Various kinds of software obfuscation methods have been proposed to protect security-sensitive information involved in software implementations. This paper proposes a cracker-centric approach to give a guideline for employing existing obfuscation methods to disrupt crackers’ actions.

The celebrated work of Barak et al. (Crypto’01) ruled out the possibility of virtual blackbox (VBB) obfuscation for general circuits. The recent work of Canetti, Kalai, and Paneth (TCC’15) extended this impossibility to the random oracle model as well assuming the existence of trapdoor permutations (TDPs). On the other hand, the works of Barak et al. (Crypto’14) and Brakerski-Rothblum (TCC’14) ...

We show the following result: Assuming the existence of public-coin differing-input obfuscation (pc-diO) for the class of all polynomial time Turing machines, then there exists a four message, fully concurrent zero-knowledge proof system for all languages in NP with negligible soundness error. This result is constructive: given pc-diO, our reduction yields an explicit protocol along with an exp...

Program obfuscation is a central primitive in cryptography, and has important real-world applications in protecting software from IP theft. However, well known results from the cryptographic literature have shown that software only virtual black box (VBB) obfuscation of general programs is impossible. In this paper we propose HOP, a system (with matching theoretic analysis) that achieves simula...

An obfuscation is a behaviour-preserving program transformation whose aim is to make a program “harder to understand”. Obfuscations are applied to make reverse engineering of a program more difficult. Two concerns about an obfuscation are whether it preserves behaviour (i.e. it is correct) and the degree to which it maintains efficiency. Obfuscations are applied mainly to objectoriented program...

Consider users who share their data (e.g., location) with an untrusted service provider to obtain a personalized (e.g., location-based) service. Data obfuscation is a prevalent user-centric approach to protecting users’ privacy in such systems: the untrusted entity only receives a noisy version of user’s data. Perturbing data before sharing it, however, comes at the price of the users’ utility ...

We study obfuscation of point functions with multibit output and other related functions. A point function with multibit output returns a string on a single input point and zero everywhere else. We provide a construction that obfuscates these functions. The construction is generic in the sense that it can use any perfectly one-way (POW) function or obfuscator for point functions. Analyzing this...

Code obfuscation is a set of program transformations that make program code and program execution difficult to analyze. First of all, obfuscation hinders manual inspection of program internals. By renaming variables and functions, and breaking down structures, it protects against reverse-engineering. It protects both storage and usage of keys, and it can hide certain properties such as a softwa...

Because it is not hard to reverse engineer the Dalvik bytecode used in the Dalvik virtual machine, Android application repackaging has become a serious problem. With repackaging, a plagiarist can simply steal others’ code violating the intellectual property of the developers. More seriously, after repackaging, popular apps can become the carriers of malware, adware or spy-ware for wide spreadin...

With the proliferation of inexpensive video surveillance and face recognition technologies, it is increasingly possible to track and match people as they move through public spaces. To protect the privacy of subjects visible in video sequences, prior research suggests using ad hoc obfuscation methods, such as blurring or pixelation of the face. However, there has been little investigation into ...