New: 14.03.06: Added two links below, the corrected version of today's lecture was made available after the lecture (included two home assignments).
Bonus reading: Silver Needle in the Skype (Blackhat 2006)
Program Obfuscation (short course)
Yury Lifshits
Software need protection against many threats: tanpering, code reusing, keys extraction, decomposing. All these attacks based on decompilation and analysis of programs. In modern programming languages like Java this tasks are very easy, and therefore we need a strong protection techniqes.
The idea of program obfuscation is to transform an input program to a functionally equivalent but `non-understandable'' one. We now have two research directions. One is practical approach: perform some simple tricks like variable renaming and reodering commands. This line leads to more than 30 obfuscators available at the market now. The second approach is to find a specific protection techniques based on classical results in cryptography.
In the course we review applications of program obfuscation and examine several cryptography-based approaches. On the last lecture we discuss the most powerful tricks in the practical approach.
Lectures of the similar course: http://logic.pdmi.ras.ru/~yura/obfuscation.html
Fastest way: use OIS.
Previous Lecture Course [Spring 2005] on obfuscation http://logic.pdmi.ras.ru/~yura/obfuscation.html.
Link Directory on Obfuscation http://del.icio.us/obfuscation.
Helger's link collection at http://research.cyber.ee/~lipmaa/crypto/.
This page: http://research.cyber.ee/~lipmaa/teaching/MTAT.07.010/