|
|
|
|
|
|
by woojoo666
1434 days ago
|
|
|
It seems like the popular sentiment here is that not only will client-side programs continue to be crackable, but even server backends too. I posit the opposite. In the future, it will be impossible (in many cases) to crack even client-side applications. Reverse engineering and de-obfuscation are a cat and mouse game. However it's been proven that it's possible to obfuscate a program such that it's effectively impossible to deobfuscate. This is called indistinguishable obfuscation [1]. Basically like encrypting a program. And even though current implementations are impractical, I'm sure it will get better. [1]: https://en.m.wikipedia.org/wiki/Indistinguishability_obfusca... |
|
|
- FHE-based implementation of whatever function you want to hide, say, a DRM circuit that sends your TV the symmetric key to a movie if you give it the TV's chained certificate along with a token proving you rented it.
- shortened zk-SNARK proof that you evaluated the FHE circuit correctly.
- simple (iO) obfuscated gadget that decrypts and returns the output of the FHE circuit only if 1) the FHE message says evaluation completed and 2) the zk-SNARK proof checks out; otherwise, return random garbage.
in order for this to work, the gadget must have enough entropy in its class of alternative obfuscations, that you can't distinguish it. but what I'm not sure about is, you still can distinguish the gadget from one that simply always outputs garbage. I don't know how you can prove that reverse-engineering a given iO circuit is infeasible. I just don't have the first clue. Help?