什么是保护敏感数据，在code的最佳方法是什么？ [英] What is the best way to protect sensitive data in the code?

问题描述

我正在研究保护我的code从反编译的方法。

I was examining the ways of protecting my code from decompiling.

有这里描述模糊处理，code盘根为保护code的可能途径几个很好的线程。但是他们都不是理想的，混淆不与反射字符串的方法/属性名称时，使用工作。很多人不建议使用模糊的。

There are several good threads here describing obfuscation and code packing as the possible ways of protecting the code. However none of them is ideal, obfuscation doesn't work with reflection when the string method/property names are used. Many people do not recommend to use obfuscation at all.

所以我现在决定不去与上述任何。 然而的我的code部位，我需要一种加密，例如，使用IP，用户名和密码的数据库连接字符串的内部存储在code简单常量字符串，相同的电子邮件帐户数据。

So I currently decided not to go with any of the above. However, I have parts of the code where I need a sort of encryption, for example, a database connection string with an IP, login and password is stored inside the code as simple const string, same as email account data.

在ASP.NET有一个选项，以对敏感数据移动到的.config 文件加密，但是这需要服务器密钥，即链接到一个计算机。我没有很多机会了解它，但我想类似的东西可用于桌面应用程序。但我需要这个工作的任意的应用程序被安装在计算机上。

In ASP.NET there is an option to move the sensitive data to a .config file and encrypt it, but that requires the server key, i.e. linked to a single computer. I didn't read much about it, but I suppose something similar is available for desktop applications. But I need this to work on any computer where the application is installed.

和这里的问题：是否有方法可以连接code /保护这些数据，使其不能与反编译code陪读

And here is the question: are there ways to encode/protect such data so that it cannot be read along with decompiled code?

推荐答案

第一个建议是的永远的存储任何东西在你的$ C $敏C直接。你可以的总是的反向工程，不管你如何巧妙地试图混淆了。

First advice is to never store anything sensitive in your code directly. You can always reverse engineer that, no matter how cleverly you try to obfuscate it.

我读过这样的事情打破了密码成几片，将它们放置在了code不同的地方，最后在使用前通过一系列的功能运行它们......虽然这使事情变得更难，你使用调试器仍然可以随时监控的应用程序，并最终你将能获取秘密信息。

I've read about things like breaking a password into several pieces, placing them at different places in the code and running them through a series of functions before finally using them... although this makes things harder, you can still always monitor the application using a debugger and ultimately you will be able to retrieve the secret information.

如果我跨preT您的方案正确，你有什么是code，它是被部署在一些客户的premises和你的code连接到一个数据库（我想是还根据客户的监督），连接到它需要一个口令。这种密码是已知的客户端，所以试图从客户端隐藏它是相当无用。你的做什么的希望是限制访问来自任何人的密码，谁不应该知道这一点。

If I interpret your scenario correctly, what you have is code that is to be deployed at some client's premises and your code is connected to a database (which I suppose is also under the client's supervision), connecting to it requires a password. This password is known to that client, so trying to hide it from the client is rather useless. What you do want is to restrict access to that password from anybody who is not supposed to know it.

您通常通过将敏感信息在单独的文件中应具有非常严格的权限，只有应用和少数选定的人应该可以访问的文件夹中实现这一点。该应用程序会访问运行时需要时的信息。

You typically achieve this by putting the sensitive information in a separate file in a folder that should have very restrictive permissions, only the application and a handful of selected people should have access. The application would then access the information when needed during runtime.

此外加密单独的文件，原来是一个问题 - 如果你这样做则有涉及到再次将不得不以某种方式获得了关键的 - 无限递归是它的方式:)安全访问该文件通常就足够了，但如果你真的需要被尽可能的安全，那么解决办法是使用基于密码的加密文件。但这里的想法是不而是作为外的频带信息（例如，在物理保管库）并输入密码启动应用程序时存储密码系统中的上又一位置，但是。这也有它的问题：需要（重新）启动应用程序的人的身体presence，你仍然可以检索的机器，其中应用程序运行在RAM中的密码。但它可能是最好的，你无需专门的硬件可以做的。

Additionally encrypting the separate file turns out to be a problem - if you do so then there is a key involved that again would have to be secured somehow - infinite recursion is on it's way :) Securing access to the file is often sufficient, but if you really require to be as secure as possible, then a solution is to use password-based encryption for the file. But the idea here is not to store the password in yet another location on the system, but rather as out-of-band information (e.g. in a physical vault) and entering the password when starting the application. This, too, has its problems: physical presence of a person is required for (re-)starting the application, and you could still retrieve the password from the RAM of the machine where the application is running on. But it is probably the best you can do without specialized hardware.

另外一个很好的替代基于密码的加密将是依赖于操作系统特定的密码金库，如Windows的隔离储存，这有点不加密的一切，保持密码外的带之间的权衡。

Another good alternative to password-based encryption would be to rely on OS-specific "password vaults" such as Windows' Isolated Storage, it's sort of a trade-off between not encrypting at all and keeping the password out-of-band.

这篇关于什么是保护敏感数据，在code的最佳方法是什么？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！