Communications of the ACM
Hopes, Fears, and Software Obfuscation
Computer programs are arguably the most complex objects ever constructed by humans. Even understanding a 10-line program (such as the one depicted in Figure 1) can be extremely difficult. The complexity of programs has been the bane (as well as the boon) of the software industry, and taming it has been the objective of many efforts in industry and academia. Given this, it is not surprising that both theoreticians and practitioners have been trying to "harness this complexity for good" and use it to protect sensitive information and computation. In its most general form this is known as software obfuscation, and it is the topic of this article.
Key Insights
In a certain sense, any cryptographic tool such as encryption or authentication can be thought of as harnessing complexity for security, but with software obfuscation people have been aiming for something far more ambitious: a way to transform arbitrary programs into an "inscrutable" or obfuscated form. By this we do not mean reverse engineering the program should be cumbersome but rather it should be infeasible, in the same way that recovering the plaintext of a secure encryption cannot be performed using any reasonable amount of resources.
No entries found