Code obfuscation provides quite efficient protection against software disassembly. To learn more about the necessity of obfuscation and what obfuscation techniques are the most common, please visit the following sites
In this article we will talk about the implementation of obfuscation in StarForce products and the results of such implementation.
As you know, any system can be hacked. The only question is how much time will be spent on these usually illegal actions. Therefore, the level of tamper resistance is measured by the time that a hacker needs to crack the system.
Obfuscation is used in all StarForce products in one form or another. However, obfuscation level may vary depending on the prioritized tasks of protection.
StarForce ProActive is a service that helps to protect software against illegal copying and pirate distribution. The main objective of this product is to ensure compliance with license terms. It uses binding to a PC to prevent copying. For StarForce ProActive obfuscation is used to provide the core protection against two kinds of attacks aimed to neutralize binding to a PC and disable software protection mechanism.
StarForce Crypto is also a web service, but its main task is to protect the binary code against analysis and modification. In this case, binding to a PC is not required and obfuscation plays the main role. StarForce Crypto protects code sections that have critical value in terms of business. Mainly StarForce Crypto is used by the developers who want to protect the uniqueness of their own product.
The level of tamper resistance of StarForce Crypto is slightly higher, but in general comparable with StarForce ProActive, because these two solutions use the same protection technology: protection of executable module, for example, EXE-file (binary). During protection process the functions marked as protected are disassembled and converted into the program source code and then removed from the protected module. This source code is combined with the source code of StarForce security core and after it compiled with specifically designed obfuscating compiler. The code integrity check is added inside this compiled code. One of the methods used for obfuscation is the execution of a bytecode on a virtual machine.
StarForce C++ Obfuscator has the highest level of tamper resistance among StarForce products. This product converts program source code written in C++ to prevent the possibility of reverse engineering. StarForce C++ Obfuscator is installed on developer's workplace unlike the other StarForce products: StarForce ProActive and StarForce Crypto. Its level of tamper resistance (in terms of analysis) is 10 times higher than StarForce Crypto has. Having this result we promise that the speed of software operation is not slowing down.
StarForce C++ Obfuscator is recommended to protect software with increased requirements of tamper resistance, for example, protection of DRM keys or other data. The leak of such data may cause the significant losses for both the software developer and the company that uses software to provide services to end users. At the moment this product is used by many famous developers of multimedia devices. But the names of these companies are top secret because they don’t want to take risk.
StarForce C++ Obfuscator is a universal product that obfuscates program source code no matter what operating system is used. StarForce C++ Obfuscator is usable to protect applications developed for Android, iOS, Windows, Linux, Mac. During protection source code is obfuscated as well as binary code that makes it more difficult to analyze.
High level of tamper resistance of StarForce C++ Obfuscator is achieved by implementation of more than 30 methods of obfuscation, which can be varied to reach the best result.
Chris Kaspersky about obfuscation: "The future of obfuscation prepares negative perspective for hackers. From practical point it means that it makes no sense to work with standard analytical methods. In theory it is possible to remove trash and superfluity hat were added by an obfuscator but in practice it’s very difficult. And it is almost impossible to unravel code of a Petri net because it is a one-way process and nobody is able to reverse it."
About StarForce Technologies
StarForce Technologies (www.star-force.com) is a leading vendor of information protection, copy protection and code obfuscation solutions for software, electronic content and audio/video files. Since 2000, StarForce has been successfully developing and implementing its state-of-the-art security solutions, providing copyright and intellectual property protection worldwide. Two of these solutions were transformed into StarForce cloud services: sfcontent.com protects e-Documents against illegal copying and distribution and sfletter.com secures emails.
StarForce is a reliable and responsible Technological Partner for enterprises potentially incurring losses due to cyber-gangs, hackers, software piracy, unauthorized data access and information leaks. StarForce’s customers are Russian Railways, Corel, 1C, Mail.ru, Aeroflot, SUN InBev Russia, AMD Labs, ATC International, MediaHouse, Russobit M, New Disc, Buka, Snowball, 2Play, GFI, CENEGA, Akella, etc.