Professor Clark Thomborson,
Computer Science Department, University of Auckland

Five Decades of Software Obfuscation: A Retrospective

We romp through the history of software obfuscation, providing non-technical explanations of key events in each decade. In the 1970s, obfuscation was an elite sport played by overly-clever programmers who hid undocumented features in system software. In the 1980s, obfuscation was a competitive sport in The International Obfuscated C Code Contest, and white-hat analyst Fred Cohen designed self-obfuscating viruses which would evade detection. In the 1990s, obfuscation was a dark-side tool for malware designers, and white-hat inventors produced patentable art for use in the commercial sector. The 2000s was a decade of consolidation: some potent obfuscation methods were released in an open-source software suite, the first commercial vendor of obfuscation services became profitable, and Boaz Barak received a Turing Award for proving that a general-purpose software obfuscator cannot exist. In this decade, most smartphone apps are lightly obfuscated, and obfuscation theorists are hoping to construct a provably-secure restricted-purpose obfuscation method.


Clark has been a professor of computer science at the University of Auckland since 1996, when he emigrated to New Zealand. He received the PhD degree in computer science in 1980 from Carnegie Mellon University, under his birth name Clark Thompson. He has held academic positions at the U of Minnesota-Duluth, UC Berkeley and MIT. He has several years of work experience as a software/hardware systems integrator in the private sector. For the first two decades of his research career, he focussed on performance issues for computer systems. Since the late 1990s, most of his research effort has been devoted to improving the security and privacy of computer systems. His patented methods for software obfuscation (US 6668325, co-inventors Collberg and Low) entered the public domain in June 2017.

Professor Tsutomu Matsumoto,
Yokohama National University, Japan.

Identity of Things: Nano Artifact Metrics Using Silicon Random Nanostructures

Nano-artifact metrics exploit unique physical attributes of nanostructured matter for authentication and clone resistance, which is vitally important in the age of Internet-of-Things where securing identities is critical. We demonstrate nano-artifact metrics based on silicon nanostructures formed via an array of electron-beam-lithography resist pillars that randomly collapse.

There are several ways to utilize such nanostructures. Our first system [1] is based on scanning electron microscopy to capture the nanostructure having extremely fine-scale morphology with a minimum dimension below 10 nm, which is less than the resolution of current lithography capabilities. Although an expensive and huge experimental apparatuses is required, the system has remarkable accuracy with respect to false non-match, false match and clone-match rates.

Our second system [2] adopts an optical approach to characterize the nanoscale-precision signatures of silicon random structures towards realizing low-cost and high-value information security technology. Unique and versatile silicon nanostructures are generated via resist collapse phenomena, which contains dimensions that are well below the diffraction limit of light. We exploit the nanoscale precision ability of confocal laser microscopy in the height dimension; our experimental results demonstrate that the vertical precision of measurement is essential in satisfying the performances required for artifact metrics. Furthermore, by using state-of the-art nanostructuring technology, we experimentally fabricate clones from the genuine devices. We demonstrate that the statistical properties of the genuine and clone devices can be successfully exploited in artificially-constructed solid-state nanostructures. These findings pave the way for reasonable and yet sufficiently secure novel principles for hardware security based on silicon random nanostructures.

[1]     Matsumoto, T. et al. Nano-artifact metrics based on random collapse of resist. Sci. Rep. 4, 6142; DOI: 10.1038/srep06142 (2014).
[2]     Matsumoto, T. et al. Optical nano artifact metrics using silicon random nanostructures. Sci. Rep. 6, 32438; DOI: 10.1038/srep32438 (2016).


Matsumoto is a professor of Information and Physical Security at the Yokohama National University in Japan. He received his PhD degree in Doctor of Engineering in 1986 from The University of Tokyo. He has been working with organizations like Center for Future Medical Social Infrastructure Based on Information Communications Technology in Japan.