Comment by bitexploder
3 years ago
I am really failing to understand the distinction here. Encryption with say, AES has very different properties and use cases compared to an obfuscation scheme. You can use encryption as a part of an obfuscation scheme, but obfuscation is a shell game, all the way down. Crypto is not, mathematically. They are categorically different things, right?
Obfuscation with encryption can be done with good ciphers, like AES, but the key is still shipped with the code, so it's still just cat and mouse.
It's a little different if the key is hardware specific, so each binary only runs on one system and it's hard to extract the keys, but that's not a typical setup. Usually it's this code needs to run on the general public's computers or phones, and that's too general a target to rely on hardware crypto.
The key specifier word was "whitebox". They aren't speaking generally about cryptography.
The math is irrelevant when the key is known to all parties.
Sure. That is DRM and obfuscation in a nutshell. How annoying can I make this for you to reverse engineer?