Tim Blazytko
Tim Blazytko is a well-known binary security researcher and co-founder of emproof. After working on novel methods for code deobfuscation, fuzzing and root cause analysis during his PhD, Tim now builds code obfuscation schemes tailored to embedded devices. Moreover, he gives trainings on reverse engineering & code deobfuscation, analyzes malware and performs security audits.
Session
From gaming anti-cheat and DRM solutions to malware, Mixed Boolean-Arithmetic (MBA) obfuscation hides critical computations behind intricate Boolean and arithmetic transformations. In this talk, we demystify how these transformations are constructed and why they turn even simple code into a reverse-engineering nightmare. We then examine recent breakthroughs in algebraic and synthesis-based methods—--like QSynthesis, msynth, and Goomba---revealing both their strengths and shortcomings for real-world deobfuscation scenarios. Next, we introduce a new Binary Ninja plugin that uses a combination of SSA-based slicing & synthesis to systematically simplify MBA computations, showcasing its reliability and effectiveness in real-world protection scenarios. Finally, we discuss the future of MBA research, highlighting how these emerging techniques continue to dismantle once-impenetrable defenses.