Creating a Secure Local Log-In Method Program and Preventing Access by Unauthorized Users

Question

Okay so this is one of those questions that's definitely been asked before in one form or another but I think my situation is a little different than a lot of the other cases addressed by other answers on this site (and others).

I need to secure my application so that (in theory) only I can access it. This means one password and one username. It will never be changed, and cannot be changed (unless I rebuild the entire program).

The program is only intended to be used on one computer, so it doesn't have to be an "all-client" solution. I'd like to have it protected from someone just going in with IDA or something and changing one or two bytes in order to bypass the login. I am familiar with obfuscation and that's something I'll be looking into using.

This is one of those "if the wrong person gets a hold of this" things, I've already configured the consequences for entering the wrong password too many times, now the actual method of authenticating is the only thing left to do.

In short: How do I do my best to prevent unauthorized access to my application? I know it's never possible to totally prevent reverse engineering, but I'd like to make it difficult for the "average hacker".

Please let me know if there's anything I can do to improve my question. Thanks everyone!

Answer 1

LB2's answer is a good way to start (making sure the program itself is encrypted).

If I wanted a very high level of security, I'd push it a bit farther and implement 2-factor authentication. LB2's answer takes care of the something you know part.

I suggest splitting your program into 2 (or more) pieces (say a main and a library), so that neither part can accomplish anything without the other part (you will have to be smart about how and where you split the code). It would also be wise to encrypt the 2nd part, as to limit the knowledge a malicious user could gain if they ever put their hand on it. (I guess the 2nd part should not be encrypted with the same key as the first part, so you could embed the key to the 2nd part inside the code of the 1st part...)

This way, you'd need something you know (the encryption key) and something you have (the other piece of the program, maybe held on a USB key) to actually run the program.

(Edit) Now that I think about it, you should also use the fact that the program is only going to be run on a single machine. A critical part of the program should be secured so it can only be run on a specific device (use static data tied to the machine as opcodes or encryption keys...) An attacker stealing the code won't be able to run the software without the device (at least if he hasn't grabbed a copy of the static data).

Answer 2

This is going to be a bit challenging to implement, but you could do the following:

1. Create your application like you normally would.
2. Create encryption type key (PKI or symetric - whatever fits you needs) that only you hold the [private] key to.
3. Encrypt your application using your key.
4. Create a small vehicle application that when built would package inside of it your application in encrypted form.
5. When vehicle app is run, it would extract your actual application, demand your key for decryption, decrypt it, and launch it. Once use of app is completed, it would delete it.

The obvious weak point is that your app can be grabbed while in decrypted form. If you can find a way how to launch it directly from memory stream, it may be a bit more secure. Another weak point is that while it is in memory, someone could force dump it, and then examine encrypted bytes using windbg or similar tools and get hands on it that way (or simply attach debugger at runtime). Couple that with obfuscation, and possibly some techniques that make it difficult to attach debugger, and you may have a decent enough solution.

But as you said yourself - nothing is 100% fortress. If there is a will, there is a way.