Reputation: 16141
How to hide a licence key from casual inspection
We are currently migrating our VB6 application to Net. The VB6 code uses some third party dll's that need to be passed a licencekey before they will work. These keys are hardcoded in the VB6 code. Now, on porting this code to Net it becomes laughably easy to retrieve these licencekeys using Reflector. I understand that really good security is impossible when you include licencekeys in your code, but how can I at least prevent the casual Reflector user from effortlessly extracting these licencekeys?
Upvotes: 3
Views: 465
Answers (2)
Reputation: 22956
Use an obfuscator that has the ability to also obfuscate any strings in your code. That will protect you against casual inspection using .NET Reflector. Alternatively you could add your own code to munge the license key but then the code that is used to reverse-munge it would be open to inspection anyway.
Upvotes: 1
Reputation: 276
Unfortunately, if the code is easily reverse engineered like this, you don't have many options. It doesn't matter where you store the key's or how you store them, the minute you pass them along to the 3rd party DLL, it's exposed. My recommendation would be to wrap the 3rd party DLL with your own layer which is responsible for securely retrieving and passing along the license key.
Upvotes: 1
Related Questions
- VB.net simple license key to protect application
- .NET cryptography for licence keys?
- An effective method for encrypting a license file?
- Obfusticating License key which is hardcoded
- Implementing a program that generates non-transferable licences
- How do you hide an encryption key in a .NET application?
- How can I secure an "enabled functions" license file for my program?
- Hide a 3rd party tool license key from client
- How do I best obfuscate my C# product license verification code?
- Encrypted a project in ASP.NET