Obfuscating compilers are designed to protect a program by obscuring its meaning and impeding the reconstruction of its original source code. Usually, the main concern with such compilers is their correctness and their robustness against reverse engineering. On the contrary, little attention is paid to ensure that obfuscation introduces no attacks in the transformed program that where not present in the original one. Cryptographic libraries often resort to the so-called cryptographic constant-time property to guarantee that no attackers can learn any secret values by monitoring and analyzing program execution time. Here, we propose a sufficient condition to check if a given obfuscation preserves the constant-time property. Checking this condition amounts to a simple and efficient static analysis that can be easily implemented. We consider several obfuscating transformations implemented in popular obfuscating compilers (e.g. the Tigress C compiler and O-MVLL). By relying on our condition we prove that some of them preserve constant-time, while others do not. For the last case we propose a translation validation procedure that applies our condition to the given program and verify whether instead the constant-time property is kept.
When obfuscations preserve constant-time / Busi, Matteo; Degano, Pierpaolo; Galletta, Letterio. - 15500:(2026), pp. 14-32. [10.1007/978-3-032-08187-2_2]
When obfuscations preserve constant-time
Degano Pierpaolo;Galletta Letterio
2026
Abstract
Obfuscating compilers are designed to protect a program by obscuring its meaning and impeding the reconstruction of its original source code. Usually, the main concern with such compilers is their correctness and their robustness against reverse engineering. On the contrary, little attention is paid to ensure that obfuscation introduces no attacks in the transformed program that where not present in the original one. Cryptographic libraries often resort to the so-called cryptographic constant-time property to guarantee that no attackers can learn any secret values by monitoring and analyzing program execution time. Here, we propose a sufficient condition to check if a given obfuscation preserves the constant-time property. Checking this condition amounts to a simple and efficient static analysis that can be easily implemented. We consider several obfuscating transformations implemented in popular obfuscating compilers (e.g. the Tigress C compiler and O-MVLL). By relying on our condition we prove that some of them preserve constant-time, while others do not. For the last case we propose a translation validation procedure that applies our condition to the given program and verify whether instead the constant-time property is kept.| File | Dimensione | Formato | |
|---|---|---|---|
|
mainAlan.pdf
embargo fino al 24/11/2026
Descrizione: Postprint - When Obfuscations Preserve Constant-Time
Tipologia:
Documento in Post-print
Licenza:
Non specificato
Dimensione
393.04 kB
Formato
Adobe PDF
|
393.04 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
|
978-3-032-08187-2_2.pdf
non disponibili
Descrizione: When Obfuscations Preserve Constant-Time
Tipologia:
Versione Editoriale (PDF)
Licenza:
Copyright dell'editore
Dimensione
753.01 kB
Formato
Adobe PDF
|
753.01 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
