-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dio wrote: > Hello! > > I need to store my private key in secure and best way. However, I > don't want to put it in a dongle or smartcard or anything related. I > need to put that along with (inside) the 'executables' (fight against > the disassembler). Any suggestions? > (Registry? oh c'mon that's just for Windows) Dio - If your going to store the key inside an executable you should compress it with a commercial packer which allows wrapping of API, Anti-Debugging tricks to prevent the executable from being debugged, dumped and fixed. I would suggest searching for some software that will allow you to do this. You can always inline some asm code into your project with some anti-debugging tricks but to be honest most of them are very simple to patch and hiding a debugger is even easier with the amount of plugins that allow this. Your best bet is to pack the binary and use a dynamic stub.
There are a few commercial protection and compression tools available on the net some free and others not. I'm not going to suggest any commercial applications or endorse them because I know how easy it is to unpack. If you have the patience and the time you might want to develop your own tool to do achieve both compression/protection and loading. I take it your wanting to manage the key inside a PE? Let me know how it works out! Good Luck. Dillon > > Thanks! > > Best, > > Dio > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkmlzHMACgkQRnxC5lZRuuEaCwCgnL3f+MUKZSFgq3bbVU6gjfpq S3EAoL27WBJw/+6qz2REe0DjvNDtjhl9 =7ZT6 -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
