- From your memory, third parties can read:
- Your code can be changed, and manipulated.
SafeOrbit is a cryptographic library to protect sensitive dataof an application from being manipulated or read.
It’s open-source on GitHub and available on NuGet .
- Protects your strings in memory while allowing you to securely compare & modify them.
- Protects your binary data with
SafeBytes. - Anti injection module safeguards your application against memory injections and timing attacks.
- Leverages high performance and secure algorithms for encryption, hashing and random in interfaces that makes it much hard to screw up.
It’s written for & used by my password manager Password Orbit.
A simplified example
Before SafeOrbit
code:
check-license-function: '1. goto website, 2. check if user paid'
data:
user-name: jade1983
pwd: password123
has-license: false
A hacker can
- read password
password123easily from application memory. - can modify application memory and change last three words
has-license: falsetohas-license: trueand gives person a license by tricking the application. - or a hacker can modify
check-license-functionand bypass license validation logic.
After SafeOrbit
code:
check-license-function: '1. goto website, 2. check if user paid'
data: ue95bEEfSaaMjbpylkwnmsCqGoy8ra2VPqjIRT72wVoKFAYzUVMNWKIV7dvXN1EMpFYjPMGddU7+iua8DskPAA==
signature: EQ8RgU/q/34cO7Ea4gc2y610kvsCCbZ3e9eYAKXaytqC/fKb09EFuG74JK+kbQHGfsP+BfuwwtX9NhOP9AxIyw==
A hacker can not:
- read any password as they are encrypted as the user types them.
- cannot forge any application data or code as every change to the application code or state is signed.