Obfuscation of computer programs has historically been approached either as a practical but \textit{ad hoc} craft to make reverse engineering subjectively difficult, or as a sound theoretical investigation unfortunately detached from the numerous existing constraints of engineering practical systems. In this paper, we propose \textit{instruction decorrelation} as a new approach that makes the instructions of a set of real-world programs appear independent from one another. We contribute: a formal definition of \textit{instruction independence} with multiple instantiations for various aspects of programs; a combination of program transformations that meet the corresponding instances of instruction independence against an honest-but-curious adversary, specifically random interleaving and memory access obfuscation; and an implementation of an interpreter that uses a trusted execution environment (TEE) only to perform memory address translation and memory shuffling, leaving instructions execution outside the TEE. These first steps highlight the practicality of our approach. Combined with additional techniques to protect the content of memory and to hopefully lower the requirements on TEEs, this work could potentially lead to more secure obfuscation techniques that could execute on commonly available hardware.

翻译：程序混淆在历史上要么被视为一种实用但临时的技艺，旨在主观上增加逆向工程的难度，要么被视为一种严谨的理论研究，但不幸地与工程实际系统中的众多约束脱节。在本文中，我们提出指令去相关作为一种新方法，它使得一组真实世界程序的指令彼此之间显得相互独立。我们的贡献包括：为程序的不同方面提供了多种具体实例的指令独立性形式化定义；一系列程序变换的组合，这些变换针对诚实但好奇的对手满足相应的指令独立性实例，具体包括随机交织和内存访问混淆；以及一个解释器的实现，该解释器仅使用可信执行环境（TEE）来执行内存地址转换和内存重排，而将指令执行留在TEE之外。这些初步步骤凸显了我们方法的实用性。结合额外的技术来保护内存内容并有望降低对TEE的要求，这项工作可能催生出更安全的混淆技术，并有望在普遍可用的硬件上执行。