Databases
StackOverflow2013
Postsdbo
POHow to hide a string in binary code?
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POHow to hide a string in binary code?
    text
    copied!<p>Sometimes, it is useful to hide a string from a binary (executable) file. For example, it makes sense to hide encryption keys from binaries.</p> <p>When I say “hide”, I mean making strings harder to find in the compiled binary.</p> <p>For example, this code:</p> <pre><code>const char* encryptionKey = "My strong encryption key"; // Using the key </code></pre> <p>after compilation produces an executable file with the following in its data section:</p> <pre class="lang-none prettyprint-override"><code>4D 79 20 73 74 72 6F 6E-67 20 65 6E 63 72 79 70 |My strong encryp| 74 69 6F 6E 20 6B 65 79 |tion key | </code></pre> <p>You can see that our secret string can be easily found and/or modified.</p> <p>I could hide the string…</p> <pre><code>char encryptionKey[30]; int n = 0; encryptionKey[n++] = 'M'; encryptionKey[n++] = 'y'; encryptionKey[n++] = ' '; encryptionKey[n++] = 's'; encryptionKey[n++] = 't'; encryptionKey[n++] = 'r'; encryptionKey[n++] = 'o'; encryptionKey[n++] = 'n'; encryptionKey[n++] = 'g'; encryptionKey[n++] = ' '; encryptionKey[n++] = 'e'; encryptionKey[n++] = 'n'; encryptionKey[n++] = 'c'; encryptionKey[n++] = 'r'; encryptionKey[n++] = 'y'; encryptionKey[n++] = 'p'; encryptionKey[n++] = 't'; encryptionKey[n++] = 'i'; encryptionKey[n++] = 'o'; encryptionKey[n++] = 'n'; encryptionKey[n++] = ' '; encryptionKey[n++] = 'k'; encryptionKey[n++] = 'e'; encryptionKey[n++] = 'y'; </code></pre> <p>…but it's not a nice method. Any better ideas?</p> <p>PS: I know that merely hiding secrets doesn't work against a determined attacker, but it's much better than nothing…</p> <p>Also, I know about assymetric encryption, but it's not acceptable in this case. I am refactoring an existing appication which uses Blowfish encryption and passes encrypted data to the server (the server decrypts the data with the same key).</p> <p>I <strong>can't</strong> change the encryption algorithm because I need to provide backward compatibility. I <strong>can't</strong> even change the encryption key.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload