Originally written in October 2014.
Recent breakthroughs in cryptography, widely reported on in the media showed that it is possible to reassemble any given program into a mathematical jigsaw puzzle so complicated that, although it functions identically to the original, divining its purpose without running it is effectively impossible. We’ll look at the security implications of these findings.
Do the results imply that any malware program can be obfuscated to be indistinguishable from benign programs?
This is because there are restrictions on this obfuscation. Specifically, the authors only show the possibility of “indistinguishability obfuscation”, which really means that if one obfuscates two different programs which perform the same function, they would still function like the non-obfuscated versions, taking the same inputs from the outside environment and outputting the same outputs, but it would be impossible to …