1 comments

  • stouset 35 minutes ago
    I’m reasonably familiar with cryptography but the formalism of obfuscation given here makes no sense to me.

    > The precise formalism typically used, indistinguishability obfuscation, says that if you are given obfuscations of two different programs that have the same functionality, you can't tell which is which.

    This seems… not that useful? A sufficiently advanced optimizing compiler would be capable of transforming two input programs with identical functionality into one or the other, or both into some third representation. Either approach meets this criteria but doesn’t seem to me to provide any useful purpose.

    And in practice, do two identically-functioning but different programs even exist in the wild? Two superficially identical programs of nontrivial complexity will almost certainly have divergent behavior somewhere (bugs, edge cases), at which point this formalism becomes moot.

    • some_furry 9 minutes ago
      A friend once explained to me that the general goal of iO is basically DRM but with an inverted power dynamic: Imagine being able to deploy containers to cloud providers (AWS, GCP, etc.), whereby the Cloud provider cannot see what software you are running. Even if the government commanded them to do so. That's how I understand it, informally.

      The formalisms of "indistinguishability" in the blog posts are indeed weird.

      Some security proofs argue that an attacker cannot distinguish between some plaintext and a string of NUL bytes of the same length being encrypted just by observing ciphertexts. That seems to be what Vitalik is, vaguely, gesturing towards?

      (I'm not affiliated with the author or any of their numerous projects, so take my remarks with an appropriate dose of salt.)