How to protect C# code from modification
Question
It is need to protect some assemblies from modification (or, in other words, how to determine whether the assembly binary file is modified after compilation). How can I achieve this in .NET 4.0 by the built-in .NET means?
Problem is only in dll file modification detection, not in protection from decompilation, reverse engineering and so on.
5 answers
solution1
3 2012-03-12 15:20:58
Sadly, strong names provide protection to the consumer . They offer no protection to the developer of an assembly that their code has not been modified. It is trivial to remove a strong name . Once removed it can be modified as desired.
Even the protection provided to a consumer is limited with strong names. Since there's no central registry of public keys, there's no way to know that the assembly was signed by a specific publisher. Hackers can change the signature and resign it with their own keys after making modifications. In truth, strong names really only protect against hackers modifying the system runtime libraries...even then I'm not sure how effective they are to an actual attack on the system.
Since the code can be easily modified even when strong named, adding some sort of simple hash check in your own code won't offer any additional protection. The only way to have any hope is to use a professional grade software protection tool that offers tamper detection .
solution2
2 ACCPTED 2012-03-07 15:51:11
You can us Strong-Named assemblies (see HERE ).
They have a public key and digital signature attached and as soon as they are altered they won't be loaded by the JIT anymore:
Strong names provide a strong integrity check. Passing the .NET Framework security checks guarantees that the contents of the assembly have not been changed since it was built.
BUT as steve mentioned it is not absolutely secure!
solution3
0 2012-03-07 15:50:39
I would suggest make a hash of the assemblies at compile time. Store it somewhere in you application and check it at runtime with a new calculated hash of the assembly.
As @Steve suggests (and others) the process using this is called 'Strong-named assemblies'
solution4
0 2012-03-07 15:51:24
Strong name signing your DLL and using the fully qualified name for your references (including the signature) should help out with this.
It's not fool-proof - someone could always disassemble not only the DLL but also any other applications using it and update those references to their new version of the DLL.
solution5
0 2012-03-07 15:52:14
Try digitally signing your assemblies. To learn more, take a look at MSDN Magazine's Using Strong Name Signatures article.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.