Can I encrypt an assembly (using AES/DES) and deploy? I simply don't want people to use Reflector to view the code of my assembly.
+5
A:
Unless you are going to use reflection to load the assembly manually, after it's been unencrypted, no. It will still have to live in unencrypted mode in memory, and any memory dump will be able to get it. You can obfuscate it, which makes reflector mostly useless. What's the real worry behind this?
chris.w.mclean
2009-08-17 14:35:45
I dont think Obsfuction (Dotfuscator atleast) does this. It simply renames the methods/properties, which makes it hard to understand for the people, but they can still see the code. Is there no way, we can do a complete "hide" of my code from the outside world?
Bhaskar
2009-08-17 14:40:41
If your code is of the type that needs to be hidden proprietary math formulas or really esoteric algorithms, then dotfuscator should make it pretty hard to understand. If it's not that type of code, why are you worried about hiding it? If you really need to hide that type of code, put it in C++, or place it somewhere other than the client, behind a web service or remoting call...
chris.w.mclean
2009-08-17 14:52:58
A:
Use some standard exe-packer like upx, aspack, ...
AES/DES won't help you since your assembly must have the key for decryption as well. You'll need some kind of anti-debugging tricks as well. Be aware though - decryption hinders your debugging capabilites of delivered assemblies.
You could start with obfuscation. It's not as strong as exe-packers/encryptors but a good start for managed programs.
Tobias Langner
2009-08-17 14:37:43