Re: PGP scripting...

From: Peter Jeremy (peterjeremy@optushome.com.au)
Date: 01/11/03

  • Next message: Pavel Kankovsky: "Re: PGP scripting..." 
    Date: Sun, 12 Jan 2003 09:31:49 +1100
From: Peter Jeremy <peterjeremy@optushome.com.au>
To: lsi <stuart@cyberdelix.net>

    On Wed, Jan 08, 2003 at 12:38:42AM -0000, lsi wrote:
    >My best theory to date is to embed an encrypted password in sourcecode
    >(please don't shoot me). The prog must decrypt before use. Requires
    >encryption of pw prior to compilation. Requires decryption algorithm
    >in code. If the system was comprised the attacker would still need to
    >reverse the decryption.
    >
    >The prog would not be vulnerable to NOP-style cracking (binary
    >patching of executable to skip instructions) as the pw does actually
    >need to be decrypted. But a disassembler would have the algorithm in
    >plain sight soon enough.

    If you are considering this approach, you should probably consider
    obfuscating the pw decryption code:
    - subdivide it into small pieces and scatter them throughout the rest of
      the code. Burying parts of the code in trap handlers can make it hard
      to find. This will make the decryption algorithm harder to determine.
    - consider using self-modifying code - which will make static disassembly
      less useful.
    - map the code and data in multiple locations and use them interchangeably
      (eg have the same buffer appear at 3 different addresses and have
      different parts of the algorithm use different buffer addresses). Beware
      of cache effects with this.
    - If this is running on known, dedicated hardware, write the code to
      depend on CPU and hardware quirks. (Remember to document this so
      that your successor doesn't try to "upgrade" the system).

    Peter