Quote:
Originally Posted by Nathan.eth0
Is there a way to hide my encryption key in another way, other than hard-coding it?
|
Yes, you can "hide" it in many ways[*], but it is still easily discovered: Just run your program in a debugger or emulator, stop it just before it starts the encryption, and read the key from the key buffer. The encryption routines are quite easy to find even from disassembly, since they look nothing like ordinary code, so this is not at all that difficult one might think.
You can rewrite the encryption algorithm to not hold the key in a buffer, but that is at least an order of magnitude more difficult -- and even then, the entire encryption code and all data it refers to can be lifted as-is, and used by somebody else.
I don't know if this is feasible for you, since I don't know what you actually do with the key, but I'd recommend a fundamentally different approach: use a public key encryption algorithm. That way encryption and decryption use different keys.
For example, if you wanted to store an unique serial number in your application, you would store two copies of it, encrypted using a public key algorithm, within the code as constants, and use two totally different keys. The decryption keys for the serial numbers would be stored in plain view also. Your program would use the decryption keys to decrypt and verify the serial numbers match. A nefarious user can copy a serial number to another copy of the application, but that would be exactly the same as copying the entire application. They cannot create a fake one, without first obtaining the other halves of the keys -- which are
not included in the applications, and are in your possession only. Still, users can just modify the application binary to skip the checks, so even this is not absolutely secure. Nothing is.
Similarly, if you communicate with an another party -- either via the network, or via files, or some other means --, use a different public key in each direction, with each party knowing only half of each key. If you yourself are the other party, and you keep your halves of the keys secure, with each application having their own key pairs, you can easily authenticate each application. (Or, in the case of files, either authenticate the application used to create the files, or note that the authentication bits were removed after saving the file by other means.)
In the end, you'll find out that you must trust the user to a degree. I'd recommend picking the degree such that you don't hinder the users' activities, or they will either break the security, or use another application. Consider what would be acceptable to you yourself, if you were the user of your application.
[*] In the early nineties, I hid a copy of the applications serial number into the relocation data, overwriting another copy of the serial number when the application is loaded into memory. (This was with old-type EXE files that contained their own relocation code; I replaced that with a home-grown one.) Even changing the serial number in the file would not change it, since it was regenerated when the program was loaded into memory. All copies of the application were different at the binary level, so comparing the memory image to the file would be a tedious job.
In short, the trick was to make it more work to disable or hide the serial number, than to rewrite the application from scratch. Normal users were totally unaware of this feature, since it did not hinder their actions in any way.