473,387 Members | 1,606 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > hiding crypto key sin an assemnly...

Join Bytes to post your question to a community of 473,387 software developers and data experts.

Hiding crypto key sin an assemnly...

Does anyone have any good ideas for hiding a DES key (byte array) from
prying eyes inside of an assembly or is obfuscation the only way?
Right now in my test code I am using a simple array of bytes for my key and
nit vector, but when I try the reflector tool to look at the assembly this
sticks out clear as daylight.

My first thought was to maybe embed a bitmap into the assembly as a resource
that has the bytes set as what I need then I can load the bitmap and read
the bytes from there.

Any other ideas?
Jul 21 '05 #1
3 1470
"Ray Cassick \(Home\)" <rc************@enterprocity.com> wrote in
news:#L**************@TK2MSFTNGP10.phx.gbl:
Does anyone have any good ideas for hiding a DES key (byte array) from
prying eyes inside of an assembly or is obfuscation the only way?


Obfuscation. But choose wisely, some of them are not very good.
--
Chad Z. Hower (a.k.a. Kudzu) - http://www.hower.org/Kudzu/
"Programming is an art form that fights back"

Empower ASP.NET with IntraWeb
http://www.atozed.com/IntraWeb/
Jul 21 '05 #2
Security through obscurity? Not a good idea. No matter where you hide the
key, it can be found. As soon as it's been found once, that information can
be passed around to compromise every single installation of your software.

What are you using the key for? With that information it will be easier for
people to provide good answers.

Colin

"Ray Cassick (Home)" <rc************@enterprocity.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
Does anyone have any good ideas for hiding a DES key (byte array) from
prying eyes inside of an assembly or is obfuscation the only way?
Right now in my test code I am using a simple array of bytes for my key and nit vector, but when I try the reflector tool to look at the assembly this
sticks out clear as daylight.

My first thought was to maybe embed a bitmap into the assembly as a resource that has the bytes set as what I need then I can load the bitmap and read
the bytes from there.

Any other ideas?

Jul 21 '05 #3
The key will be used for encrypting a license file.

I understand what you are saying though... I guess just the thoughts of
hading over my code to be mangled up (obfuscated) is still a bit hard to
take.
"Colin Young" <x@nospam.com> wrote in message
news:uo**************@TK2MSFTNGP11.phx.gbl...
Security through obscurity? Not a good idea. No matter where you hide the
key, it can be found. As soon as it's been found once, that information can be passed around to compromise every single installation of your software.

What are you using the key for? With that information it will be easier for people to provide good answers.

Colin

"Ray Cassick (Home)" <rc************@enterprocity.com> wrote in message
news:%2****************@TK2MSFTNGP10.phx.gbl...
Does anyone have any good ideas for hiding a DES key (byte array) from
prying eyes inside of an assembly or is obfuscation the only way?
Right now in my test code I am using a simple array of bytes for my key

and
nit vector, but when I try the reflector tool to look at the assembly this sticks out clear as daylight.

My first thought was to maybe embed a bitmap into the assembly as a

resource
that has the bytes set as what I need then I can load the bitmap and read the bytes from there.

Any other ideas?


Jul 21 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
memory Stream crypto bug ?
by: Stu | last post by:
Hi, Im reading a file in from disk as a byte array then passing it to a memory stream for decryption using crypto api functions. What I have found is that you need to reduce the array length by 2...
.NET Framework
4
hiding #define and const string value
by: sam | last post by:
Hi, Is there any way I can prevent people use some binary disambler (eg. strings in unix) to view the const string value in a compiled C++ program? Sam.
C / C++
2
Better crypto hash functions, long, with code
by: Bryan Olson | last post by:
The current Python standard library provides two cryptographic hash functions: MD5 and SHA-1 . The authors of MD5 originally stated: It is conjectured that it is computationally infeasible to...
Python
6
Crypto.Cipher.ARC4, bust or me doing something wrong?
by: Michael Sparks | last post by:
Hi, I suspect this is a bug with AMK's Crypto package from http://www.amk.ca/python/code/crypto , but want to check to see if I'm being dumb before posting a bug report. I'm looking at...
Python
13
Is there any asymmetric crypto API to allow decrypting a message but not encrypting it?
by: Andy Chau | last post by:
I try to use RSA to implement the following scheme but wasn't sucessful. Sever encrypt a message using a public key, the client decrpyt the message using a private key. I don't want the client...
C# / C Sharp
3
Hiding crypto key sin an assemnly...
by: Ray Cassick \(Home\) | last post by:
Does anyone have any good ideas for hiding a DES key (byte array) from prying eyes inside of an assembly or is obfuscation the only way? Right now in my test code I am using a simple array of...
.NET Framework
5
Crypto++5.4
by: vermarajeev | last post by:
Hi guys, I want to encrypt/decrypt a file with AES in CTR mode using crypto++ library. To encrypt a file using AES in CTR mode the solution is something like this int CRYPTOPP_API...
C / C++
2
perl script to crypto++
by: vermarajeev | last post by:
Hi guys, I have written code to encrypt and decrypt files using perl script. Please help me to port below code to crypto++ library. //ENCRYPTION my $cipher = Crypt::CBC->new( -cipher =>...
Perl
12
Can anyone suggest a good crypto package?
by: Fett | last post by:
I need a crypto package that works on windows with python 2.5. Can anyone suggest one for me? I have been searching for a couple days for a good cryptography package to use for public/private...
Python
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!