funsec mailing list archives
Re: Obfuscation = cryptography?
From: Valdis.Kletnieks () vt edu
Date: Tue, 04 Feb 2014 15:49:27 -0500
On Mon, 03 Feb 2014 16:28:28 -0800, "Rob, grandpa of Ryan, Trevor, Devon & Hannah" said:
OK, I'll admit that the math in this type of paper is completely beyond me. http://www.wired.com/wiredscience/2014/02/cryptography-breakthrough/ But, hasn't he, or any of his friends, paid any attention to malware in the past two decades? There is plenty of obfuscation out there. (Most of it does what his program does: turn little programs into bloated monsters.)
The guy's an academic. He's focusing on what's theoretically possible, not what makes sense out in the real world. Two main reasons it will never fly: 1) The performance hit. It will *by definition* be excessive for production use - because if it was cheap (say, a 2X to 10X hit), it would be easy to reverse engineer (note that we *can* RE the current class of obfuscated malware). 2) The debugging hit. It's hard enough to figure out why software crapped out - this would make it even harder.
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Obfuscation = cryptography? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Feb 03)
- Re: Obfuscation = cryptography? Valdis . Kletnieks (Feb 04)
- Re: Obfuscation = cryptography? Nick FitzGerald (Feb 04)
- Re: Obfuscation = cryptography? Valdis . Kletnieks (Feb 04)