0

I have an assembly that does some "magic" calculation, conversion and cryptography stuffs that should be used only from other assemblies of mine. Note that these assemblies have to be installed on the customer machine and so a malicious attacker has local access to them. Is there a secure way to achieve this? I think I've looked at almost everything from cas, strong name signing, windows srp, obfuscation, InternalToVisible attribute, internalize with ILMerge and so on. The problem of these approach is that they aren't completely secure if an attacker has local access to my "magic assembly". Do you have any advice for me? Is there anything else to do from Microsoft side? Thanks in advance.

Jens Björnhager
  • 5,632
  • 3
  • 27
  • 47
Cando
  • 3
  • 1
  • 4
  • 3
    Once an attacker has the source code to your assemblies there is nothing much you can do. Any assembly can be disassembled, spied on and debugged to figure out how it works and disable any protection you have in place. If you need to secure sensitive "magic" stuff consider moving it online. This was you can control who uses your assemblies and only you have the code in question. – Marko Mar 13 '14 at 19:02

2 Answers2

3

Essentially, no. If code on the local machine can be run by one process, it can be run by any process with access the the assemblies' data. There are various ways to make it difficult but not impossible. If an attacker has access to the machine and time, you can't prevent access.

There is one way to protect yourself: don't have the code on the local machine

  1. provide a remote service and call it
  2. provide the software on a hardware dongle
  3. use hardware encryption (like Trusted Platform Module)

Specifically for SQL connections, you could use an externally trusted connection -- like Active Directory or Kerberos. Most enterprise Sql Servers will support this. It will require your users to 'log in' to your app, but .Net supports protecting credentials in RAM

Iain Ballard
  • 4,433
  • 34
  • 39
  • Thanks for your answer. Let me explain a bit more my problem: i need to protect a connection string to a database from malicious eyes. the problem is that an assembly of mine have to access this information to connect to the db. How can i make this information accessible only to my assemblies? My current solution is to use another assembly that does some encryption and decryption and exposes an api for this. A remote service is not an option. What else can i do? The big problem imho is that i have to store the secret with the key on the same local machine. – Cando Mar 13 '14 at 19:39
  • You could use an externally trusted connection, like Active Directory or Kerberos. Most enterprise Sql Servers will support this. It will require your users to 'log in' to your app, but .Net supports protecting credentials in RAM – Iain Ballard Mar 13 '14 at 19:57
1

CanYou can try to investingate callstack How can I find the method that called the current method? and limit call to assemblies you want. I'm not a security guy but I thnik this scenerio is a bit strange, and solution to your problem may not be the thing you're currently asking for. Did you define what vulnerable data your client will have?

Community
  • 1
  • 1
wiero
  • 2,176
  • 1
  • 19
  • 28
  • a determined attacker can either manipulate the callstack to make it appear to be something that would pass this check, or it could simply remove the given check from the compiled code. – Servy Mar 13 '14 at 19:14
  • @wiero thanks for your answer. See my comment on the first answer. – Cando Mar 13 '14 at 19:40