Sunday, April 20, 2008

Compilation, obfuscation, encryption

It's interesting that we tend to use compilation as a proxy for encryption. It seems to me it would help clarify the system design of a language semantics and architecture if you separate the concerns of code ownership with performance. Compilation is primarily used to cache the transformation of one semantics into another--a partial evaluation of an interpreter. Using this as a weak encryption mechanism is pretty silly. If you want to encrypt program source, why not use real encryption? That way you can use whatever representation of the code you want; source, byte-code, microcode, whatever.


steck said...

I think the encryption factor is just a happy coincidence. I can't easily determine the source code that produced the executables from the executables themselve on my Linux laptop, but I can get the sources easily. That's not true for the Windows executables on my laptop, and Microsoft likes it that way.

Some have claimed that my source code is self-encrypting. :-)

-- Paul

jpc said...

The programmers you talk about don't want encryption but hashing. Every encryption is two way and if the user can run your bytecode he can read it too. He can read your binary as well but this as hardly any resemblance to the code the programmer wrote (compared to a high level bytecode like Python's).