Security Encyclopedia


Data obfuscation is the process of hiding original data with modified content such as characters or other data. This process is used to safeguard information classified as personally identifiable information (PII) or other sensitive data (e.g. commercially competitive). Data obfuscation is sometimes called data masking or the beclouding of data.

Data obfuscation seeks to make the underlying information unclear, thereby making it more difficult to alter or copy. Obfuscating data, similar to encoding it, can be reversed if the person accessing it has the algorithm used to make the transformation. Obfuscation does not require a key and indeed it can be manually undone, albeit sometimes with considerable effort.

The trusted computing provider Intertrust Technologies identifies the following forms of source code obfuscation:

  • Data Transformation
  • Code Flow Obfuscation
  • Address Obfuscation
  • Regular Renewal of Obfuscated Code
  • Objective-C Message Call and Metadata Obfuscation
  • Obfuscation of Assembly Code Instructions
  • Obfuscating Debug Information


"The source code for proprietary software is almost guaranteed to be obfuscated since product duplication is rampant in the technology sector. This is especially when dealing with jurisdictions where intellectual property rights are lacking."