Obfuscating compilers are designed to protect a program by obscuring its meaning and impeding the reconstruction of its original source code. Usually, the main concern with such compilers is their correctness and their robustness against reverse engineering. On the contrary, little attention is paid to ensure that obfuscation introduces no attacks in the transformed program that where not present in the original one. Cryptographic libraries often resort to the so-called cryptographic constant-time property to guarantee that no attackers can learn any secret values by monitoring and analyzing program execution time. Here, we propose a sufficient condition to check if a given obfuscation preserves the constant-time property. Checking this condition amounts to a simple and efficient static analysis that can be easily implemented. We consider several obfuscating transformations implemented in popular obfuscating compilers (e.g. the Tigress C compiler and O-MVLL). By relying on our condition we prove that some of them preserve constant-time, while others do not. For the last case we propose a translation validation procedure that applies our condition to the given program and verify whether instead the constant-time property is kept.

When obfuscations preserve constant-time / Busi, Matteo; Degano, Pierpaolo; Galletta, Letterio. - 15500:(2026), pp. 14-32. [10.1007/978-3-032-08187-2_2]

When obfuscations preserve constant-time

Degano Pierpaolo;Galletta Letterio
2026

Abstract

Obfuscating compilers are designed to protect a program by obscuring its meaning and impeding the reconstruction of its original source code. Usually, the main concern with such compilers is their correctness and their robustness against reverse engineering. On the contrary, little attention is paid to ensure that obfuscation introduces no attacks in the transformed program that where not present in the original one. Cryptographic libraries often resort to the so-called cryptographic constant-time property to guarantee that no attackers can learn any secret values by monitoring and analyzing program execution time. Here, we propose a sufficient condition to check if a given obfuscation preserves the constant-time property. Checking this condition amounts to a simple and efficient static analysis that can be easily implemented. We consider several obfuscating transformations implemented in popular obfuscating compilers (e.g. the Tigress C compiler and O-MVLL). By relying on our condition we prove that some of them preserve constant-time, while others do not. For the last case we propose a translation validation procedure that applies our condition to the given program and verify whether instead the constant-time property is kept.
2026
9783032081865
9783032081872
Hyperproperty preservation
Secure compilation
Secure translation validation
File in questo prodotto:
File Dimensione Formato  
mainAlan.pdf

embargo fino al 24/11/2026

Descrizione: Postprint - When Obfuscations Preserve Constant-Time
Tipologia: Documento in Post-print
Licenza: Non specificato
Dimensione 393.04 kB
Formato Adobe PDF
393.04 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
978-3-032-08187-2_2.pdf

non disponibili

Descrizione: When Obfuscations Preserve Constant-Time
Tipologia: Versione Editoriale (PDF)
Licenza: Copyright dell'editore
Dimensione 753.01 kB
Formato Adobe PDF
753.01 kB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.11771/38119
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
social impact