Obfuscating program control flow with Intel SGX

Control flow obfuscation is a direct approach in protecting the confidentiality of program logic. However, existing works in this direction either failed to offer high confidentiality guarantees or incurred high performance overheads. In this paper, we propose CFHider, a high security and high performance control flow obfuscation technique. By leveraging program transformation and Intel Software Guard Extension (SGX) technology, CFHider hides control flow information to an opaque yet trusted execution environment, i.e., the SGX enclave. Our evaluation showed that, CFHider extensively raises the bar for reverse-engineering attacks targeting on the control flow confidentiality, and incurs a moderate performance overhead.