If using encryption is always better, why would anyone obfuscate data?
Obfuscation in your code makes it hard to read/retrace strings in your binary.
An encrypted string will stand out in your binary, and if you don’t obfuscate the decryption key it will as well.
They have different uses that make them better at different things.
I would suggest starting with their definitions for a better understanding.
define:obfuscation
define:encryption
if people see image and have no idea that encrypted data may be there or not, they may not even try to hack something.
I’m sorry, I’ve been reading a lot, but I still have a lot of questions.
I need to store and protect a 3rd party key in my application source code. This key needs to be brought back to a string representation so that I can send it in web service requests.
-
Can I use this function to generate a cypher of my string, or is there something better for this situation?
https://forum.xojo.com/13818-faster-encyrption-obscuration-than-rc4-for-large-24mb-15mb-file -
Would I generate the cypher of my string using that function in a second application? Then store only the cypher and cypher key in the source code of the main application and only decrypt it when I need to make a request?
-
Is the stored cypher and cypher key what needs to be obfuscated?
Thanks for your patience.
@Mark Scardingo if you are storing a 3rd party key (like a serial number to MBS, BKS, TT, etc), you can take that serial number and divide it up into chunks or do some math (depends on what the serial looks like) or something like that. That way in the plugin register function you don’t have “serial number”, but have “cstr( 123456+47 ) . “NCM” . cstr( 34543+2389 )” (or whatever it works out to be. and you can replace those numbers with constants/properties that represent the various numbers.
MBS comes with example project called “Hide Serial Number”
and @Christian Schmitz tends to give advice on how to obfuscate his serial number(s) when you buy his products.