Versions Compared

Old Version 1

changes.mady.by.user Timofey Matrenitskiy

Saved on

compared with

New Version 2

changes.mady.by.user Timofey Matrenitskiy

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the event when the tie is done to Sign or Time dongle use ECC160 asymmetric algorithm operating option. Whereas, random data will be generated and signed by a digital signature on elliptic curves directly in the dongle in the course of operating the protected application. Later the signature will be verified by Guardant API function, protected by pseudo code, traffic encryption and other protection mechanisms.

 

 

...

.NET applications (Framework 2.0 – 4.0)

Use the symbol obfuscator and MSIL-code protection utility. It is also reasonable to use the following options:

  • Symbol obfuscation. It allows obfuscating the application code, which when coupled with other measures significantly increases the level of application protection. Use the obfuscation for all *.exe and *.dll assemblies in the application, except for the third-party applications and applications signed by digital signature. 
  • String encryption. Ties the obfuscated application to the Guardant dongle and encrypts the string constants in the protected assemblies. It is recommended to use this option if there are no logical elements, significantly depending on the speed of string constants.
  • When the public interface obfuscation optionis used a complete obfuscation of all the assembly occurs. However be careful, the use of this option is possible only with the looped system (all assemblies are obfuscated in one session and no methods of obfuscated assemblies from other applications are not used). In most of the cases it is safe to conduct the obfuscation of public interfaces for exe-assemblies (except for the cases of using the Reflection technology on the assembly itself or exporting types for other applications).
  • Use the exclusions file. Use ExclusionUtility.exe utility in the Developers’ Kit to generate this file. Generally, the developer needs to have a clear understanding of types, methods and properties that need to be included as exclusions for the symbol obfuscator. As a rule, these are all the language elements that can be used from within. You should pay attention to the use of Serialization, Reflection, Data Binding technologies.

 

You have to remember the following when using the MSIL-code automatic protection utility: 

  • Wisely use the option indicating the percentage of protected methods. The large and more complex the protected application, the less is the necessity to indicate the percent. Generally, you may set 100 percent for the most simplistic assemblies not sensitive to the execution speed, containing 2-3 types with 10-15 methods each. For large projects the % should be lowered to 10.
  • Do not protect assemblies, types and methods sensitive to the execution speed. Remember that MSIL-code transfer to the encryption area and execution of it on a virtual machine may in some cases slow down its execution (especially during the first call). Further calls may also incur some overheads, therefore, the less the size of the method, the more obvious is the execution speed loss.
  • Use the option and utility for setting exclusions. Exclude from protection all small methods not containing logic and holding commercial value.
  • When working together with symbol obfuscator you need to use MAP-file creation option (see Of the present documentation for details).
  • Exclude all language elements based on asynchronous data transfer. MSIL-code protection of such elements may lead to unpredictable results.