Skip to Main content Skip to Navigation
Conference papers

Formal Verification of Control-flow Graph Flattening

Sandrine Blazy 1 Alix Trieu 2
1 CELTIQUE - Software certification with semantic analysis
Inria Rennes – Bretagne Atlantique , IRISA-D4 - LANGAGE ET GÉNIE LOGICIEL
Abstract : Code obfuscation is emerging as a key asset in security by obscurity. It aims at hiding sensitive information in programs so that they become more difficult to understand and reverse engineer. Since the results on the impossibility of perfect and universal obfuscation, many obfuscation techniques have been proposed in the literature, ranging from simple variable encoding to hiding the control flow of a program. In this paper, we formally verify in Coq an advanced code obfuscation called control-flow graph flattening, that is used in stateof-the-art program obfuscators. Our control-flow graph flattening is a program transformation operating over C programs, that is integrated into the CompCert formally verified compiler. The semantics preservation proof of our program obfuscator relies on a simulation proof performed on a realistic language, the Clight language of CompCert. The automatic extraction of our program obfuscator into OCaml yields a program with competitive results.
Document type :
Conference papers
Complete list of metadata

Cited literature [18 references]  Display  Hide  Download
Contributor : Sandrine Blazy <>
Submitted on : Friday, May 27, 2016 - 11:29:50 AM
Last modification on : Thursday, January 7, 2021 - 4:18:44 PM


Files produced by the author(s)



Sandrine Blazy, Alix Trieu. Formal Verification of Control-flow Graph Flattening. Certified Proofs and Programs (CPP 2016), Jan 2016, Saint-Petersburg, United States. pp.12, ⟨10.1145/2854065.2854082⟩. ⟨hal-01242063⟩



Record views


Files downloads