tags:

views:

66

answers:

1
+2  Q: 

Does signing an assembly or an exe with a digital certificate makes it secure against tampering attacks?

I tried creating a temporary certificate using makecert and creating a spc from the certificate using cert2spc. I signed some exe with the generated spc. I then use the binary editor in VS 2008 to flip some bits (tampered it) in the exe. To my surprise I was able to execute the application.

I was expecting that the system will detect the tampering and will complain. Hence the question.

Any guidance would be appreciated.

+1  A: 

No, because any code in the binary to check the signature can also be tampered with.

I recommend obtaining a copy of IDA Pro and disassembling one of your binaries. After you have the raw assembler you can edit specific opcodes using a hex editor. In short, this is the tactic that the cracker community uses. I don't believe that there will ever be a way to stop this, the ps3 and xbox360 both use digital signatures to protect their binaries, but this doesn't stop piracy.

Rook  2010-02-10 18:15:58
Thanks for the response. I wonder about what kind of tampering attack the digital signatures can with stand. Am I doing anything wrong in a way I am assigning signatures to my binaries. I am doing this just for the purpose of learning.
Anand Patel  2010-02-11 13:28:21
Learning is awesome, I totally support that. The problem with this scenario is that the attacker has full control over the system, he owns the computer and processor and the binary, so as a software developer you don't have the control. Where digital signature works exceedingly well is in network communications. SSL/TLS which powers HTTPS would not be possible without digital signatures. The difference is that the attacker is on the outside looking in on 2 people that want to communicate in a secure manner.
Rook  2010-02-11 16:43:05

related questions

Encryption in C# Web-Services
How Do You Secure database.yml?
ASP.NET LocationProvider
What do you (or your company) use for wiping a machine?
Can a proxy server cache SSL GETs? If not, would response body encryption suffice?
Java: What is the best way to SFTP a file from a server
How do I call a Flex SWF from a remote domain using Flash (AS3) ?
Best way to store a database password in a startup script / config file?
Using VM to get around VPN restrictions
Best references for secure coding practices in ASP.NET and classic ASP.
Secure Memory Allocator in C++
Resolving Session Fixation in JBoss
Best Practices for securing a REST API / web service
Defensive programming
Personal Linux web server
Block user access to internals of a site using HTTP_REFERER
Is there an Unobtrusive Captcha for web forms?
My website got hacked... What should I do?
What all do I need to escape when sending a (My)SQL query?
How do you disable browser Autocomplete on web form field / input tag?
Best .NET obfuscation tools/strategy
Are there best practices for testing security in an Agile development shop?
What is the best way to avoid SQL injection attacks?
Found a critical bug, but the company doesn't care
PHP Session Security