Geek Answers Handbook

The easiest way to prevent my managed assembly from loading?

.Net security noob is here ... What is the easiest way to prevent someone else from loading my assembly?

Background: Although I'm really only looking for “reasonably good” protection (with enough time / money / smart, someone can successfully hack, hack and attack), it seems like this is a problem, and I'm just Missing.

Here is what I (think) know:

  • While strong naming can be used at the security level, it did not have to be, according to the microsoft documentation (see Warning: do not rely on strong names for security. They provide unique uniqueness.)

    In this note, I came across situations where I could not load a third-party assembly (suppose that it was so), because they did not sign their meetings, but all of mine were. So I had to ildasm build them, sign it with our own snk, then ilasm back) in order to use their library. So strong naming doesn't seem like a good security mechanism to me. HOWEVER ... how about a simple check in the code to make sure the calling assembly is signed with my public key token? How effective is it?

  • If a strong name should not be used for what I am trying to perform, does Authenticode digitally verify the dll for a better route (it seems wintrust.dll can help with this)?

    I use the tools of several vendors for obfuscation and many come with licensing and all kinds of things. I most likely use a little obfuscation to hide some sensitive parts, however I would still like to have a mechanism to prevent someone from loading my sensitive library, without having to use features such as string and code encryption, which often come with ( and other) expenses.

So, back to the question: what is the easiest way to prevent my assembly from loading?

+7
obfuscation strongname strong-named-key .net-security
source share
4 answers

In fact, you cannot provide a 100% guarantee that your assembly will not be downloaded and used poorly. But some measures may help you:

  • Signing the installation package (msi). For this you need an SSL certificate. Users will see the publisher of the downloaded files during the installation process. If your installation package is changed, the signing will be broken and the user during installation will see that this application is from Unknown by a publisher or a publisher other than you.
  • Naming a powerful node allows you to prohibit replacing a library with another "bad" library. Let's look at the following scenario: you deployed your application with library A to some server or user by installing the application on your computer. Without a strong name, library A or any others can be replaced or changed by some code to another version. For example, this new version may send any user passwords or perform other malicious actions. If one .Net library was changed at boot time, it throws a strong name validation exception. So your application will be broken. Malicious code must recompile all application libraries for the application to work. It is harder.
  • Obfuscation is also a very important thing, which allows you to make a very difficult or even impossible understanding of what is happening inside the assembly (code renaming, string encryption, etc.).
  • If you have very critical intelligent code, it is better to rewrite it in your own (C / C ++) code.
  • If your application is a mobile or desktop application and it makes a request for a backend, you can transfer the important code to the server.
+4
source share

Obvious, but perhaps not very useful: the easiest way is to remove the assembly.

+2
source share

I think you want people not to remodel you into an assembly, right? Tools like JustDecompiler can easily get your build code. To confuse your code, you can always resort to some paid product ( Eazfuscator ) or some open source code ( Obfuscar or ConfuserEx ).

+2
source share

One option (which may or may not be feasible) is to not give them an assembly. If you can make your application on a website (for example, Software as a service ), then (with properly protected servers) your clients will not have access to assemblies.

+1
source share

More articles:


All Articles