在C ++中隐藏加密密钥的跨平台方式?
[英]Cross-platform way of hiding cryptographic keys in C++?
问题描述
My application needs to use a couple of hard-coded symmetric cryptographic keys (while I know that storing a public key would be the only perfect solution, this is non-negotiable). 
我的应用程序需要使用几个硬编码的对称加密密钥 (虽然我知道存储公钥是唯一完美的解决方案,这是不可协商的)。 We want the keys to be stored obfuscated , so that they won't be recognizable by analyzing the executable, and be "live" in memory for as little time as possible - as to increase the difficulty of a memory dump retrieving them in clear-text. 我们希望将密钥存储为模糊处理 ,以便通过分析可执行文件来识别它们,并在尽可能短的时间内在内存中“活动” - 以增加内存转储在清除时检索它们的难度。文本。 I'm interested in using C++ features (using some sort of scoped_key comes to mind). 我对使用C ++功能感兴趣( scoped_key使用某种scoped_key )。 The solution must be portable - Windows, Linux, MacOS -, so it cannot take advantage of the operating system crypto API. 该解决方案必须是可移植的 - Windows,Linux,MacOS - 因此它无法利用操作系统加密API。
How would you go about designing such a system? 你会如何设计这样一个系统? Thanks a lot. 非常感谢。
6 个解决方案
解决方案1
4 2009-07-10 23:47:03
All you're going for here is security through obscurity. 你所要求的就是通过默默无闻的安全。 If you have one of us come up with an idea, you won't even have that. 如果你让我们中的一个想出一个想法,你甚至都没有。
John Skeet has a good article on this too. John Skeet也有一篇很好的文章。
Do something random is all I can say. 我可以说,做一些随意的事情。
解决方案2
3 已采纳 2009-07-10 23:57:25
your scoped_key can be simply a KeyHolder object on the stack. 你的scoped_key可以只是堆栈上的KeyHolder对象。 Its constructor takes the obfuscated buffer and makes a real key out of it and its destructor zeros out the memory and deallocates the memory. 它的构造函数接受混淆的缓冲区并从中生成一个真正的密钥,它的析构函数将内存清零并释放内存。
As for how to actually obfuscate the key in the binary, One silly choice you might try is put inside a much larger random binary block and remember its offset and size and probably XOR it with some short random sequence. 至于如何在二进制文件中实际模糊密钥,你可能尝试的一个愚蠢的选择是放在一个更大的随机二进制块中并记住它的偏移量和大小,并且可能用一些短随机序列对其进行异或。
If you do the XORing thing you can actually avoid ever having the real key in memory. 如果您执行XORing操作,您实际上可以避免在内存中使用真正的密钥。 simply modify the decryption to read a byte from the key and before using it, to XOR it with the appropriate value. 只需修改解密以从密钥中读取一个字节,然后在使用它之前,使用适当的值对其进行异或。
* Add here disclaimer on how foolish security through obscurity is * *在这里加上关于通过默默无闻是多么愚蠢的安全性的免责声明*
解决方案3
3 2009-07-11 10:36:15
Have you considered if this is actually the weak point in your program? 您是否考虑过这实际上是您计划中的弱点? Let's assume for the sake of argument that you're doing a license check - though other checks apply equally well. 让我们假设您正在进行许可证检查 - 尽管其他检查同样适用。 No matter how well hidden your key, and how well obfuscated your algorithm, at some point you have to do something like this: 无论你的密钥隐藏得多好,以及你的算法如何混淆,在某些时候你必须做这样的事情:
if(!passesCheck()) {
exit(1);
}
Your potential adversary doesn't have to find the key, decrypt it, figure out the algorithm, or anything else. 您的潜在对手无需找到密钥,解密密钥,找出算法或其他任何东西。 All they have to do is find the location in the code where you determine if the check succeeded, and replace the 'jnz' instruction with a 'jmp' to make the test pass unconditionally. 他们所要做的就是在代码中找到您确定检查是否成功的位置,并将'jnz'指令替换为'jmp'以使测试无条件地通过。
解决方案4
2 2009-07-11 03:23:03
解决方案5
0 2009-07-10 23:57:46
If you do not take advantage of whatever platform you will run on, you cannot guarantee that you can effectively hide a symmetric cryptographic key in your program. 如果您没有利用您将运行的任何平台,则无法保证您可以在程序中有效地隐藏对称加密密钥。 You can assume that an attacker will have a debugger and will eventually figure out how to set a breakpoint in the function that has to use the key to decrypt. 您可以假设攻击者将拥有一个调试器,并最终将弄清楚如何在必须使用密钥解密的函数中设置断点。 Then it's game over. 然后是游戏结束。
解决方案6
-2 2009-07-11 01:30:09
Why not look at steganography, as you can hide the key in an image. 为什么不看隐写术,因为你可以隐藏图像中的键。 It is possible to find the key, but if the image doesn't follow an obvious pattern (such as an image of space would) then it may be harder. 可以找到密钥,但如果图像不遵循明显的图案(例如空间图像),则可能更难。 This can be cross-platform. 这可以是跨平台的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.