4 research outputs found
Control-flow flattening preserves the constant-time policy
Obfuscating compilers protect a software by obscuring its meaning and impeding the reconstruction of its original source code. The typical concern when defining such compilers is their robustness against reverse engineering and the performance of the produced code. Little work has been done in studying whether the security properties of a program are preserved under obfuscation. In this paper we start addressing this problem: we consider control-flow flattening, a popular obfuscation technique used in industrial compilers, and a specific security policy, namely constant-time. We prove that this obfuscation preserves the policy, i.e., that every program satisfying the policy still does after the transformation
Control-flow Flattening Preserves the Constant-Time Policy.
Obfuscating compilers protect a software by obscuring its meaning and impeding
the reconstruction of its original source code.
The typical concern when defining such compilers is their robustness against
reverse engineering and the performance of the produced code.
Little work has been done in studying whether the security properties of a
program are preserved under obfuscation.
In this paper we start addressing this problem: we consider control-flow
flattening, a popular obfuscation technique used in industrial compilers,
and a specific security policy, namely constant-time.
We prove that this
obfuscation preserves the policy, i.e., that every program satisfying the
policy still does after the transformation