformation aimed at bringing a program into such a form, which impedes the understanding of its algorithm and data structures or prevents extracting of some valuable information from the text of a program. Since obfuscation could find wide use in computer security, information hiding and cryptography, security requirements to program obfuscators became a major focus of interests for pioneers of theory of software obfuscation. In this paper we also address the issue of defining security of program obfuscation. We argue that requirements to obfuscation may be different and dependent on potential applications. Therefore, it makes sense to deal with a broad spectrum of security definitions for program obfuscation. In this paper we analyze five models for studying various aspects of obfuscation: ``black box" model of total obfuscation, ``grey box" model of total obfuscation, obfuscation for software protection, constant hiding, and predicate obfuscation. For each of these models we consider the applications where the model may be valid, positive and negative results on the existence of secure obfuscation in the framework of the model, and relationships with other models of program obfuscation.

Text of article

Keywords

program obfuscation, security, Turing machine, encryption

Edition

Proceedings of the 7-th Information Security Conference (ISC'07), Valparaiso, Chile, серия Lecture Notes in Computer Science, 2007, vol. 4779, pp. 281-298.

Research Group

Theoretical Computer Science

All publications during 2007 All publications