Skip to main content
SpringerLink
Log in
Book cover

International Conference on Information Security

ISC 2001: Information Security pp 144–155Cite as

An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2200))

Abstract

In this paper we present a straightforward approach to the obfuscation of sequential program control-flow in order to design tamper-resistant software. The principal idea of our technique is as follows: Let I be an instance of a hard combinatorial problem C, whose solution K is known. Then, given a source program π, we implant I into π by applying semantics-preserving transformations and using K as a key. This yields as its result an obfuscated program πI,K, such that a detection of some property P of πI,K, which is essential for comprehending the program, gives a solution to I. Varying instances I, we obtain a family II C of obfuscated programs such that the problem of checking P for II C is at least as hard as C. We show how this technique works by taking for C the acceptance problem for linear bounded Turing machines, which is known to be PSPACE-complete.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Brickell E.F., Davenport D.M. On the classification of ideal secret sharing schemes. J. Cryptology, 4, 1991, p.123–134.

    MATH  Google Scholar 

  2. Chow S., Johnson H., and Gu Y., Tamper resistant software — control flow encoding. Filed under the Patent Coöperation Treaty on August 18, 2000, under Serial No. PCT/CA00/00943.

    Google Scholar 

  3. Collberg C., Thomborson C., Low D., A taxonomy of obfuscating transformations, Tech. Report, N 148, Dept. of Computer Science, Univ. of Auckland, 1997.

    Google Scholar 

  4. Collberg C., Thomborson C., Low D., Manufacturing cheap, resilient and stealthy opaque constructs, Symp. on Principles of Prog. Lang., 1998, p.184–196.

    Google Scholar 

  5. Collberg C., Thomborson C., Low D. Breaking abstraction and unstructuring data structures, in IEEE Int. Conf. on Computer Languages, 1998, p.28–38.

    Google Scholar 

  6. Garey M.R., Johnson D.S., Computers and Intractability, W.H Freeman and Co., San Francisco, 1979.

    MATH  Google Scholar 

  7. Glenn A., Larus J., Improving Data-Flow Analysis with Path Profilers. In Proc. of the SIGPLAN ’98 Conf. on Prog. Lang. Design and Implementation, Montreal, Canada, published as SIGPLAN Notices, SIGPLAN Notices, N 5, 1998, pp. 72–84.

    Google Scholar 

  8. Horowitz S., Precise flow-insensitive May-Alias analysis is NP-hard, TOPLAS, 1997, 19, N 1, p.1–6.

    Article  Google Scholar 

  9. Jalali M., Hachez G., Vasserot C. FILIGRANE (Flexible IPR for Software AGent ReliANcE) A security framework for trading of mobile code in Internet, in Autonomous Agents 2000 Workshop: Agents in Industry, 2000.

    Google Scholar 

  10. Jones N.D., Muchnik S.S. Even simple programs are hard for analysis, J. Assoc. Comput. Mach., 1977, 24 N 5, p.338–350.

    MATH  MathSciNet  Google Scholar 

  11. Kennedy K., A Survey of Data Flow Analysis Techniques, in Program Flow Analysis: Theory and Applications, S.S. Muchnick and N.D. Jones (eds.). Prentice-Hall, Englewood Cliffs, NJ, 1981, pp. 5–54.

    Google Scholar 

  12. Kozen D., Automata and Computability, Springer, 1997.

    Google Scholar 

  13. Knoop J., Ruthing O., Steffen B., Partial Dead Code Elimination, in Proc. of the SIGPLAN ’94 Conf. on Prog. Lang. Design and Implementation, Orlando, FL, published as SIGPLAN Notices, 29, N 6, June 1994, pp. 147–158.

    Article  Google Scholar 

  14. Kotov V.E., Sabelfeld V.K., Theory of program schemata, M.: Nauka, 1991, 246 p. (in Russian)

    Google Scholar 

  15. Kuroda S.Y., Classes of languages and linear bounded automata, Information and Control, 1964, v.7, p.207–223.

    Article  MATH  MathSciNet  Google Scholar 

  16. Landi W., Undecidability of static analysis, ACM Lett.on Prog. Lang. and Syst., 1, 1992, 1, N 4, p.323–337.

    Article  Google Scholar 

  17. Mambo M., Murayama T., Okamoto E., A tentative approach to constructing tamper-resistant software, Workshop on New Security Paradigms, 1998, p.23–33.

    Google Scholar 

  18. Savitch W.J., Relationship between nondeterministic and deterministic tape complexities, J. of Comput. and Syst. Sci., 4, 1970, p.177–192.

    MATH  MathSciNet  Google Scholar 

  19. SourceGuard, commercial version of HashJava, http://www.4thpass.coml

  20. Tamper Resistant Software, http://www/cloakware.com/technology.html

  21. Wang C., Hill J., Knight J., Davidson J., Software tamper resistance: obstructing static analysis of programs, Tech. Report, N 12, Dept. of Comp. Sci., Univ. of Virginia, 2000

    Google Scholar 

  22. Zakharov V. The equivalence problem for computational models: decidable and undecidable cases, Lecture Notes in Computer Science, 2055, 2001, p.133–152.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Cloakware Corporation, Kanata, Ontario, Canada, K2L 3H1

    Stanley Chow, Yuan Gu & Harold Johnson

  2. Faculty of Computational Mathematics and Cybernetics, Moscow State University, Moscow, RU-119899, Russia

    Vladimir A. Zakharov

  3. Institute for System Programming, Russian Academy of Sciences, B. Kommunisticheskaya, 25, 109004, Moscow, Russia

    Vladimir A. Zakharov

Authors
  1. Stanley Chow
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yuan Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Harold Johnson
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vladimir A. Zakharov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of EECS, University of Wisconsin-Milwaukee, Milwaukee, WI, 53201, USA

    George I. Davida

  2. Techtegrity, LLC, 122 Harrison, Westfield, NJ, 07090, USA

    Yair Frankel

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chow, S., Gu, Y., Johnson, H., Zakharov, V.A. (2001). An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs. In: Davida, G.I., Frankel, Y. (eds) Information Security. ISC 2001. Lecture Notes in Computer Science, vol 2200. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45439-X_10

Download citation

  • DOI: https://doi.org/10.1007/3-540-45439-X_10

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42662-2

  • Online ISBN: 978-3-540-45439-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation