I have a small scripting engine written which can run basic code. I want that if the user protects the code, then no one should be able to open the code except my program.
Now I found a link: http://www.codeproject.com/KB/aspnet/TamperProofQueryString.aspx which encrypts the code using Base64 encoding. It uses a key to encrypt and decrypt.
I was wondering how can I store the key in my app so that no one else comes to know. I do obfuscate my program so strings, etc. are not easily readable. That helps. Apart from using a variable and storing key in the EXE file itself. What other secure options do I have?
Is my logic of encrypting and decrypt开发者_Python百科ing using the method above secure? I want adequate security, maybe not a fantastic one.
Plus the benefit of the code above is it does not need to create a temporary file to decrypt it so that way the user can't search for temporary files or so.
I will be glad if anyone can provide valuable advice.
This question is asked over and over again. In brief, if your application has access to the key, you can make access to the key harder, but not impossible (on general-purpose hardware and software, at least). Even on closed and locked systems like gaming console private keys are sooner or later extracted from the hardware.
In brief: you want to offer the user some kind of software protection for pseudocode. This is the task that has not been reliably solved for native code and for interpreted code this task is probably even more complicated.
Good obfuscation of the key will drive away most not-very-skilled attackers. The simplest way to obfuscate the key is to use some text phrase of your program as a key. This makes operations with the key less obvious for an occasional lurker (professionals know different ways to find the encryption keys in the application).
Another problem is that user's code must be decrypted in order to be executed by your engine, right? And at this moment an average-skilled hacker can just capture the memory and pick the script from memory.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论