How to obfuscate a key for an encryption function?

Question

How to obfuscate a key for an encryption function?

If the encryption function requires a key, how do you obfuscate the key in your source so that decompilation does not detect the key and thereby allow decryption?

+3

cryptography encryption obfuscation decompiling

Cj7 May 24 '12 at 4:56

source share

2 answers

Eugene Mayevski 'Allied Bits · Answer 1 · 2012-05-24T05:28:52+0000

The answer is highly dependent on the platform and development tool, but overall there is no reliable solution. The encryption function is the point at which the key must be present in its "natural" form. Thus, all the hacker needs is to set a breakpoint and reset the key. There is no need to even decompile anything. Therefore, any obfuscation is good only for beginners or when debugging is not possible for any reason. Using the text string that exists in the application, since the key is one of the options.

, , . (, IMEI) . , , (, - ).

, , , .

, - . , (USB- -) - . , .

kevp · Answer 2 · 2012-05-24T05:09:26+0000

.NET. app/web.config, , .

http://www.dotnetprofessional.com/blog/post/2008/03/03/Encrypt-sections-of-WebConfig-or-AppConfig.aspx

How to obfuscate a key for an encryption function?

More articles: