Win a copy of Learning Regular Expressions this week in the General Computing forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

A new solution to protect Java class from decompiling  RSS feed

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I just develop a product called "VLINX Java Protector". It's a new solution to protect Java class from decompiling.We make a Native ClassLoader by modifying the source of OpenJDK, could encrypt the classes you want to protect by AES and parse them in our custom-JRE.You can publish your software with the JRE and distribute your software safety.

 
Saloon Keeper
Posts: 9257
177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So how are the classes decrypted? Is the key embedded in the classloader? How will that prevent savvy attackers from decrypting the source using the key embedded in the classloader?
 
Yonfa Lin
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How to protect AES key is a huge challenge, but also the "key" to this project. we have taken some measures to improve the complexity of the crack, including multi-layer local code, anti-debugging detection and so on. And we will support each account to have its own separate secret key, and continue to publish new versions to change and enhance the algorithm. It is true that nothing is completely unbreakable, but we can continually improve the complexity and difficulty of cracking. For more information, please visit our website at https://j.vlinx.io
 
Stephan van Hulst
Saloon Keeper
Posts: 9257
177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I would have tried it out, but I don't have an x64 system.

I don't see a way to specify the key that should be used, is it the same hard-coded key for each protector and each JRE? So if there's one person that cracks the key, all classes that have been compiled everywhere are compromised?

Can you clarify what you mean by multi-layer code, debugging detection and the md5 checksum, and how those work and help secure the application?
 
Yonfa Lin
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I will write an article to explain that within a few days in detail,but also build the 32-bit version  of the software.
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!