HOP: Hardware makes Obfuscation Practical

Nayak, Kartik; Fletcher, Christopher W.; Ren, Ling; Chandran, Nishanth; Lokam, Satya; Shi, Elaine; Goyal, Vipul

doi:10.14722/ndss.2017.23349

Cited by 37 publications

(35 citation statements)

References 52 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although software obfuscation has been actively researched for quite some time, how to systematically assess the security strength of an obfuscator remains an open problem. For cryptographic obfuscation, the evaluation methodology is clear, ie, reducing deobfuscation to a computational problem with provable or conjectural intractability . In contrast, evaluation through empirical experiments always raises concerns about the possibility that the obfuscation can be effectively nullified by some unknown or future deobfuscation methods not considered by the evaluation.…”

Section: Discussionmentioning

confidence: 99%

“…Ascend, GhostRider, Phantom, and Raccoon are implementations of secure processors or hardware‐software systems that achieves achieves memory obliviousness when executing obfuscated programs. HOP is another secure processor that provides oblivious memory access; moreover, it is resilient to rewinding attacks by making the processor stateless.…”

Section: Related Workmentioning

confidence: 99%

“…For cryptographic obfuscation, the evaluation methodology is clear, ie, reducing deobfuscation to a computational problem with provable or conjectural intractability. 48 In contrast, evaluation through empirical experiments always raises concerns about the possibility that the obfuscation can be effectively nullified by some unknown or future deobfuscation methods not considered by the evaluation. Some recent effort has tried to establish standards for assessing the security strength of obfuscation techniques, [49][50][51] but it remains unclear how well they can fit the demands of practical software protection.…”

Section: Resiliencementioning

confidence: 99%

See 2 more Smart Citations

Field experience with obfuscating million‐user iOS apps in large enterprise mobile development

Wang

Chen³

et al. 2018

Softw Pract Exp

View full text Add to dashboard Cite

Summary In recent years, mobile apps have become the infrastructure of many popular Internet services. It is now common that a mobile app serves millions of users across the globe. By examining the code of these apps, reverse engineers can learn various knowledge about the design and implementation of the apps. Real‐world cases have shown that the disclosed critical information allows malicious parties to abuse or exploit the app‐provided services for unrightful profits, leading to significant financial losses. One of the most viable mitigations against malicious reverse engineering is to obfuscate the apps. Despite that security by obscurity is typically considered to be an unsound protection methodology, software obfuscation can indeed increase the cost of reverse engineering, thus delivering practical merits for protecting mobile apps. In this paper, we share our experience of applying obfuscation to multiple commercial iOS apps, each of which has millions of users. We discuss the necessity of adopting obfuscation for protecting modern mobile business, the challenges of software obfuscation on the iOS platform, and our efforts in overcoming these obstacles. We especially focus on factors that are unique to mobile software development that may affect the design and deployment of obfuscation techniques. We report the outcome of our obfuscation with empirical experiments. We additionally elaborate on the follow‐up case studies about how our obfuscation affected the app publication process and how we responded to the negative impacts. This experience report can benefit mobile developers, security service providers, and Apple as the administrator of the iOS ecosystem.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Resiliencementioning

confidence: 99%

See 1 more Smart Citation

Field experience with obfuscating million‐user iOS apps in large enterprise mobile development

Wang

Chen³

et al. 2018

Softw Pract Exp

View full text Add to dashboard Cite

show abstract

“…Although we take a software-only-based approach to program obfuscation, hardware-based approaches are also feasible. The work [49] achieves simulation-secure obfuscation for RAM programs using secure hardware to circumvent previous impossibility results.…”

Section: B Related Workmentioning

confidence: 99%

Implementing Conjunction Obfuscation Under Entropic Ring LWE

Cousins

Crescenzo

Gür

et al. 2018

2018 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Abstract-We address the practicality challenges of secure program obfuscation by implementing, optimizing, and experimentally assessing an approach to securely obfuscate conjunction programs proposed in [1]. Conjunction programs evaluate functions f (x1, . . . , xL) = i∈I yi, where yi is either xi or ¬xi and I ⊆ [L], and can be used as classifiers. Our obfuscation approach satisfies distributional Virtual Black Box (VBB) security based on reasonable hardness assumptions, namely an entropic variant of the Ring Learning with Errors (Ring-LWE) assumption. Prior implementations of secure program obfuscation techniques support either trivial programs like point functions, or support the obfuscation of more general but less efficient branching programs to satisfy Indistinguishability Obfuscation (IO), a weaker security model. Further, the more general implemented techniques, rather than relying on standard assumptions, base their security on conjectures that have been shown to be theoretically vulnerable.Our work is the first implementation of non-trivial program obfuscation based on polynomial rings. Our contributions include multiple design and implementation advances resulting in reduced program size, obfuscation runtime, and evaluation runtime by many orders of magnitude. We implement our design in software and experimentally assess performance in a commercially available multi-core computing environment. Our implementation achieves runtimes of 6.7 hours to securely obfuscate a 64-bit conjunction program and 2.5 seconds to evaluate this program over an arbitrary input. We are also able to obfuscate a 32-bit conjunction program with 53 bits of security in 7 minutes and evaluate the obfuscated program in 43 milliseconds on a commodity desktop computer, which implies that 32-bit conjunction obfuscation is already practical. Our graph-induced (directed) encoding implementation runs up to 25 levels, which is higher than previously reported in the literature for this encoding. Our design and implementation advances are applicable to obfuscating more general compute-and-compare programs and can also be used for many cryptographic schemes based on lattice trapdoors.

show abstract

“…ORAM solutions that have been proposed provide strong privacy by guaranteeing that anyone who observes the entire communication channel between client and backend storage cannot distinguish any series of accesses from random. Due to this strong privacy guarantee, ORAM has been used as a powerful tool in various application settings such as secure cloud storage (e.g., [16,27,28]), secure multi-party computation (e.g., [10,14,15,32,34]), and secure processors (e.g., [8,13,19]). This paper is authored by an employee(s) of the United States Government and is in the public domain.…”

Section: Introductionmentioning

confidence: 99%

Deterministic, Stash-Free Write-Only ORAM

Roche

Aviv

Choi

et al. 2017

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Write-Only Oblivious RAM (WoORAM) protocols provide privacy by encrypting the contents of data and also hiding the pattern of write operations over that data. WoORAMs provide better privacy than plain encryption and better performance than more general ORAM schemes (which hide both writing and reading access patterns), and the write-oblivious setting has been applied to important applications of cloud storage synchronization and encrypted hidden volumes. In this paper, we introduce an entirely new technique for Write-Only ORAM, called DetWoORAM. Unlike previous solutions, DetWoORAM uses a deterministic, sequential writing pattern without the need for any "stashing" of blocks in local state when writes fail. Our protocol, while conceptually simple, provides substantial improvement over prior solutions, both asymptotically and experimentally. In particular, under typical settings the DetWoORAM writes only 2 blocks (sequentially) to backend memory for each block written to the device, which is optimal. We have implemented our solution using the BUSE (block device in user-space) module and tested DetWoORAM against both an encryption only baseline of dm-crypt and prior, randomized WoORAM solutions, measuring only a 3x-14x slowdown compared to an encryption-only baseline and around 6x-19x speedup compared to prior work.

show abstract

HOP: Hardware makes Obfuscation Practical

Cited by 37 publications

References 52 publications

Field experience with obfuscating million‐user iOS apps in large enterprise mobile development

Field experience with obfuscating million‐user iOS apps in large enterprise mobile development

Implementing Conjunction Obfuscation Under Entropic Ring LWE

Deterministic, Stash-Free Write-Only ORAM

Contact Info

Product

Resources

About