Positive Results and Techniques for Obfuscation

Informally, an obfuscator${\mathcal{O}}$ is an efficient, probabilistic “compiler” that transforms a program P into a new program (P) with the same functionality as P, but such that ${\mathcal{O}}(P)$ protects any secrets that may be built into and used by P. Program obfuscation, if possible, would have numerous important cryptographic applications, including: (1) “Intellectual property” protection of secret algorithms and keys in software, (2) Solving the long-standing open problem of homomorphic public-key encryption, (3) Controlled delegation of authority and access, (4) Transforming Private-Key Encryption into Public-Key Encryption, and (5) Access Control Systems. Unfortunately however, program obfuscators that work on arbitrary programs cannot exist [1]. No positive results for program obfuscation were known prior to this work.In this paper, we provide the first positive results in program obfuscation. We focus on the goal of access control, and give several provable obfuscations for complex access control functionalities, in the random oracle model. Our results are obtained through non-trivial compositions of obfuscations; we note that general composition of obfuscations is impossible, and so developing techniques for composing obfuscations is an important goal. Our work can also be seen as making initial progress toward the goal of obfuscating finite automata or regular expressions, an important general class of machines which are not ruled out by the impossibility results of [1]. We also note that our work provides the first formal proof techniques for obfuscation, which we expect to be useful in future work in this area.