Protecting Visual Basic.NET Source Code and Applications
With this article, I will explain Obfuscation, Cryptography, and technologies used to protect your Visual Basic.NET applications, once distributed.
Obfuscation is the process of scrambling the symbols, code, and data of a program to prevent reverse engineering. Obfuscation tools mangle symbols and rearrange code blocks to foil decompiling. They also may encrypt strings containing sensitive data. It’s important to understand that obfuscators (as they exist today) can’t completely protect your intellectual property. Because the code is on the client machine, a really determined hacker with lots of time can study the code and data structures enough to understand what’s going on. Obfuscators do provide value in raising the bar, however, defeating most decompiler tools and preventing the casual hacker from stealing your intellectual property. They can make your code as difficult to reverse engineer as optimize native code.
When a well-written obfuscator tool goes to work on readable program instructions, a likely side effect is that the output will not only confuse a human interpreter, it will break a decompiler. While the forward (executable) logic has been preserved, the reverse semantics have been rendered non-deterministic. As a result, any attempt to reverse-engineer the instructions to a ‘programming dialect’ like C# or VB will likely fail because the translation is ambiguous. Deep obfuscation creates a myriad of decompilation possibilities, some of which might produce incorrect logic if recompiled. The decompiler, as a computing machine, has no way of knowing which of the possibilities could be recompiled with valid semantics. Humans write and employ decompilers to automate decompilation algorithms that are too challenging for the mind to follow. It is safe to say that any obfuscator that confuses a decompiler will pose even more of a deterrent to a less-capable human attempting the same undertaking.
Methods used in obfuscating code
- String Encryption
- Control Flow Obfuscation
- Enhanced Overload Induction
- Incremental Obfuscation
Available Obfuscation Tools
Encryption is the process of translating plain text data (known as plaintext) into something that appears to be random and meaningless (known as ciphertext). Decryption is the process of converting ciphertext back to plaintext.
To encode plaintext, an encryption key is used to impose an encryption algorithm onto the data. To decode cipher, a user must possess the appropriate decryption key. A decryption key consists of a random string of numbers, from 40 through 2,000 bits in length. The key imposes a decryption algorithm onto the data. This decryption algorithm reverses the encryption algorithm, returning the data to plaintext. The longer the encryption key is, the more difficult it is to decode. For a 40-bit encryption key, over one trillion possible decryption keys exist.
There are two primary approaches to encryption: symmetric and public-key. Symmetric encryption is the most common type of encryption and uses the same key for encoding and decoding data. This key is known as a session key. Public-key encryption uses two different keys, a public key and a private key. One key encodes the message and the other decodes it. The public key is widely distributed while the private key is secret.
Cryptography is a way to encrypt and decrypt data. By encrypting data you are protecting your data from other curious users who would like to know the data that is present. If you want to conceal chunks of data, such as connection strings or data written to a database or XML file, you could use Cryptography.
Classes used with Cryptography
Whether you want to protect your source code or not, is up to you at the end of the day, but hopefully you saw that there’s much more to just writing programs, and I will advise you to consider ways in which you can protect your source codes.