News

  • Home > News

        Encryption tool protects .NET, Windows source code

        Jonathan Angel | Date: Feb 27, 2008 | Comments: 1


        [Updated Feb. 29] -- V.I. Labs says it has enhanced the anti-tampering capabilities of its encryption tool for protecting software IP (intellectual property). Version 2.2 of CodeArmor for Windows and .NET also boasts expanded anti-debugging, secure debugger enhancements, device driver verification, plus support for Sybase PowerBuilder and Borland Delphi compilers, according to the company.



        CodeArmor is a software encryption product that operates on binary object code. V.I. Labs says the product requires no changes in the software development process, setting it apart from simple encryption wrappers or obfuscation tools, such as older versions of Dotfuscator.


        CodeArmor relies on post-processing and a runtime decrypter
        (Click to enlarge)


        CodeArmor version 2.2 adds "enhanced anti-tampering," said to better protect applications from being statically or dynamically tampered with at runtime. Binary tampering is the leading method used by pirates to bypass and disable application license enforcement systems, V.I. Labs says.

        Other new features touted in the 2.2 release include:
        • Enhanced anti-debugging protection better prevents kernel- or user-level tools from analyzing protected applications during their operation

        • New "secure debugging" console commands

        • A new device driver verification allows runtime agents to check drivers as they run, ensuring safe execution of the protected application, V.I. Labs claims

        • New support for Sybase PowerBuilder and Borland Delphi compilers
        More about CodeArmor

        Using the CodeArmor post-processing tool, an administrator selects the executables and dynamic link libraries to be protected. These are then encrypted, and an active runtime agent called the Secure Execution Monitor (SEM) is embedded into the application. When an application is run, SEM decrypts each protected function in real-time on a block-by-block or a function call basis; it never decrypts the entire application in memory, V.I. says.

        CodeArmor also takes note of attempts to attach debuggers, insert malicious code, or utilize other techniques for code-capturing. It can then notify a user, log the event, or halt the executable altogether, V.I. Labs says.

        The secure debugging capabilities mentioned above are said to let third parties create and debug their own extensions for a previously protected application. To access the secure debugger, developers authenticate via unique shared secrets or an existing license enforcements. Once authenticated, they can debug their third party extensions but not the original source code.

        For more information on how CodeArmor operates, see our earlier coverage, here.

        Availability

        CodeArmor version 2.2 is available in separate versions for Windows and .NET. Pricing starts at $18,000 for enterprise use, and the tools are also available on a subscription basis, according to V.I. Labs.


        Related stories: