What is String Encryption?
DashO implements runtime decrypted String encryption. Any encryption (or specifically decryption) done at runtime is inherently insecure. A smart hacker can eventually break it, but for Strings present in customer code, we found it worthwhile. Effectively, we apply a simple encryption algorithm to any strings in your application you desire. Let’s face it: if a hacker wants to get into your code, he doesn’t blindly start searching renamed types. He probably searches on the string “Invalid License Key” which points him directly to the type where license handling is performed. Searching on strings is incredibly easy. String Encryption raises the bar for the casual hacker and deters that many more non-serious hackers. This algorithm incurs a tiny performance penalty at runtime but as with pretty much everything else in DashO, this option is fully configurable.
Dotfuscator Professional obfuscation implements runtime decrypted String encryption. As mentioned before, any encryption (or specifically decryption) done at runtime is inherently insecure. That is, a smart hacker can eventually break it, but for Strings present in customer code, we found it worthwhile. Effectively, we apply a simple encryption algorithm (with a twist to thwart decompilers) to any strings in your application you desire. Let’s face it – if a hacker wants to get into your code, he doesn’t blindly start searching renamed types. He probably searches for “Invalid License Key” which points him directly to the type where license handling is performed. Searching on strings is incredibly easy. String Encryption raises the bar for the casual hacker and deters that many more non-serious hackers. You will want to make sure that you apply string encryption to hide sensitive information such as hardcoded SQL strings, usernames, passwords, etc. This algorithm incurs a very tiny perfo