3

How someone might run an encoded executable, mp3, or any other file safely in memory after being decrypted.

A use case might be someone trying to make code or a file only usable through their service or software, which is my case, I don't want a user to simply steal my code so when stored on their filesystem my goal is for it to be encrypted. But the big problem with that is that I'm not sure how to decrypt it and run it without it touching the disk.

I have done some research and haven't really found a clear or well explained solution to the problem, the only solution I found was outdated and turned out the decrypted file was actually written to the disk at one point in the process of the "solution".

So if anyone has any solution to this problem I would very much appreciate it as my research has failed me.

Cayne Brister2
  • 31
  • 3
  • What if the system starts t swapping? Ramdisk, ah those years, https://unix.stackexchange.com/questions/59300/how-to-place-store-a-file-in-memory-on-linux – kelalaka Dec 23 '20 at 08:58
  • I've migrated this question here as it is still looking for a generic solution. However, I've tagged it DRM for a reason: without a secure system, it is not possible to create a fully secure solution. – Maarten Bodewes Dec 23 '20 at 08:58
  • @kelalaka I used ramdisk not all that long ago; it's the best thing to use if you want run performance tests for an application that has tracing enabled, for instance. – Maarten Bodewes Dec 23 '20 at 09:00

2 Answers2

0

This will be very OS dependent. Any code coming from the outside, no matter how it is created, the OS must assume that it is malicious. An OS created in the 1980s would have just ignored that fact. Today, it is most likely that you have to make some OS call that marks the decrypted data as code, and a call to execute the code inside a sandbox.

If you decrypt data which is then processed, you must also assume that it is malicious, and the code processing it must make sure that it cannot cause any damage by processing malicious data. With .mp3 files that’s not too difficult. Of course someone could send you encrypted image files that get you arrested if you decrypt them.

gnasher729
  • 1,823
  • 10
  • 14
0

If I understood well, you want to create a software that clients install in their machines and can execute, nothing encrypted so far. Then you want them to run some code only from within this software (let's call it "mother") and avoid other usages and this is why you want to encrypt the code, right?

I think one solution for this could be to create a C++ "mother" executable to run scripts, maybe python scripts (or even javascript). Clients could download encrypted versions of these scripts, and decode them and execute them inside your "mother" program. (This is how web works, with the difference that scripts are not encrypted.). Being it a compiled C++ makes it harder to reverse-engineer it, but I guess it would still be possible to extract the scripts. In this solution you need a different distribution for each OS but your scripts(encrypted or not) would be the same.

I think this is easier than distributing a binary file that can be decrypted into an executable: in this case you need a different binary for each OS, apart from the decryption tool/pipeline.

Edgar G.
  • 101
  • 2
  • Search for an interpreter/enginge that suits your needs. A simple one: https://github.com/cesanta/mjs. If you are learning I don't recommend you looking at V8.dev. If you want python, you could start here: https://www.boost.org/doc/libs/1_60_0/libs/python/doc/html/tutorial/tutorial/embedding.html. In any case, I don't know what you are trying to do but I would go with a web service. The mother program being any browser, and the script being javascript. Not encrypted, you have to figure out a way to require clients to frequently do some checks in your servers. – Edgar G. Dec 24 '20 at 06:38