Researchers are hailing the new work as a watershed moment for cryptography
As a graduate student at the Massachusetts Institute of Technology in 1996, Amit Sahai was fascinated by the strange notion of a “zero-knowledge” proof, a type of mathematical protocol for convincing someone that something is true without revealing any details of why it is true. As Sahai mulled over this counterintuitive concept, it led him to consider an even more daring notion: What if it were possible to mask the inner workings not just of a proof, but of a computer program, so that people could use the program without being able to figure out how it worked?
The idea of “obfuscating” a program had been around for decades, but no one had ever developed a rigorous mathematical framework for the concept, let alone created an unassailable obfuscation scheme. Over the years, commercial software companies have engineered various techniques for garbling a computer program so that it will be harder to understand while still performing the same function. But hackers have defeated every attempt. At best, these commercial obfuscators offer a “speed bump,” said Sahai, now a computer science professor at the University of California, Los Angeles. “An attacker might need a few days to unlock the secrets hidden in your software, instead of a few minutes.”
Secure program obfuscation would be useful for many applications, such as protecting software patches, obscuring the workings of the chips that read encrypted DVDs, or encrypting the software controlling military drones. More futuristically, it would allow people to create autonomous virtual agents that they could send out into the computing “cloud” to act on their behalf. If, for example, you were heading to a remote cabin in the woods for a vacation, you could create and then obfuscate a computer program that would inform your boss about emails you received from an important client, or alert your sister if your bank balance dropped too low. Your passwords and other secrets inside the program would be safe.
“You could send that agent into the computing wild, including onto untrusted computers,” Sahai said. “It could be captured by the enemy, interrogated, and disassembled, but it couldn’t be forced to reveal your secrets.”
As Sahai pondered program obfuscation, however, he and several colleagues quickly realized that its potential far surpassed any specific applications. If a program obfuscator could be created, it could solve many of the problems that have driven cryptography for the past 40 years — problems about how to conduct secure interactions with people at, say, the other end of an Internet connection, whom you may not know or trust.
“A program obfuscator would be a powerful tool for finding plausible constructions for just about any cryptographic task you could conceive of,” said Yuval Ishai, of the Technion in Haifa, Israel.
Precisely because of obfuscation’s power, many computer scientists, including Sahai and his colleagues, thought it was impossible. “We were convinced it was too powerful to exist,” he said. Their earliest research findings seemed to confirm this, showing that the most natural form of obfuscation is indeed impossible to achieve for all programs.
Then, on July 20, 2013, Sahai and five co-authors posted a paper on the Cryptology ePrint Archive demonstrating a candidate protocol for a kind of obfuscation known as “indistinguishability obfuscation.” Two days later, Sahai and one of his co-authors, Brent Waters, of the University of Texas, Austin, posted a second paper that suggested, together with the first paper, that this somewhat arcane form of obfuscation may possess much of the power cryptographers have dreamed of.
“This is the first serious positive result” when it comes to trying to find a universal obfuscator, said Boaz Barak, of Microsoft Research in Cambridge, Mass. “The cryptography community is very excited.” In the six months since the original paper was posted, more papers have appeared on the ePrint archive with “obfuscation” in the title than in the previous 17 years.
However, the new obfuscation scheme is far from ready for commercial applications. The technique turns short, simple programs into giant, unwieldy albatrosses. And the scheme’s security rests on a new mathematical approach that has not yet been thoroughly vetted by the cryptography community. It has, however, already withstood the first attempts to break it.
Researchers are hailing the new work as a watershed moment for cryptography. For many cryptographers, the conversation has shifted from whether obfuscation is possible to how to achieve it.
The Latest on: Cryptography
via Google News
The Latest on: Cryptography
- WISeKey Drives Innovations in IoT Security with 23 Strategic Patents in the U.S.on February 17, 2020 at 10:00 pm
WISeKey drives innovations in IoT security with 23 strategic patents in the U.S. Geneva, Switzerland/New York, USA – 18 February – ...
- Inside the Quantum Race: Microsofton February 17, 2020 at 8:47 am
you have this need for compute." Quantum computing promises to solve problems that are constrained by existing standards of compute power, such as mapping the known universe, mitigating the effects of ...
- Can All Of Bitcoin Be Hacked?on February 16, 2020 at 3:39 am
Call it the singularity. One day, maybe a decade from now, a message flashes across the internet: “Elliptic curves cracked!” Elliptic curve cryptography, or ECC, is the foundation beneath bitcoin.
- Martin and Dorothie Hellman on Love, Crypto & Saving the Worldon February 15, 2020 at 4:08 am
Martin Hellman, co-creator of the Diffie-Hellman key exchange, and his wife of 53 years, Dorothie, talk about the current state of cryptography and what making peace at home taught them about making ...
- Quantum Cryptography Market Is Booming Worldwide 2020-2025: ID Quantique, SeQureNet, Quintessence Labson February 14, 2020 at 1:25 pm
Los Angeles, CA -- (SBWIRE) -- 02/14/2020 -- QY Research offers its latest report on the global Quantum Cryptography market that includes a comprehensive analysis of a range of subjects such as market ...
- ATIS Public Blockchain Cryptography Distributed Accounting May Rebuild User Beliefon February 11, 2020 at 7:21 pm
The real world is fragmented. In the face of diseases, climate, poverty, trade, economic crisis, and threats from outer space, human beings have a very weak ability to cooperate. In fact, the richer ...
- Understanding Elliptic Curve Cryptography And Embedded Securityon February 11, 2020 at 4:00 pm
That’s why a much much computationally expensive key exchange scheme using an asymmetric (or public-key) cryptography scheme is generally used to set up the second part of the communications ...
- Curv's Keyless Cryptography Brings a New Level of Security to Bitcoin Satoshi Vision (BSV)on February 10, 2020 at 12:15 am
Helping secure digital assets thanks to its keyless cryptography, Curv's wallet service is swiftly being adopted by exchanges, OTC desks, lenders, brokers, and traditional asset managers worldwide.
- Curv's Keyless Cryptography Brings a New Level of Security to Bitcoin Satoshi Vision (BSV)on February 9, 2020 at 11:00 pm
LONDON, Feb. 10, 2020 /PRNewswire/ -- Today, Bitcoin Association announced Bitcoin Satoshi Vision (BSV) will be fully supported by Curv's institutional digital asset security platform. Helping secure ...
- An Approach to Cryptography Based on Continuous-Variable Quantum Neural Networkon February 7, 2020 at 9:54 am
Specific model design for cryptography algorithm and the processes of secret-key generation, encryption and decryption with CV-QNN model are provided in this section.
via Bing News