Introduction to SLP Services Internals

In this article, we will look into architecture of SLP Services. As we know, SLP Services protects our intellectual property like code from pirates as well as providing flexible business models with a built-in licensing system. Now, we will see how SLP Services works.

Problem Solution Benefit
Code Protection Code transformation & anti-reverse engineering Increased profits & Protection for Intellectual property [like code].
License Management Activation & Enforcement of license Low license management costs
Flexible Business Models SKU Agility No need of development team in changing business models.
Improved Customer Satisfaction Flexible licensing Better User Experience
Improved Productivity Less coding for license management and code security. Reduced Costs and development time in product implementation.

The above table explains the solution and benefits provided by SLP Services for an ISV (Independent Software Vendor). Let's see how SLP Services provides code protection.

On .NET platform, whatever the code is written will be converted to MSIL. CLR finally converts this MSIL code to platform-specific native code using JIT compilation. This way of compiling provides lot of advantages. At the same time, the MSIL code will also have lot of structure and information inherited from base language like C# or VB.NET. As a result, MSIL code will be decompiled easily back to high level language using reverse engineering techniques. Below figure shows the phases of running a .NET application:

slp1.gif

So, we use to share the assemblies having IL code to the clients. By using tools like reflector, it can be decompiled to hack our code or trade secrets. SLP services addressed this problem by providing security to sections of code having sensitive data like connection strings, complex algorithms etc. Traditionally, there are few ways to secure our code without using SLP code protection services. We will have a look at each of those strengths and weaknesses:

Obfuscation: This technique alters the IL code such way that decompiled code is hard to read for most people. It will alter names of classes, methods and changes flow of code having same end result having difficulty in reading. Reverse engineering is still possible, but difficult to do it.

Encryption: This technique encrypts the contents of an assembly by using tools provided by Microsoft. But, it does require decrypting for execution by CLR. So, there is performance hit. It is also possible for a hacker to get decryption key of the assembly by using automated tools.

Code Splitting: This technique splits the code having sensitive information passed on using some special security like hardware or smartcard. It is costs high and inefficient in certain scenarios.

All above techniques are having some weaknesses. So, Microsoft provided an efficient code protection technique using SVML (Secure Virtual Machine Language). SLP Code Protector application part of SLP Services converts IL code to SVML code. This SVML code cannot be decompiled. Since MSIL specification is known to all for decompiling it.
Where as SVML code changes with each unique SVML Permutation.

Lets' see how SVML provides security to our code from decompiling:

  • MSIL code (methods) having sensitive information is converted to SVML code.
  • This SVML code is unique for a SLP Permutation. SLP Permutation is the unique combination of SVML and SVM (Secure Virtual Machine).
  • SVML code will be in encrypted form.

So, it's hard to decompile the code having SVML in it.

Whenever an assembly having SVML in it is executed, CLR executes the IL code where as SVM executes SVML code having sensitive information. This SVM works as an integral part of application logic, thus making hard to bypass license routines.

I will outline the steps performed by SLP Code Protector:

  • Sensitive data like connection strings and methods is removed from IL code and replaced with a call to SVM having SVML code. So, a .NET decompiler cannot reverse engineer the code.
  • This SVML code is encrypted for high security.
  • After IL to SVML conversion is completed, if we view assembly in a .NET decompiler, protected code will have only a call into the SVM with a random characters string.
  • IL code is executed by CLR and SVML code will be executed by SVM.

It is suggested to use SLP Code Protector on methods having sensitive data only. Since, performance will be reduced, to decrypt and execute protected code. I am ending the things here. I hope this article will be helpful for all.