Click here to Skip to main content
11,641,209 members (62,933 online)
Click here to Skip to main content

Building Security Awareness in .NET Assemblies : Part 2 - Learn to protect your .NET assemblies from being tampered

, 31 Oct 2004 122.9K 1.7K 76
Rate this:
Please Sign up or sign in to vote.
Building Security Awareness in .NET Assemblies : Part 2 of 3

Disclaimer

NeCoders shall not be held responsible for any cases of software/files being hacked due to the information provided in this article.

General Overview

Before you read part 2, please make sure you already have read part 1 as it is related. In this article, I will be showing how to defend your .NET assemblies from being tampered. I do believe you have heard of the Digital Signature Approach. In short, you could actually attached a Strong Name key to the .NET Assembly to protect it from being tampered. Strong Name key is a RSA 1024 bit encryption, and to break it is not that easy at all. You need to have huge computing power to get that private key.

Why Strong Name??

When it was first introduced to me, I had no idea what it meant.

1st Scenario :

I am not sure whether this had happened to you, but it did for me. I was thinking of securing my .NET Assemblies a while ago, and I tried reading up on articles regarding how to do so. From what I read, it recommended me to use Strong Name key. It continued to explain about the benefits of it, but it was rather vague. It assumed that I could visualize what the author could which in the end, left me wondering about what so special is this so-called Strong Name.

Why did I feel this way? Well, reason being that I had many doubts about it. It did not encrypt my codes nor did it hide my codes from decompilers such as .NET Reflector. It isn't even related to obfuscation. So then what is Strong Name for? Some marketing tool to convince the public that the assemblies it protects is secure?

2nd Scenario :

Your superior comes to you and asks you to implement a Strong Name key in your assemblies. And then when you reply, why Strong Name, they would say this is what other people are doing in the industry; we should follow them as well.

The Demonstration

In this demo, I will show you the usage of attaching a Strong Name key to your assemblies.

Test machine specifications :

  • Windows XP Professional Edition SP 1

  • Intel Pentium 4 2.6GHz

  • 256MB DDR-RAM

  • Visual Studio .NET 2003 Professional Edition

  • Microsoft .NET Framework 1.1
1. Open the Visual Studio .NET 2003 command prompt and make sure you access to the directory where your source files or solution files resides. 2. Type “sn –k sn.key”

3. The strong name has been successfully created. Now how do you attach it to your solution?

4. Open up the source code for AssemblyInfo.cs in your CrackingIL solution and enter this code inside AssemblyKeyFile.

5. Build your project and run it by pressing F5 in Visual Studio .NET 2003.

6. Now, open up the Visual Studio .NET 2003 command prompt and type “ildasm CrackingIL.exe /out=CrackingIL.il”

7. Open up the CrackingIL.il with any text editor. I chose Notepad.

8. Search for this line:

9. Then change it from “Welcome to NeCoders” to “I can’t hack you, why!”

10. Save the file. Type this command “ilasm CrackingIL.il” in Visual Studio .NET 2003 command prompt.

11. Execute the CrackingIL.exe.

You will see the above and this:

12. It means that you just can’t simply manipulate someone else's .NET assembly and convert it back. Congratulations, you have successfully protected your assembly with Strong Name.

Conclusion

I hope that from this article, you manage to gain some brief idea about Strong Name and how it helps to protect your .NET assembly. I have finished the part 3 of this series. Please do check it out.

References

None

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here

Share

About the Author

Chua Wen Ching
Software Developer
Malaysia Malaysia
I am Chua Wen Ching and it is great to be part of CodeProject network Smile | :)

You may also be interested in...

Comments and Discussions

 
PinnedPosting rules for The Lounge Pin
Chris Maunder2-Jul-11 15:48
adminChris Maunder2-Jul-11 15:48 
Rant"I refuse to work in C#" Pin
Marc Clifton3hrs 35mins ago
protectorMarc Clifton3hrs 35mins ago 
GeneralRe: "I refuse to work in C#" Pin
PIEBALDconsult3hrs 1 min ago
protectorPIEBALDconsult3hrs 1 min ago 
GeneralRe: "I refuse to work in C#" Pin
R. Giskard Reventlov2hrs 18mins ago
memberR. Giskard Reventlov2hrs 18mins ago 
GeneralRe: "I refuse to work in C#" Pin
PIEBALDconsult2hrs 12mins ago
protectorPIEBALDconsult2hrs 12mins ago 
GeneralRe: "I refuse to work in C#" Pin
R. Giskard Reventlov2hrs 8mins ago
memberR. Giskard Reventlov2hrs 8mins ago 
GeneralRe: "I refuse to work in C#" Pin
PIEBALDconsult2hrs 5mins ago
protectorPIEBALDconsult2hrs 5mins ago 
GeneralRe: "I refuse to work in C#" Pin
clientSurfer1 hr 38mins ago
professionalclientSurfer1 hr 38mins ago 
GeneralRe: "I refuse to work in C#" Pin
PIEBALDconsult1 hr 13mins ago
protectorPIEBALDconsult1 hr 13mins ago 
JokeRe: "I refuse to work in C#" Pin
Wes Aday1 hr 42mins ago
professionalWes Aday1 hr 42mins ago 
GeneralRe: "I refuse to work in C#" Pin
Dave Kreskowiak1 hr 34mins ago
mvpDave Kreskowiak1 hr 34mins ago 
JokeRe: "I refuse to work in C#" Pin
Brisingr Aerowing1 hr 32mins ago
professionalBrisingr Aerowing1 hr 32mins ago 
GeneralRe: "I refuse to work in C#" Pin
PIEBALDconsult58mins ago
protectorPIEBALDconsult58mins ago 
GeneralRe: "I refuse to work in C#" Pin
Garth J Lancaster41mins ago
memberGarth J Lancaster41mins ago 
GeneralRe: "I refuse to work in C#" Pin
Mladen Janković15mins ago
memberMladen Janković15mins ago 
GeneralRe: "I refuse to work in C#" Pin
Super Lloyd1 hr 24mins ago
memberSuper Lloyd1 hr 24mins ago 
QuestionRe: "I refuse to work in C#" Pin
Mladen Janković9mins ago
memberMladen Janković9mins ago 
GeneralGoogle Hangouts Pin
C-P-User-35hrs 33mins ago
memberC-P-User-35hrs 33mins ago 
GeneralRe: Google Hangouts Pin
RossMW5hrs 5mins ago
memberRossMW5hrs 5mins ago 
GeneralRe: Google Hangouts Pin
C-P-User-324mins ago
memberC-P-User-324mins ago 
GeneralIt's all cutting edge in Ireland Pin
Duncan Edwards Jones6hrs 23mins ago
professionalDuncan Edwards Jones6hrs 23mins ago 
GeneralRe: It's all cutting edge in Ireland Pin
newton.saber5hrs 55mins ago
membernewton.saber5hrs 55mins ago 
GeneralWindows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
newton.saber6hrs 29mins ago
membernewton.saber6hrs 29mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
Cornelius Henning6hrs 11mins ago
memberCornelius Henning6hrs 11mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
newton.saber6hrs ago
membernewton.saber6hrs ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
Cornelius Henning5hrs 7mins ago
memberCornelius Henning5hrs 7mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
newton.saber2hrs 55mins ago
membernewton.saber2hrs 55mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
Mladen Janković5hrs 9mins ago
memberMladen Janković5hrs 9mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
newton.saber2hrs 57mins ago
membernewton.saber2hrs 57mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
dandy724hrs 24mins ago
memberdandy724hrs 24mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
newton.saber2hrs 49mins ago
membernewton.saber2hrs 49mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
Mladen Janković2mins ago
memberMladen Janković2mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
ledtech33hrs 49mins ago
memberledtech33hrs 49mins ago 
GeneralRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
Brisingr Aerowing2hrs 21mins ago
professionalBrisingr Aerowing2hrs 21mins ago 
NewsRe: Windows 8.1 Diskspace Monster? What up, Yo?! Nessie? Chapacubra? Sasquatch? Pin
Super Lloyd1 hr 21mins ago
memberSuper Lloyd1 hr 21mins ago 
GeneralO(my) Pin
PIEBALDconsult7hrs 46mins ago
protectorPIEBALDconsult7hrs 46mins ago 
GeneralRe: O(my) Pin
harold aptroot7hrs 42mins ago
memberharold aptroot7hrs 42mins ago 
GeneralRe: O(my) Pin
PIEBALDconsult55mins ago
protectorPIEBALDconsult55mins ago 
GeneralRe: O(my) Pin
CPallini7hrs 26mins ago
mvpCPallini7hrs 26mins ago 
GeneralHow Disciplined Of A Coder Are You? Pin
Kevin Marois9hrs 41mins ago
professionalKevin Marois9hrs 41mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
PIEBALDconsult9hrs 24mins ago
protectorPIEBALDconsult9hrs 24mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Kevin Marois9hrs 12mins ago
professionalKevin Marois9hrs 12mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
newton.saber7hrs 31mins ago
membernewton.saber7hrs 31mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Ravi Bhavnani9hrs 24mins ago
professionalRavi Bhavnani9hrs 24mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Kevin Marois9hrs 17mins ago
professionalKevin Marois9hrs 17mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Ravi Bhavnani9hrs 14mins ago
professionalRavi Bhavnani9hrs 14mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
PIEBALDconsult8hrs 39mins ago
protectorPIEBALDconsult8hrs 39mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Gjeltema5hrs 49mins ago
memberGjeltema5hrs 49mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Camilo Reyes3hrs 50mins ago
professionalCamilo Reyes3hrs 50mins ago 
GeneralRe: How Disciplined Of A Coder Are You? Pin
Mycroft Holmes3hrs 30mins ago
professionalMycroft Holmes3hrs 30mins ago 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Terms of Use | Mobile
Web01 | 2.8.150731.1 | Last Updated 1 Nov 2004
Article Copyright 2004 by Chua Wen Ching
Everything else Copyright © CodeProject, 1999-2015
Layout: fixed | fluid