C Source code Obfuscation using Hash Function and Encryption Algorithm

https://doi.org/10.22146/ijccs.86118

Sarah Rosdiana Tambunan(1*), Nur Rokhman(2)

(1) Master Program in Computer Science, FMIPA UGM, Yogyakarta
(2) Department of Computer Science and Electronics, FMIPA UGM, Yogyakarta
(*) Corresponding Author

Abstract


Obfuscation is a technique for transforming program code into a different form that is more difficult to understand. Several obfuscation methods are used to obfuscate source code, including dead code insertion, code transposition, and string encryption. In this research, the development of an obfuscator that can work on C language source code uses the code transposition method, namely randomizing the arrangement of lines of code with a hash function and then using the DES encryption algorithm to hide the parameters of the hash function so that it is increasingly difficult to find the original format. This obfuscator is specifically used to maintain the security of source code in C language from plagiarism and piracy. In order to evaluate this obfuscator, nine respondents who understand the C programming language were asked to deobfuscate the obfuscated source code manually. Then the percentage of correctness and the average time needed to perform the manual deobfuscation are observed. The evaluation results show that the obfuscator effectively maintains security and complicates the source code analysis.


Keywords


Obfuscator; source code; hash

Full Text:

PDF


References

[1]

S. Lipner, "Security and Source Code Access: Issues and Realities," in IEEE Xplore, 2014.

[2]

A. Ivanovski and T. Stojanovski, "Software protection using obfuscation," 2010.

[3]

C. Beheraa and L. Bhaskari, "Different Obfuscation Techniques for Code Protection," 2015.

[4]

J. Schneider and T. Locher, "Obfuscation using Encryption," 2016.

[5]

P. Faruki, H. Fereidooni, V. Laxmi, M. Conti and M. Gaur, "Android Code Protection via Obfuscation Techniques: Past, Present and Future Directions," 2016.

[6]

L. Durfina and D. Kolar, "C Source Code Obfuscator," 2012.

[7]

R. C. E. Frank and P. P. A. Koay, "Embedding Java Classes with code2vec: Improvements from," in International Conference on Mining Software Repositories (MSR), Hamilton, New Zealand, 2020.

[8]

X. Wang and H. Yu, "How to Break MD5 and Other Hash Functions," in Advances in Cryptology – EUROCRYPT , 2005.

[9]

W. Stallings, Cryptography and Network Security, Pearson, 2017.

[10]

A. W. Appel, "Verification of a Cryptographic Primitive: SHA-256," in ACM Transactions on Programming Languages and Systems, 2015.

[11]

Nable, "Security - SHA-256 Algorithm Overview," 12 September 2019. [Online]. Available: https://www.n-able.com/blog/sha-256-encryption#:~:text=SHA%2D256%20is%20a%20patented,as%20long%20as%20when%20unencrypted..

[12]

J.-P. Aumasson, S. Neves, Z. O’Hearn and C. Winnerlein, "BLAKE2: Simpler, Smaller, Fast as MD5," in International Conference on Applied Cryptography and Network Security, Canada, 2013.



DOI: https://doi.org/10.22146/ijccs.86118

Article Metrics

Abstract views : 1444 | views : 951

Refbacks

  • There are currently no refbacks.




Copyright (c) 2023 IJCCS (Indonesian Journal of Computing and Cybernetics Systems)

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.



Copyright of :
IJCCS (Indonesian Journal of Computing and Cybernetics Systems)
ISSN 1978-1520 (print); ISSN 2460-7258 (online)
is a scientific journal the results of Computing
and Cybernetics Systems
A publication of IndoCEISS.
Gedung S1 Ruang 416 FMIPA UGM, Sekip Utara, Yogyakarta 55281
Fax: +62274 555133
email:ijccs.mipa@ugm.ac.id | http://jurnal.ugm.ac.id/ijccs



View My Stats1
View My Stats2