Positive Results and Techniques for Obfuscation

  • Benjamin Lynn
  • Manoj Prabhakaran
  • Amit Sahai
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3027)


Informally, an obfuscator \({\mathcal{O}}\) is an efficient, probabilistic “compiler” that transforms a program P into a new program (P) with the same functionality as P, but such that \({\mathcal{O}}(P)\) protects any secrets that may be built into and used by P. Program obfuscation, if possible, would have numerous important cryptographic applications, including: (1) “Intellectual property” protection of secret algorithms and keys in software, (2) Solving the long-standing open problem of homomorphic public-key encryption, (3) Controlled delegation of authority and access, (4) Transforming Private-Key Encryption into Public-Key Encryption, and (5) Access Control Systems. Unfortunately however, program obfuscators that work on arbitrary programs cannot exist [1]. No positive results for program obfuscation were known prior to this work.

In this paper, we provide the first positive results in program obfuscation. We focus on the goal of access control, and give several provable obfuscations for complex access control functionalities, in the random oracle model. Our results are obtained through non-trivial compositions of obfuscations; we note that general composition of obfuscations is impossible, and so developing techniques for composing obfuscations is an important goal. Our work can also be seen as making initial progress toward the goal of obfuscating finite automata or regular expressions, an important general class of machines which are not ruled out by the impossibility results of [1]. We also note that our work provides the first formal proof techniques for obfuscation, which we expect to be useful in future work in this area.


Access Control Access Point Point Function Turing Machine Regular Expression 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 1. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Canetti, R., Micciancio, D., Reingold, O.: Perfectly one-way probabilistic hash functions. In: Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing 1998 (1998)Google Scholar
  3. 3.
    Collberg, C., Thomborson, C.: Watermarking, tamper-proofing, and obfuscation – tools for software protection. Technical Report TR00-03, The Department of Computer Science, University of Arizona (February 2000)Google Scholar
  4. 4.
    Chow, S., Johnson, H., van Oorschot, P.C., Eisen, P.: A White-Box DES Implementation for DRM Applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  5. 5.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. Preliminary versions appeared at CRYPTO 1989 and STOC 1990. Journal of the ACM 43(3), 431–473 (1996)zbMATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Jacob, M., Boneh, D., Felten, E.: Attacking an obfuscated cipher by injecting faults. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 16–31. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Lynn, B., Prabhakaran, M., Sahai, A.: Positive Results and Techniques in Obfuscation. In: The Cryptology ePrint Archive (2004),

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Benjamin Lynn
    • 1
  • Manoj Prabhakaran
    • 2
  • Amit Sahai
    • 2
  1. 1.Stanford UniversityUSA
  2. 2.Princeton UniversityUSA

Personalised recommendations