Code Obfuscation Its limits in today Software & Hardware By Shahid Razzaq

What is this Obfuscation? Literal Meaning of Obfuscation: The word ‘obfuscation' refers to the concept of concealing the meaning of communication by making it more confusing and harder to interpret. The word ‘obfuscation' refers to the concept of concealing the meaning of communication by making it more confusing and harder to interpret. Code Obfuscation: Code obfuscation is the generation or alteration of source code and/or object code in such a way that it is easy for the computer to comprehend but considerably difficult to reverse engineer. Code obfuscation is the generation or alteration of source code and/or object code in such a way that it is easy for the computer to comprehend but considerably difficult to reverse engineer.

Reverse Engineering Code Normal Engineering: Dude writes code -> Dude compiles -> Dude parties with the binary Reverse Engineering: Evil dude gets the binary -> Uses powerful tools (e.g IDA Pro) to gain knowledge about program -> Gets to know code structure, control flow, and valuable assets, keys, alrogithms, PI IDA Pro: How much can it do?

How can Obfuscation Help Types of Obfuscation: Code Structure Obfuscation Code Structure Obfuscation Data Obfuscation Data Obfuscation Control Obfuscation Control Obfuscation Preventive Obfuscation Preventive Obfuscation Effects of Obfuscation on Code: Code logic doesn’t change Code logic doesn’t change Decreases footprint of code Decreases footprint of code Decreases performance (w.r.t time) Decreases performance (w.r.t time) Harder for developers during product cycle & possibly support Harder for developers during product cycle & possibly support

Widely used in Intermediate Compiled Languages.Net, Java Dotfuscator (.Net, Microsoft Visual Studio) Dotfuscator (.Net, Microsoft Visual Studio) ProGuard (Java, free) ProGuard (Java, free) Factor that prevent use of Obfuscation Cost of Obfuscation Cost of Obfuscation Execution time of code Execution time of code High Program complexity High Program complexity Obfuscation in Action

Limits to Obfuscation No obfuscation enough against extremely dedicated hackers Prevents against easy reverse engineering using tools How can Software Help: Built-in support in OS Built-in support in OS Public APIs Public APIs Hardware Assisted Obfuscation: Use of hardware for decryption Use of hardware for decryption How are decryption keys transferred? How are decryption keys transferred?

Obfuscation in Future Interesting Scenario: ‘Brain’ obfuscation Processor detached from memory Processor detached from memory Non conventional use of processor registers Non conventional use of processor registers Memory kept relatively in-accessable, encrypted Memory kept relatively in-accessable, encrypted Obfuscation in design, like a real brain. Example? Obfuscation in design, like a real brain. Example?

What does this do? #include #include main(t,_,a)char *a;{return!0<t?t<3?main(-79,-13,a+main(-87,1-_,main(- 86,0,a+1)+a)):1,t<_?main(t+1,_,a):3,main(-94,- 27+t,a)&&t==2?_<13?main(2,_+1,"%s %d %d\n"):9:16:t<0?t<- #{l,+,/n{n+,/+#n+,/#\;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l \q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw' i;# \){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw' \iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c \;;{nl'- {}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')# \}'+}##(!!/"):t<-50?_==*a?putchar(31[a]):main(- 65,_,a+1):main((*a=='/')+t,_,a+1) :0<t?main(2,2,"%s"):*a=='/'||main(0,main(-61,*a,"!ek;dc [w]*%n+r3#l,{}:\nuwloca-O;m.vpbks,fxntdCeghiry"),a+1);}

Q & A