2

Is there a way to hide the data that's received somehow from the user? In particular, I have some data that gets send from a webserver to an application. I want the application to process the data, but I do not want that the user is able to see the information.

I thought about this a while and came to the conclusion that it's impossible. If the data is received, the user can always find a way to get its hand on the data. (e.q if I'm using asymmetric cryptography I can't hide the private key from the user well enough) The only thing that I could do is make it as hard as possible to do so. Am I right or am I missing something crucial here?

If my assumption is correct, are there any things I can do to make this process really hard or is any time that I invest in doing so, a waste of time?

Thanks for your time!

CodesInChaos
  • 11,854
  • 2
  • 40
  • 50
user2494129
  • 121
  • 1
  • 4
    In software all you can do is throw lots of obfuscation at your program and hope that nobody care enough to unravel the mess. – CodesInChaos Apr 07 '16 at 16:27
  • Using treacherous hardware (Intel SGX, TPM) etc. it might be possible to make attacks really hard. – CodesInChaos Apr 07 '16 at 16:29
  • Indistinguishable obfuscation is the keyword. Not nearly practical, or even proven secure. It even has proven upper limits on the possible security (we already know of some unachievable results) – Natanael Apr 07 '16 at 20:08

1 Answers1

4

No. People with vested interests and deep wallets have put countless man-hours into solving this problem, even when using specialized hardware, and it gets broken over and over. Some game systems used security chips (10NES, anyone?) which validated cartridges and refused to run the system if the signatures did not match. It did not work out too well. If you find a way to solve this yourself, you have single-handedly obsoleted the entire DRM industry.

https://superuser.com/q/14224/893950

https://skeptics.stackexchange.com/q/4630/47018

Are there DRM techniques to effectively prevent pirating?

forest
  • 64,616
  • 20
  • 206
  • 257