tip Posted May 8, 2009 Share Posted May 8, 2009 Hi to all, I'm sure this has been asked several times but honestly I couldn't find a satisfying answer to it... I'm coding a software which at some point uses AES algorithm to encrypt and decrypt things... My question is the following: How can ensure my aes password stays safe? What is the best way? Thanks in advance Tip [center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center] Link to comment Share on other sites More sharing options...
Juvigy Posted May 8, 2009 Share Posted May 8, 2009 Encrypt the password using another method Link to comment Share on other sites More sharing options...
tip Posted May 8, 2009 Author Share Posted May 8, 2009 If someone can reach the password embeded in my exe he can also reach that other password you suggested ... [center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center] Link to comment Share on other sites More sharing options...
BrettF Posted May 8, 2009 Share Posted May 8, 2009 No exe is safe... Search for that too... Vist my blog!UDFs: Opens The Default Mail Client | _LoginBox | Convert Reg to AU3 | BASS.au3 (BASS.dll) (Includes various BASS Libraries) | MultiLang.au3 (Multi-Language GUIs!)Example Scripts: Computer Info Telnet Server | "Secure" HTTP Server (Based on Manadar's Server)Software: AAMP- Advanced AutoIt Media Player | WorldCam | AYTU - Youtube Uploader Tutorials: Learning to Script with AutoIt V3Projects (Hardware + AutoIt): ArduinoUseful Links: AutoIt 1-2-3 | The AutoIt Downloads Section: | SciTE4AutoIt3 Full Version! Link to comment Share on other sites More sharing options...
tip Posted May 8, 2009 Author Share Posted May 8, 2009 I know I've read about it ... I was asking if there is a reliable method for doing what I need... For ex if I compile a special dll and then call it without passing any password to it -password is embeded in dll- will it be safe??? Tip [center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center] Link to comment Share on other sites More sharing options...
Moderators SmOke_N Posted May 8, 2009 Moderators Share Posted May 8, 2009 I know I've read about it ...I was asking if there is a reliable method for doing what I need... For ex if I compile a special dll and then call it without passing any password to it -password is embeded in dll- will it be safe???TipThink about that question... where would you be calling the dll from? So... If they're in your script... I'm pretty sure they'll see they need no params and have the ability to get the pw quite easily. Common sense plays a role in the basics of understanding AutoIt... If you're lacking in that, do us all a favor, and step away from the computer. Link to comment Share on other sites More sharing options...
tip Posted May 8, 2009 Author Share Posted May 8, 2009 I'm aware that it wasn't a considerable idea I'm just trying to expend our vision and -maybe- to explain my needs better... Thanks Tip [center]MsgBox_Tipped: Eye candy msgboxes/inputboxes/loginboxes. | CreateBlankBox: Semi-transparent layers with borders and rounded corners.[/center] Link to comment Share on other sites More sharing options...
Juvigy Posted May 8, 2009 Share Posted May 8, 2009 Put the password on a server , encript it , allow access only with the compiled executable to the data. Link to comment Share on other sites More sharing options...
Qousio Posted May 8, 2009 Share Posted May 8, 2009 Some extra explanation can be found here: http://www.autoitscript.com/forum/index.ph...c=93554&hl= Link to comment Share on other sites More sharing options...
avery Posted May 9, 2009 Share Posted May 9, 2009 Using a method that isn't posted here is probably your most secure option. Go for confusion and uniqueness like I did It will take someone a good deal of time to figure out what the hell I've done and I hope that is enough to make it not worth the effort. This might sound crazy but no exe is safe from what I understand so I just made up my own crazy routine. www.abox.orgAvery HowellVisit My AutoIt Websitehttp://www.abox.org Link to comment Share on other sites More sharing options...
CodyBarrett Posted May 9, 2009 Share Posted May 9, 2009 .... if a hacker is dedicated enough then he\she WILL GET IT!! no matter what you do... but what are the chances of a serious hacker looking through your stuff? string encrypt a hex value of an ascii value of the Chr's? im not sure what to do in this area.. but im sure the Dev's or Mod's will be able to help [size="1"][font="Tahoma"][COMPLETED]-----[FAILED]-----[ONGOING]VolumeControl|Binary Converter|CPU Usage| Mouse Wrap |WinHide|Word Scrammbler|LOCKER|SCREEN FREEZE|Decisions Decisions|Version UDF|Recast Desktop Mask|TCP Multiclient EXAMPLE|BTCP|LANCR|UDP serverless|AIOCR|OECR|Recast Messenger|AU3C|Tik-Tak-Toe|Snakes & Ladders|BattleShips|TRON|SNAKE_____________________[u]I love the Helpfile it is my best friend.[/u][/font][/size] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now