Hi:

I have a component, which encrypts and decrypts the data. There are public
key and private keys in code. If user uses "ildasm" tool to view the
contents of the component. The public and private keys are visible. How
can i restrict the user to use ildasm tool on my assembly. My aim is, user
shouldn't see the private key. I did obfuscating, all the method names,
variables names (and so on..) changed, but the hard coded values (private
key)
is not encrypted (obfuscated). I think with obfucation, hard coded values
won't be
obfuscated. Any other idea?.

Thanks in advance.

- Prasad.

How about using something tricky like a filedate as a key to encrypt the
encryption keys? Then you can change the date on the file to match whatever
the filedate you used was and run make the decrypt read the keys using that
date at runtime?

It's not the most secure, but it makes somebody work a bit harder, at least.
For instance, you could put this value in a global variable somewhere to
make it harder to figure out where it came from, maybe even do some zero sum
arithmetic on it to throw them off the scent a bit. Anyway you look at it,
somebody's going to be able to figure it out (just as they would be able to
if it were a "real" EXE with x86 instructions), all you can do is make it
harder.

Kelly

"Prasad" <paileni (AT) vertexcs (DOT) com> wrote