Identifier renaming
It doesn't come as too great a surprise that both these products perform this basic obfuscation process. The idea is to discard the original names of identifiers (ie the names of classes, methods, properties etc), and choose independent replacement name - the transformation is essentially lossy, and so a decompiler cannot retrieve the original name. Both obfuscators on test use also use "method overloading", which take advantage of the fact that methods in .NET with different parameter types may use the same name, and as a result, reduce the number of different symbols being used. For example, if you start with
internal class MyClass {
private void GetName() { }
private void GetPosition(int index) {}
private int itemCount;
print int averageScore;
}
an obfuscator might rename this to
internal class a {
private void a() { }
private void a(int a) { }
private int b;
private double c;
}
Dotfuscator and Demeanor differ from here as to how they extend this process.
Dotfuscator uses a technique known as "Overload induction", which
essentially spots where multiple identifiers can be renamed to the same thing
(for example, two private variables in two classes can use the same name), and
maximizes the use of these - in one assembly we tried, around 46% of identifiers
were renamed to “a”, 22% to “b”, etc (although obviously
these figures can vary significantly depending on how your assembly is structured).
Demeanor takes a slightly different approach, an extends this method overloading
to general name overloading. In effect, it would obfuscate MyClass
above to something like
internal class a {
private void a() { }
private void a(int a) { }
private int a;
private double a;
}
by taking advantage of features available in IL, but not supported by C# or any other .NET language. Both companies disagree over which of these two are the most effective - but in the end, neither are perfect, but both are going to deter all but the most determined hackers.
The added benefit of all this renaming is that the size of your final assembly can be reduced significantly by both of these obfuscators - often by as much as 10%. Obviously, if your assembly is going to be used as a library, then you don't want public methods renamed, and so both provide options to turn of renaming on public methods, or on specific classes/namespaces according to any regular expressions you provide.
Incremental obfuscation
When releasing new versions of your product , or attempting to track down bugs reported by your customers, the last thing you want is the obfuscator to choose different "obfuscated" names for your classes each time you compile. As a result, both products provide support for what is known as "incremental obfuscation". When you first obfuscate an assembly, you can choose to output an XML file which describes the renaming that the obfuscator chose. Then, on subsequent calls you can provide this XML file, and the obfuscator will preserve its earlier naming decisions, whilst obfuscating any new methods/classes that you have added.
String encryption
In many situations you don't want someone to be able to view certain strings hard-coded into your application. Both Dotfuscator and Demeanor provide options to encrypt string literals within your application, although neither are particularly clear on the strength of this encryption. In addition, Dotfuscator allows you to specify certain classes (such as licensing!) in which to encrypt strings, whilst leaving others untouched.
Comments