1,688 research outputs found
Implementing Cryptographic Program Obfuscation
Program obfuscation is the process of making a program unintelligible without changing the program\u27s underlying input/output behavior. Although there is a long line of work on heuristic techniques for obfuscation, such approaches do not provide any cryptographic guarantee on their effectiveness. A recent result by Garg et al. (FOCS 2013), however, shows that cryptographic program obfuscation is indeed possible based on a new primitive called a \emph{graded encoding scheme}.
In this work, we present the first implementation of such an obfuscator. We describe several challenges and optimizations we made along the way, present a detailed evaluation of our implementation, and discuss research problems that need to be addressed before such obfuscators can be used in practice
FPGA based remote code integrity verification of programs in distributed embedded systems
The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems
Understanding Android Obfuscation Techniques: A Large-Scale Investigation in the Wild
In this paper, we seek to better understand Android obfuscation and depict a
holistic view of the usage of obfuscation through a large-scale investigation
in the wild. In particular, we focus on four popular obfuscation approaches:
identifier renaming, string encryption, Java reflection, and packing. To obtain
the meaningful statistical results, we designed efficient and lightweight
detection models for each obfuscation technique and applied them to our massive
APK datasets (collected from Google Play, multiple third-party markets, and
malware databases). We have learned several interesting facts from the result.
For example, malware authors use string encryption more frequently, and more
apps on third-party markets than Google Play are packed. We are also interested
in the explanation of each finding. Therefore we carry out in-depth code
analysis on some Android apps after sampling. We believe our study will help
developers select the most suitable obfuscation approach, and in the meantime
help researchers improve code analysis systems in the right direction
Malicious cryptography techniques for unreversable (malicious or not) binaries
Fighting against computer malware require a mandatory step of reverse
engineering. As soon as the code has been disassemblied/decompiled (including a
dynamic analysis step), there is a hope to understand what the malware actually
does and to implement a detection mean. This also applies to protection of
software whenever one wishes to analyze them. In this paper, we show how to
amour code in such a way that reserse engineering techniques (static and
dymanic) are absolutely impossible by combining malicious cryptography
techniques developped in our laboratory and new types of programming (k-ary
codes). Suitable encryption algorithms combined with new cryptanalytic
approaches to ease the protection of (malicious or not) binaries, enable to
provide both total code armouring and large scale polymorphic features at the
same time. A simple 400 Kb of executable code enables to produce a binary code
and around mutated forms natively while going far beyond the old
concept of decryptor.Comment: 17 pages, 2 figures, accepted for presentation at H2HC'1
5Gen-C: Multi-input Functional Encryption and Program Obfuscation for Arithmetic Circuits
Program obfuscation is a powerful security primitive with many applications.
White-box cryptography studies a particular subset of program obfuscation
targeting keyed pseudorandom functions (PRFs), a core component of systems
such as mobile payment and digital rights management. Although the white-box
obfuscators currently used in practice do not come with security proofs and
are thus routinely broken, recent years have seen an explosion of
\emph{cryptographic} techniques for obfuscation, with the goal of avoiding
this build-and-break cycle.
In this work, we explore in detail cryptographic program obfuscation and the
related primitive of multi-input functional encryption (MIFE). In particular,
we extend the 5Gen framework (CCS 2016) to support circuit-based MIFE and
program obfuscation, implementing both existing and new constructions. We then
evaluate and compare the efficiency of these constructions in the context of
PRF obfuscation.
As part of this work we (1) introduce a novel instantiation of MIFE that works
directly on functions represented as arithmetic circuits, (2) use a known
transformation from MIFE to obfuscation to give us an obfuscator that performs
better than all prior constructions, and (3) develop a compiler for generating
circuits optimized for our schemes. Finally, we provide detailed experiments,
demonstrating, among other things, the ability to obfuscate a PRF with a
64-bit key and 12 bits of input (containing 62k gates) in under 4 hours, with
evaluation taking around 1 hour. This is by far the most complex function
obfuscated to date
- …