Information Hiding in Software with Mixed Boolean-Arithmetic Transforms

Zhou, Yongxin; Main, Alec; Gu, Yuan; Johnson, Harold J.

doi:10.1007/978-3-540-77535-5_5

Cited by 45 publications

(94 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…We introduce the obfuscation method based on mixed Boolean arithmetics proposed by Zhou et al [15]. The method is based on mixed mode computation over Boolean-arithmetic algebras and on invertible polynomial functions over the ring Z 2 n .…”

Section: Mba Obfuscationmentioning

confidence: 99%

“…Details on how to construct an unlimited number of non-trivial linear MBA identities can be found in [15]. The degree d of the invertible function f d is one of the parameters of the obfuscation process: the degree is chosen by the user and an appropriate invertible function f d and its inverse f is constructed via the following theorem:…”

Section: Obfuscation With a Polynomialmentioning

confidence: 99%

See 1 more Smart Citation

Effectiveness of synthesis in concolic deobfuscation

Biondi

Josse²,

Legay

et al. 2017

Computers & Security

View full text Add to dashboard Cite

Control flow obfuscation techniques can be used to hinder software reverseengineering. Symbolic analysis can counteract these techniques, but only if they can analyze obfuscated conditional statements. We evaluate the use of dynamic synthesis to complement symbolic analysis in the analysis of obfuscated conditionals. We test this approach on the taint-analysis-resistant Mixed Boolean Arithmetics (MBA) obfuscation method that is commonly used to obfuscate and randomly diversify statements. We experimentally ascertain the practical feasibility of MBA obfuscation. We study using SMT-based approaches with different state-of-the-art SMT solvers to counteract MBA obfuscation, and we show how targeted algebraic simplification can greatly reduce the analysis time. We show that synthesis-based deobfuscation is more effective than current SMT-based deobfuscation algorithms, thus proposing a synthesis-based attacker model to complement existing attacker models.

show abstract

Section: Mba Obfuscationmentioning

confidence: 99%

Section: Obfuscation With a Polynomialmentioning

confidence: 99%

Effectiveness of synthesis in concolic deobfuscation

Biondi

Josse²,

Legay

et al. 2017

Computers & Security

View full text Add to dashboard Cite

show abstract

“…CONCLUDING REMARKS Our work presents an improved design and software implementation for the secure obfuscation of conjunction programs, which are significantly more complex than simple point obfuscation functions supported by prior obfuscation implementations. The obfuscation construction we implement is based on a reasonable hardness variant of a standard lattice assumption (entropic Ring-LWE) and distributional VBB, in constrast to previous implementations of non-trivial obfuscators based on IO via multilinear maps [25], [26], [27] or the heuristic techniques not derived from the computational hardness of mathematical problems [2], [3], [4], [5], [6], [7].…”

Section: E Parallelization Experimentsmentioning

confidence: 99%

“…Prior techniques are discussed in [2], [3], [4], [5], [6], [7]. Although often usable in practice, these prior approaches do not provide strong security guarantees, and can often be defeated without large computational effort.…”

Section: Introductionmentioning

confidence: 99%

Implementing Conjunction Obfuscation Under Entropic Ring LWE

Cousins

Crescenzo

Gür

et al. 2018

2018 IEEE Symposium on Security and Privacy (SP)

View full text Add to dashboard Cite

Abstract-We address the practicality challenges of secure program obfuscation by implementing, optimizing, and experimentally assessing an approach to securely obfuscate conjunction programs proposed in [1]. Conjunction programs evaluate functions f (x1, . . . , xL) = i∈I yi, where yi is either xi or ¬xi and I ⊆ [L], and can be used as classifiers. Our obfuscation approach satisfies distributional Virtual Black Box (VBB) security based on reasonable hardness assumptions, namely an entropic variant of the Ring Learning with Errors (Ring-LWE) assumption. Prior implementations of secure program obfuscation techniques support either trivial programs like point functions, or support the obfuscation of more general but less efficient branching programs to satisfy Indistinguishability Obfuscation (IO), a weaker security model. Further, the more general implemented techniques, rather than relying on standard assumptions, base their security on conjectures that have been shown to be theoretically vulnerable.Our work is the first implementation of non-trivial program obfuscation based on polynomial rings. Our contributions include multiple design and implementation advances resulting in reduced program size, obfuscation runtime, and evaluation runtime by many orders of magnitude. We implement our design in software and experimentally assess performance in a commercially available multi-core computing environment. Our implementation achieves runtimes of 6.7 hours to securely obfuscate a 64-bit conjunction program and 2.5 seconds to evaluate this program over an arbitrary input. We are also able to obfuscate a 32-bit conjunction program with 53 bits of security in 7 minutes and evaluate the obfuscated program in 43 milliseconds on a commodity desktop computer, which implies that 32-bit conjunction obfuscation is already practical. Our graph-induced (directed) encoding implementation runs up to 25 levels, which is higher than previously reported in the literature for this encoding. Our design and implementation advances are applicable to obfuscating more general compute-and-compare programs and can also be used for many cryptographic schemes based on lattice trapdoors.

show abstract

“…Some prevent automatic decompilation [2], [3]. Some obfuscate data flow [4], [5] or control flow [3], [4], [6], [7], [8], [9], [10], [11]. Others simply omit humanreadable, meaningful identifiers [2], [12].…”

Section: Introductionmentioning

confidence: 99%

Pushing Java Type Obfuscation to the Limit

Foket

Sutter

Bosschere

2014

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

Abstract-Bytecoded .Net and Java programs reveal type information through encoded type hierarchies, casts, field declarations and method signatures. This facilitates bytecode verification, but it also helps reverse engineers. To obfuscate the type information, we combine three transformations. Class hierarchy flattening removes as much of the type hierarchy from programs as possible. Interface merging and object factory insertion further remove type information from casts, method signatures, and object creation sites. We evaluate these techniques with a prototype tool for Java bytecode. On real-life programs from the DaCapo benchmark suite, we demonstrate that our approach effectively hinders human and tool analysis with limited overhead.

show abstract

Information Hiding in Software with Mixed Boolean-Arithmetic Transforms

Cited by 45 publications

References 11 publications

Effectiveness of synthesis in concolic deobfuscation

Effectiveness of synthesis in concolic deobfuscation

Implementing Conjunction Obfuscation Under Entropic Ring LWE

Pushing Java Type Obfuscation to the Limit

Contact Info

Product

Resources

About