Encryption tool blocks reverse-engineering of software Computer scientists have developed a “mathematical jigsaw puzzle” that makes software impervious to reverse-engineering. UCLA computer science professor Amit Sahai and a team of researchers have designed a system to encrypt software so that it only allows someone to use a program as intended while preventing any deciphering of the code behind it. The process is known in computer science as software obfuscation and the method described by Sahai, who specializes in cryptography at UCLAs Henry Samueli School of Engineering and Applied Science, is the first time it has been accomplished. The real challenge and the great mystery in the field was: can you actually take a piece of software and encrypt it but still have it be runnable, executable and fully functional, Sahai said. Its a question that a lot of companies have been interested in for a long time. According to Sahai, the new system puts up an iron wall making it impossible for an adversary to reverse-engineer the software without solving mathematical problems that take hundreds of years to work out on todays computers. You write your software in a nice, reasonable, human-understandable way and then feed that software to our system, Sahai said. It will output this mathematically transformed piece of software that would be equivalent in functionality, but when you look at it, you would have no idea what its doing. Sahai said previously developed techniques for obfuscation presented only a speed bump, forcing an attacker to spend some effort, perhaps a few days, trying to reverse-engineer the software. The researchers said their mathematical obfuscation mechanism can be used to protect intellectual property by preventing the theft of new algorithms and by hiding the vulnerability a software patch is designed to repair when the patch is distributed. The key to this successful obfuscation mechanism is a new type of multilinear jigsaw puzzle. Through this mechanism, attempts to find out why and how the software works will be thwarted with only a nonsensical jumble of numbers. The real innovation that we have here is a way of transforming software into a kind of mathematical jigsaw puzzle, Sahai said. What were giving you is just math, just numbers, or a sequence of numbers. “But it lives in this mathematical structure so that these individual pieces, these sequences of numbers, can only be combined with other numbers in very specified ways. You can inspect everything, you can turn it upside-down, you can look at it from different angles and you still wont have any idea what its doing, he added. The only thing you can do with it is put it together the way that it was meant to interlock. “If you tried to do anything else, like if you tried to bash this piece and put it in some other way, youd just end up with garbage. The new technique for software obfuscation paved the way for another breakthrough called functional encryption. With functional encryption, instead of sending an encrypted message, an encrypted function is sent in its place. This offers a much more secure way to protect information, Sahai said. Previous work on functional encryption was limited to supporting very few functions; the new work can handle any computable function.
Posted on: Thu, 28 Nov 2013 13:46:33 +0000
Trending Topics
Recently Viewed Topics
© 2015