Code Obfuscation

Document Sample
Code Obfuscation Powered By Docstoc
					Code Obfuscation
Its limits in today Software & Hardware

          By Shahid Razzaq
    What is this Obfuscation?
Literal Meaning of Obfuscation:
   The word ‘obfuscation' refers to the concept of
    concealing the meaning of communication by making
    it more confusing and harder to interpret.
Code Obfuscation:
   Code obfuscation is the generation or alteration of
    source code and/or object code in such a way that it
    is easy for the computer to comprehend but
    considerably difficult to reverse engineer.
  Reverse Engineering Code
Normal Engineering:
    Dude writes code -> Dude compiles -> Dude
parties with the binary

Reverse Engineering:
    Evil dude gets the binary -> Uses powerful
tools (e.g IDA Pro) to gain knowledge about
program -> Gets to know code structure, control
flow, and valuable assets, keys, alrogithms, PI

IDA Pro: How much can it do?
    How can Obfuscation Help
Types of Obfuscation:
   Code Structure Obfuscation
   Data Obfuscation
   Control Obfuscation
   Preventive Obfuscation

Effects of Obfuscation on Code:
   Code logic doesn’t change
   Decreases footprint of code
   Decreases performance (w.r.t time)
   Harder for developers during product cycle & possibly
    support
        Obfuscation in Action
Widely used in Intermediate Compiled
Languages .Net, Java
   Dotfuscator (.Net, Microsoft Visual Studio)
   ProGuard (Java, free)

Factor that prevent use of Obfuscation
   Cost of Obfuscation
   Execution time of code
   High Program complexity
          Limits to Obfuscation
No obfuscation enough against extremely dedicated
hackers
Prevents against easy reverse engineering using tools

How can Software Help:
   Built-in support in OS
   Public APIs

Hardware Assisted Obfuscation:
   Use of hardware for decryption
   How are decryption keys transferred?
       Obfuscation in Future
Interesting Scenario: ‘Brain’ obfuscation
   Processor detached from memory
   Non conventional use of processor registers
   Memory kept relatively in-accessable,
    encrypted
   Obfuscation in design, like a real brain.
    Example?
              What does this do?
#include <stdio.h>

main(t,_,a)char *a;{return!0<t?t<3?main(-79,-13,a+main(-87,1-_,main(-
  86,0,a+1)+a)):1,t<_?main(t+1,_,a):3,main(-94,-
  27+t,a)&&t==2?_<13?main(2,_+1,"%s %d %d\n"):9:16:t<0?t<-
  72?main(_,t,"@n'+,#'/*{}w+/w#cdnr/+,{}r/*de}+,/*{*+,/w{%+,/w#q#n+,/
  #{l,+,/n{n+,/+#n+,/#\;#q#n+,/+k#;*+,/'r :'d*'3,}{w+K w'K:'+}e#';dq#'l
  \q#'+d'K#!/+k#;q#'r}eKK#}w'r}eKK{nl]'/#;#q#n'){)#}w'){){nl]'/+#n';d}rw'
  i;# \){nl]!/n{n#'; r{#w'r nc{nl]'/#{l,+'K {rw' iK{;[{nl]'/w#q#n'wk nw'
  \iwk{KK{nl]!/w{%'l##w#' i; :{nl]'/*{q#'ld;r'}{nlwb!/*de}'c \;;{nl'-
  {}rw]'/+,}##'*}#nc,',#nw]'/+kd'+e}+;#'rdq#w! nr'/ ') }+}{rl#'{n' ')#
  \}'+}##(!!/"):t<-50?_==*a?putchar(31[a]):main(-
  65,_,a+1):main((*a=='/')+t,_,a+1)
  :0<t?main(2,2,"%s"):*a=='/'||main(0,main(-61,*a,"!ek;dc i@bK'(q)-
  [w]*%n+r3#l,{}:\nuwloca-O;m .vpbks,fxntdCeghiry"),a+1);}
Q&A

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:4
posted:4/4/2012
language:
pages:12