These two pieces of C code produce identical results.
Obfuscation isn’t perfect but then no security technique is perfect. The main issue with obfuscation is that it is potentially vulnerable to reverse engineering. Reverse engineering good obfuscation takes time and specialist knowledge and that obfuscation doesn’t stand on its own but adds to the other security defenses of the system. If the overall reverse engineering effort can be shown to be higher than the value of the material the system is guarding then it has useful security. Obfuscation adds significantly to the more standard defenses and can be enough to tip that “attack cost vs potential reward” balance away from the attacker.
Interestingly, many operating systems make use of a limited form of obfuscation called ALSR. ASLR is used to prevent an attacker from making unauthorized function calls inside the code.
TrustZone Technology Based Isolation
Let’s take it up a notch. There are two issues with MMU isolation:
One – Rich operating systems are BIG
The point of a rich operating system is not to provide security. It is to provide a massive range of features while trying to keep the environment secure. Feature richness is the driving goal.
The feature pressure leads to operating systems requiring massive amounts of codes and even when the MMU provides isolation, that code still needs to communicate.
More code = more communication = more likelihood of errors in the layers of gatekeepers. Errors that will unintentionally bypass the isolation.
Two – Hardware Systems are not simple anymore.
One way of looking at the problem with MMU’s is that the access control (stopping access to assets like code/secret data/key data) occurs near the Core. This means OTHER Cores and Bus Masters may be used to bypass the isolation and access control.
To solve these issues, Arm introduced Arm® TrustZone® technology:
- Starting in 2004 with their Arm1176JZ-S™ processor.
- Included in all their A-Class (apps) designs since then.
- Arm recently started introducing it in their M-Class, IoT focused cores.
TrustZone + TEE techniques put the access control at the peripheral or memory and separate its management form system design and software not focused on security.