Software security has long been an issue in the world of technology. There has been, however, a concept that has been sought after for years by software developers and cryptographers. This concept is called “program obfuscation”, and it could be the future of software security.
What is Program Obfuscation?
This idea was developed based on the concept of a “zero-knowledge” proof, first considered by Amit Sahai. Essentially the idea is to prove that something is true without telling why it is true. In programming, this idea would come to fruition by making a program that is so jumbled hackers can’t figure out how it works.
How far away is Program Obfuscation from becoming a reality?
This technology has been elusive for many years, with researchers believing it was too powerful to exist. Program Obfuscation used to be referred to as “black box” obfuscation because of its strong similarity to the theoretical definition of Program Obfuscation. This was similar to the theoretical definition of Program Obfuscation because it obscured how the program functions, even though you could determine its input and output values.
While “black box” obfuscation was proven impossible in 2001, the scientific community still believed that Program Obfuscation was possible and that this type of program could hold clues into the functions of Program Obfuscation.
For years, the efforts toward Program Obfuscation have been trial and error based. In 2013, researchers published a paper on a type of obfuscation called “indistinguishability obfuscation (iO).” iO jumbles two programs that do the same thing to the point where nobody can tell which piece comes from which program.
The Breakthrough Leading us to Program Obfuscation.
In 2013, programmers began trying to take iO from a theory to reality. Initially, Sahai created a breakthrough theory that jumbled the information into a jigsaw puzzle using multilinear maps. The multilinear maps were proven insecure in the following years, but the initial concept became the basis of a new, incredibly secure theory.
Scientists found a way to work around the weakness presented in multilinear maps by expecting less of them. They figured out how to get the “degree” (number of variables used) of the polynomials used in multilinear maps from 30 down to 3, but they got stuck at 3. The only multilinear map researchers know how to build securely uses polynomials with a degree of 2, so researchers decided to try a multilinear map that meets in the middle, at 2.5.
This development led to massive breakthroughs in security software to reach what Quantamagazine calls the “Crown Jewel of Cryptography,” iO. This development is still holding strong in its testing stages, with no computer scientist being able to hack this iO programming. If this holds true, this technology may be the new definition of Program Obsuficaiton, carrying us to a completely secure internet.
Interested in the field of technology? Visit our website to learn about our technology apprenticeships or to search our IT career opportunities: https://techoneit.com/careers/