PHS Dotfuscryptor – Features

PHS Dotfuscryptor – Features

PHS Dotfuscryptor offeres a broad variety of different functions and protection mechanisms, which can be applied to a given .NET assembly. These functions and mechanisms include the following:

.NET Assembly Protection

The assembly is protected against disassembling. In contrast to other widely used tools, ph solutions‘ PHS Dotfuscryptor uses an innovative approach based on strong cryptography for this purpose (→ Details). This cryptography-based approach does not perform any modifications to the underlying metadata and .NET CIL Codes, but rather leaves the original assembly completely unchanged. Still, although not being modified at all, the assembly as such is effectively protected against most commonly used .NET disassemblers and reflectors.

.NET Assembly Packaging

Modern .NET applications consist of a single startup assembly (.exe) on the one hand and multiple additional reference assemblies on the other hand. The latter are available as DLLs, which are loaded on-demand by the startup assembly’s hosting process. PHS Dotfuscryptor allows for these reference assemblies to be embedded into the Native Dotfuscryptor Launcher, such that they can be protected in a consistent manner along with the actual startup assembly and without the need for special precautions to be taken in the development process (ObfuscationAttribute or similar). Moreover, this feature allows for easier deployment of the .NET application, since all the required assemblies can be distributed as a single file (.exe), which (similar to a statically linked native application) contains startup assembly as well as the reference assemblies.

Debugger Protection

In addition to the protection against disassembling, PHS Dotfuscryptor offeres the option to protect the .NET assembly (or, more precisely, the process that executes the protected assembly on the target system) against external debugging. For this purpose, the Native Dotfuscryptor Runtime implements different strategies, which seal off the process of other processes in the system in order to prevent informations to be leaked or the program flow of the .NET assembly to be modified by an external debugger.

Password Binding

PHS Dotfuscryptor offers a simple and generic way of binding the execution of protected .NET assemblies to a password. In order for the application to launch successfully, users are required to enter this password at startup. In absence of the password, it is almost impossible to lauch or disassemble the program. Like any other protection mechanism provided by PHS Dotfuscryptor, also Password Binding can be integrated independently into existing .NET applications. The achieved decoupling of business logic and application protection mechanism ensure maximum security.

USB Copy Protection

The execution of a protected assembly can be bound to a USB dongle. The absence of the USB dongle on the target system trying to execute the protected .NET assembly, makes it impossible for the application to launch successfully. By doing so, you as a developer can ensure that your software is protected against illegal reproduction and redistribution. Since the USB dongle is an integral component of the Native Launcher Runtime, bypassing this type of copy protection and thus an unauthorized reproduction of your software can be considered very difficult.

Hardware Binding

Besides the copy protection based on the USB dongle described above, PHS Dotfuscryptor offers the option to protect your .NET application against repoduction and software piracy by binding the execution of your .NET assembly to a certain MAC address. Similar as for the protection by means of a USB dongle, also the verification of the MAC address on the target system is an integral component of the Native Dotfuscryptor Launcher. This, in turn, allows for your .NET application to be protected very reliably.

Trial Versioning

PHS Dotfuscryptor’s Trial Versioning feature enables you to build and release trial versions of your own .NET software. These trial versions will refuse to launch once the trial period you specified during the build process has been exceeded. Again the separation of security mechanism and business logic allow for a reliable and retrofittable protection.

Signature Check

Although Windows basically offers support for protection of executable files by means of the Authenticode protection system, by default it does not validate the digital signatures attached to binaries at program startup. As a result, while they could be detected quite easily, malicious program modifications added, for instance, as your application is transmitted from your distribution server to the client’s computer, remain without consequence. This gap is closed by PHS Dotfuscryptor’s Signature Check feature, which implements automatic and generic validation of attached signatures within the protected Native Launcher Runtime. In case of an error (e.g. the certificate used for signing is untrusted or the binary was modified after signing), the startup process of the .NET application is aborted.

Debugging Console

When activated with a valid license, the full version of PHS Dotfuscryptor offers support for a debugging console, which can be attached to your application by the Native Dotfuscryptor Runtime on an optional basis. This debugging console allows for detailed informations about unhandled exceptions to be displayed and thus valuable information about application crashes to be gained even if your application was built in a release mode without a debugger being attached.

Distribution Management

In order to manage different distributions which potentially arise from different combination of the above features, PHS Dotfuscryptor impements a distribution management system. Imagine, for instance, that you have sold one of your software products to different customers. In addition to these customer releases, you have an internal build of the software for product presentations. The customers‘ versions of the application may be bound to a USB dongle, while for the version built for presentations it is important to have all the required reference assemblies on the target system (which could be, for instance, a computer at a potential customer’s site). In order to minimize the arising management overhead, one could define two separate distributions in PHS Dotfuscryptor’s distribution management. As another use case, the distribution management facility, could also be used to manage the build process of different bundles which are then bound to different MAC addresses.

Trial Service (Coming Soon)

The trial service offered by PHS Dotfuscryptor allows you to release trial versions of your own .NET software. For this purpose, the necessary decryption parameters needed by the protected application’s Native Dotfuscryptor Runtime are stored on one of our servers. On every program launch of one of your protected trial version, the Native Dotfuscryptor Runtime retrieves these decryption parameters retrieved from our server through a secure connection. You have full control over the time span during which the server reveals the decryption parameters. As a result, once this time span has elapsed (i.e. the trial period of your software is over), there is no way for the trial version to launch successful anymore.

Kernel Protection (Coming Soon)

In addition to the debugger protection described above, the process hosting the protected .NET assembly is protected by a special kernel software component. This kernel software component prevents unauthorized access to the .NET process‘ address space.

Details ← → Screenshots