| |
Encryption
vs Obfuscation
CrypKey incorporates
encryption rather than obfuscation, which is the most effective way
to achieve data security and the only way to protect the root source
code.
Various competitors
offer obfuscation as the primary way to deter unauthorized software
usage; however, none of these companies provide any level of encryption,
which CrypKey believes is superior to obfuscation when it comes to protecting
.NET applications.
What
is Obfuscation?
While encryption
is often compared to obfuscation, the goals of each are different. Here
are the purposes and key differences between them.
| Obfuscation |
Encryption |
| Definitions |
|
- a lossy,
one-way transformation of data; most obfuscating transforms
cannot be undone because they are one-way transformations
- lossy compression
reduces a file by permanently eliminating certain, especially
redundant information; when a file is uncompressed, only a part
of the original information is still there, although the user
may not notice it
|
- a lossless,
two-way transformation that provides strong protection for hiding
data or executable code
- with lossless
compression, every bit of data originally in a file remains
after the file is uncompressed
|
| Purpose |
|
- prevents
recompilation of software code
- goal is
to destroy relationships that exist between compiled and source-code
versions of code
|
- protects
against reverse engineering
|
| How
it Works |
|
- accepts
a source file and generates another functionally equivalent
source file that is much harder to understand or reverse engineer
- deletes
comments, removes neat indention and white space and encodes
constants in unreadable ways.
- renames
identifiers in source from their original self-explanatory names
to meaningless terms that convey no information
|
- utilizes
password or key to hide data from those without access to the
key
|
| Pros
and Cons |
|
- requires
no changes to compilation or execution procedures or environment
- does not
prevent reverse engineering by very determined opponents; with
sufficient persistence and know-how can be circumvented
|
- stronger
than obfuscation
- cannot
be circumvented
|
|
|
