If you’re in the business of creating original software and hope to preserve its integrity against reverse-engineering hacks or if you’re Microsoft worried about hackers cracking the code behind a critical software patch released every month on Patch Tuesday, a breakthrough in software encryption may just be what you’re looking for.
UCLA computer science Prof Amit Sahai, who’s a cryptography expert at UCLA's Henry Samueli School of Engineering and Applied Science, and a team of researchers have claimed to successfully accomplish “software obfuscation” for the very first time. What does that mean? Well, it’s an encryption technique that only allows someone to use a program the way it’s intended, while preventing any deciphering of the code behind it.
The essence of this software obfuscation technique is the deployment of a new “multilinear jigsaw puzzle” to encrypt the software. By means of this jigsaw puzzle, unauthorized attempts to learn how a piece of protected software works will only result in a nonsensical jumble of numbers.
Illustration of the supposed mathematical jigsaw puzzle one would need to solve to crack this encryption code (Courtesy: UCLA Engineering)
"The real challenge and the great mystery in the field was: Can you actually take a piece of software and encrypt it but still have it be runnable, executable and fully functional," Sahai said, according to a release on UCLA’s newsroom.
According to Prof Amit Sahai, the new encryption system he and his team of researchers have helped develop does exactly that in an interesting, mathematical way. The new “software obfuscation” system makes it impossible for anyone to reverse-engineer the software without having to solve mathematical problems that would take hundreds of years for today’s computers to solve, making it a proverbial game-changer in the field of cryptography.
To quote Sahai further, “You write your software in a nice, reasonable, human-understandable way and then feed that software to our system. It will output this mathematically transformed piece of software that would be equivalent in functionality, but when you look at it, you would have no idea what it's doing.”
The software obfuscation technique is also contributing towards functional encryption, the research suggests. Instead of sending an encrypted message, only an encrypted function is sent for authentication, offering a “much more secure way to protect information,” according to Prof Amit Sahai.