Select Language US Language
German Language
breadcrumb.home / Support / FAQ & Wiki / FAQ / Implementation with API

FAQ

FAQ - Implementation with API

Content

What are the main benefits of implementing API instead using AutoCrypt?
What is the best way to start with the implementation with API? Do you have some introduction/hints here?
Which programming environments and operating systems are supported via API?
How can I implement a "bulletproof" protection for my applications using your API?
Do I need to write my own application to configure/program the CRYPTO-BOX before shipping it to my end-users?
My compiler/platform is quite exotic, older and/or is not in your list of the supported environments. Do you have a solution?
My application is written in C#.NET. How can I protect my .NET code from decompilation?

What are the main benefits of implementing API instead using AutoCrypt?

The implementation with API gives you more flexibility.

Some examples:

  • If the CRYPTO-BOX is not found, you can decide what to do: switch the application to a Demo mode or disable some features. With AutoCrypt, the application will not work at all.
  • Keep critical parts of the application still working, even if the CRYPTO-BOX was lost or stolen at the end-user side.
  • Use the hardware-based encryption engine of the CRYPTO-BOX to decrypt important data or functions during runtime or your application. This makes it more difficult to crack your application.
  • With API implementation, MARX supports a wider range of programming environments and operating systems than with AutoCrypt.

What is the best way to start with the implementation with API? Do you have some introduction/hints here?

Please read our Implementation with API White Paper. It gives you a good introduction on how to start. Be sure to also refer to the samples located within the PPK as well for examples of each.

Which programming environments and operating systems are supported via API?

Currently Windows, Linux, Mac OS X, iOS (network mode only) and Android are supported.

A detailed overview of supported compilers can be found in the Implementation with API White Paper, chapter 4.

How can I implement a "bulletproof" protection for my applications using your API?

Nothing can be completely 100% secure, but there are multiple precautions you can take to make your program more protected thus making it more difficult for crackers to breach your applications protection.

Some examples:

  • Use the hardware-based encryption engine of the CRYPTO-BOX to decrypt important information during application runtime.
  • Spread protection routines in the code.
  • Use long testing routines and implement dummy calls.
  • Store parameters and program variables in the internal CRYPTO-BOX memory.

More tips and details can be found in the Smarx Compendium, chapter 17.

Do I need to write my own application to configure/program the CRYPTO-BOX before shipping it to my end-users?

This is not necessary. Under Windows you can use the Smarx Application Framework (part of the CRYPTO-BOX Protection Kit) to program the CRYPTO-BOX units. See Smarx Compendium, chapter 4.5 for more details.

Furthermore with SmrxProg there is a command line tool available (for Windows, Linux and Mac OS X) which takes care of CRYPTO-BOX formatting. It provides a high grade of automation, because the formatting process can be controlled within other applications or script-files. Please refer to the Smarx Compendium, chapter 7 for more details.

My compiler/platform is quite exotic, older and/or is not in your list of the supported environments. Do you have a solution?

Many environments allow to incorporate C routines. Another possibility under Windows is using COM technology or the dynamic library cbios_dll.dll provided in the Smarx OS Protection Kit – see Smarx Compendium, chapter 10.12 for more details.

If you look for support of older environments of development environments: we still support a lot of older compilers, such as old Visual Studio or Delphi versions, as well as legacy environments, eg. older Windows or Linux versions, real-time OS or even DOS (via the CRYPTO-BOX Serial).

Please contact us to discuss further details: We will find a solution in almost all cases.

My application is written in C#.NET. How can I protect my .NET code from decompilation?

Because of the nature of .NET, unprotected .NET assemblies can be decompiled easily by advanced programmers and crackers which makes it more easy to detect and remove the protection routines from your application. Therefore it is necessary to protect the code.

Here are some hints:

  • Apply obfuscation to your code. It can be don with different .Net obfuscators. A free edition of Dotfuscator is included to Visual Studio. In the ".NetProtection" sample code in our PPK - see folder [PPK root]\SmarxOS-Samples\Security - we use the open source obfuscator Confuser.
  • Use the hardware-based encryption engine of the CRYPTO-BOX to decrypt information required for application execution during runtime.
  • Wrap your .NET executable with a packer. The easiest solution is to use our AutoCrypt for it. See Smarx Compendium, chapter 4.5.3 for more details.

Furthermore, we are offering consulting and implementation support on request - please contact us to discuss your requirements.

« Back to FAQ Home