The February 2023 issue of IEEE Spectrum is here!

Close bar

Mathematical Obfuscation Against Hackers Is Focus of New Cybersecurity Center

Researchers hope obfuscation methods will protect software from hackers

2 min read
Mathematical Obfuscation Against Hackers Is Focus of New Cybersecurity Center
Photo: Jorg Greuel/Getty Images

Turning computer code into a kind of math puzzle may hold the key to protecting software from hackers. A consortium of universities developing the idea, called mathematical obfuscation, recently received a $5 million grant from the U.S. government as part of a broader cybersecurity initiative.

Researchers involved in the program, which received the obfuscated name of Center for Encrypted Functionalities, will work on encryption methods capable of masking or "obfuscating" the inner workings of computer programs. The goal is preventing any unwanted tampering with software by hackers looking for security flaws or trying to reverse engineer the program's capabilities.

Conventional programs require compilers that translate source code (which humans can understand) into machine code (which computers can execute). The obfuscation method adds extra steps to that translation process. It requires a special "obfuscating compiler" that breaks up the source code into encrypted chunks. 

This set of encrypted pieces form a kind of "mathematical jigsaw puzzle," as Amit Sahai, a professor of computer science at the University of California, Los Angeles, has described it. A verifier program would fit together the pieces to create a completed "puzzle" that tells the CPU how to produce the correct output. (See IEEE Spectrum’s “Scrambled Code Keeps Software Safe”.)

"We're doing a lot of the basic research on trying to understand how obfuscation works," said Susan Hohenberger, a professor of computer science at Johns Hopkins University, in a press release. "We're scrambling the code in a mathematical way so that you can run it, but you can't do anything but run it."

Researchers at UCLA and the University of Texas at Austin have already begun work with IBM Research on a version of mathematical obfuscation called indistinguishability obfuscation—a method for protecting code that could only be broken if attackers spent an impractical amount of time and resources. But the vast amount of computation required to create an obfuscated program means that this method is itself impractical today.

The new center, funded by the National Science Foundation, will attempt to change that. Participants include Johns Hopkins, UCLA, Stanford, UT Austin, and Columbia University. The effort represents just one small part of the NSF's $74.5 million Secure and Trustworthy Cyberspace initiative, which covers 225 cybersecurity projects.

The Conversation (0)

An IBM Quantum Computer Will Soon Pass the 1,000-Qubit Mark

The Condor processor is just one quantum-computing advance slated for 2023

4 min read
This photo shows a woman working on a piece of apparatus that is suspended from the ceiling of the laboratory.

A researcher at IBM’s Thomas J. Watson Research Center examines some of the quantum hardware being constructed there.

Connie Zhou/IBM

IBM’s Condor, the world’s first universal quantum computer with more than 1,000 qubits, is set to debut in 2023. The year is also expected to see IBM launch Heron, the first of a new flock of modular quantum processors that the company says may help it produce quantum computers with more than 4,000 qubits by 2025.

This article is part of our special report Top Tech 2023.

While quantum computers can, in theory, quickly find answers to problems that classical computers would take eons to solve, today’s quantum hardware is still short on qubits, limiting its usefulness. Entanglement and other quantum states necessary for quantum computation are infamously fragile, being susceptible to heat and other disturbances, which makes scaling up the number of qubits a huge technical challenge.

Keep Reading ↓Show less