Feeds

Protecting code's secrets wins ACM prize

Code obfuscation: a difficult problem apparently cracked

Secure remote control for conventional and virtual desktops

Better code obfuscation has attracted the attention of the prestigious Association of Computing Machinery, which has anointed an Indian-born developer working at IBM's TJ Watson Research Centre with an award for his work.

Protecting code, even as a binary, from being reverse-engineered is difficult: any solution that encrypts the code has to keep its functionality in place, and decrypting the code for execution has to be fast.

Sanjam Garg, an alumni of the Institute of Technology of Delhi, claims to have cracked that problem in this paper, Candidate Multilinear Maps from Ideal Lattices.

As that paper explains, bilinear maps are so well-known that their applications are “too numerous” to list – but (for example) tripartate Diffie-Hellman and identity-based encryption are two handy examples. Expanding that concept to multi-lineal maps has been theorised, Garg writes in his paper, but not previously achieved.

That work was then expanded on in collaboration between Garg and researchers from Microsoft, Boston University and UCLA, here, which demonstrated that Garg's concepts are workable for program obfuscation.

As they put it in the paper's abstract, Garg's work provides a “candidate obfuscator that cannot be broken by algebraic attacks”.

As the ACM notes: “Garg described new mathematical tools that serve as key ingredients for transforming a program into a 'jigsaw puzzle' of encrypted pieces. Corresponding to each input is a unique set of puzzle pieces that, when assembled, reveal the output of the program. Security of the obfuscated program hinges on the fact that illegitimate combinations of the puzzle pieces do not reveal anything.” ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
PEAK APPLE: iOS 8 is least popular Cupertino mobile OS in all of HUMAN HISTORY
'Nerd release' finally staggers past 50 per cent adoption
Microsoft to bake Skype into IE, without plugins
Redmond thinks the Object Real-Time Communications API for WebRTC is ready to roll
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
Mozilla: Spidermonkey ATE Apple's JavaScriptCore, THRASHED Google V8
Moz man claims the win on rivals' own benchmarks
Yes, Virginia, there IS a W3C HTML5 standard – as of now, that is
You asked for it! You begged for it! Then you gave up! And now it's HERE!
FTDI yanks chip-bricking driver from Windows Update, vows to fight on
Next driver to battle fake chips with 'non-invasive' methods
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Ubuntu 14.10 tries pulling a Steve Ballmer on cloudy offerings
Oi, Windows, centOS and openSUSE – behave, we're all friends here
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.