US 12,235,937 B2
Obfuscation of executable instruction sets for enhanced security
Hoeteck Wee, Sunnyvale, CA (US); and Daniel Wichs, Brookline, MA (US)
Assigned to NTT RESEARCH INC., Sunnyvale, CA (US)
Appl. No. 18/043,033
Filed by NTT RESEARCH INC., Sunnyvale, CA (US)
PCT Filed Aug. 26, 2021, PCT No. PCT/US2021/047785
§ 371(c)(1), (2) Date Feb. 26, 2023,
PCT Pub. No. WO2022/047055, PCT Pub. Date Mar. 3, 2022.
Claims priority of provisional application 63/071,348, filed on Aug. 27, 2020.
Prior Publication US 2023/0315821 A1, Oct. 5, 2023
Int. Cl. G06F 21/14 (2013.01); G06F 21/64 (2013.01)
CPC G06F 21/14 (2013.01) [G06F 21/64 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A computerized method for securing a set of executable instructions by obfuscation, the method comprising:
receiving a set of non-obfuscated executable instructions corresponding to a program whose input comprises a value in the set {1 , . . . ,N};
using a functional encoding primitive comprising an encoding process, an opening process and a decoding process to compute obfuscated instructions by:
executing the encoding process of the functional encoding primitive to encode the executable instructions;
executing the opening process;
storing outputs of the encoding process and the opening process as a set of obfuscated instructions; and
storing the set of obfuscated executable instructions on a computerized storage device for subsequent execution, wherein the set of obfuscated executable instructions satisfy properties of:
functionality, whereby the set of obfuscated executable instructions and the set of non-obfuscated executable instructions compute the same function and have the same input-output behavior; and
security, whereby for any two sets of non-obfuscated executable instructions with the same input-output behavior of the set of non-obfuscated executable instructions, the corresponding set of obfuscated executable instructions cannot be distinguished by a computationally efficient process;
wherein the functional encoding primitive further comprises a commitment primitive and a sampler primitive;
the commitment primitive further comprises a commit process, an evaluation process, and an open process;
the sampler primitive further comprises an initialize process and a sample process;
commit, evaluation, and open processes of the commitment primitive use a learning with errors sample plus a committed value to generate an opening for an evaluated commitment smaller than the committed value; and
the initialization and sampling processes of the sampler primitive further comprise:
initializing by executing a commitment process on a key k for a pseudorandom function resulting in a commitment c; and
sampling by executing a commitment evaluation process to generate a pseudorandom learning with errors sample from the key k.