Protections that protect each other

Motivation

The path to better software protection is by generating the most unique obfuscation results each time your application is protected.

Legacy obfuscation tools apply obfuscation in a manner that, each layer is independent of each other and thus allowing attackers to build linear tools that solve each protection sequentially or remove the protection they want to be erased without having to deal with the upper layers.

Solution

Cyphor Obfuscator applies the obfuscation layer on top of each other, what this ensures is that the protections that are at the bottom are protected by those that are placed at the top.

The result is a different shape on the obfuscation results each time you obfuscate your application, forcing attackers to face more layers of protection.

While this does not ensure native randomness obfuscation (this has not yet been achieved by any vendor), it ensures a different shape of obfuscation and definitely a much bigger challenge to the attacker as they do not have to just clean the protection but detect it accurately (this is where resilience and our protection truly shiness)

A practical example is the case of debugging and integrity checks, legacy protection tools injected their checks at the start of your application or the method to protect, this made it easy for attackers to simply remove the check.

With our solution, said checks are masked within your code and later protected by the obfuscation layers that come after it, this ensures that the checks are not just hidden at a glance but also protected.

The Downsides

A higher level of protection will involve certain downsides that we need to study. By applying multiple layers of protection in a method, the performance is bound to decrease.

How much? There is no certain answer to that, we do have metrics that give you insights as to how a method is affected after obfuscation transformations are applied. By default most of our protections are designed in a way to keep the performance integrity, however, depending on the method or application you are working with, you might want to focus on security over performance, this is the reason settings and modes for each protection exist.

The ideal scenario is one in which you mark manually those methods that you want to protect more than others, Attribute based obfuscation achieves exactly this and allows you to obfuscate your entire application while losing little to no performance at all.

At the end of the day, we have to account that there is always a trade-off between security and performance, the best solution is to keep a balance and utilize the resources we provide you in a balanced manner. The solution we provide you with is managed, so if you ever feel amused with the number of features or details, you can always reach out to us.

A very simple, yet effective protip is to Virtualize the code that is most valuable to you, virtualization is the last resort and strongest obfuscation you can achieve.

.

Last updated