Proceedings of the 8th ACM SIGPLAN International Conference on Certified Programs and Proofs 2019
DOI: 10.1145/3293880.3294103
|View full text |Cite
|
Sign up to set email alerts
|

Formal verification of a program obfuscation based on mixed Boolean-arithmetic expressions

Abstract: The insertion of expressions mixing arithmetic operators and bitwise boolean operators is a widespread protection of sensitive data in source programs. This recent advanced obfuscation technique is one of the less studied among program obfuscations even if it is commonly found in binary code. In this paper, we formally verify in Coq this data obfuscation. It operates over a generic notion of mixed boolean-arithmetic expressions and on properties of bitwise operators operating over machine integers. Our obfusca… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
2
1

Citation Types

0
5
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
4
2
1

Relationship

1
6

Authors

Journals

citations
Cited by 9 publications
(5 citation statements)
references
References 10 publications
0
5
0
Order By: Relevance
“…This framework not only characterizes when a transformation is correct but also measures its resilience, i.e., the difficulty of undoing the obfuscation. More recently, other work went in the direction of fully verified, obfuscating compilation chains [6,8,7]. Among these [8] is the most similar to ours, but it only focusses on the correctness of the transformation, and studies it in the setting of the CompCert C compiler.…”
Section: Discussionmentioning
confidence: 98%
“…This framework not only characterizes when a transformation is correct but also measures its resilience, i.e., the difficulty of undoing the obfuscation. More recently, other work went in the direction of fully verified, obfuscating compilation chains [6,8,7]. Among these [8] is the most similar to ours, but it only focusses on the correctness of the transformation, and studies it in the setting of the CompCert C compiler.…”
Section: Discussionmentioning
confidence: 98%
“…Due to its solid theoretical foundation and simplicity of implementation, MBA expression has been applied in multiple academic tools and industrial products to protect software [5][6][7][8][9]. For example, Cloakware, Irdeto, and Quarkslab apply MBA obfuscation in their commercial products [5,7].…”
Section: Related Workmentioning
confidence: 99%
“…Tigress [6], an academic C source code obfuscator, encodes simple expressions into complex MBA forms. Blazy et al [8] develop a C program obfuscator, in which formally verified MBA obfuscation rules are integrated. Ma et al [9] apply MBA expressions to develop a novel dynamic software watermarking scheme.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…This paper is about mechanized operational semantics for compiler verification and their application to the CompCert compiler, with a focus on the Clight semantics, that significantly evolved since its first published version [9]. The Clight language is the preferred language to get guarantees from C programs and then compile them with CompCert (e.g., [18,13,11,8,21,16,33]).…”
Section: Introductionmentioning
confidence: 99%