Protection Features

Symbols Renaming

Symbols Renaming is one of the most important obfuscation techniques. Namespaces, Types, Fields, Methods, Properties, Events, as well as Generic and Method Parameters names are changed into names generated using a custom alphabet. The original names are lost and it is impossible to recover the meaning of renamed elements.

While being important, renaming is quite difficult to implement. Yano implements and takes into account the following:

• Keeps originally intended method overrides, as well as implicit and explicit interface implementations.
• Performs advanced method overload induction.
• Updates symbol references across assemblies.
• Handles serializable classes specifically by excluding them from renaming (the default) or, when included, uses some special rules for them.
• Renames Windows Forms resources in-sync with respective classes.
• Renames binary Windows Presentation Resources (BAMLs) in-sync with respective classes and members whenever possible.
• Records a map with obfuscation results so that a user-submitted stack trace can be decoded back to the original unobfuscated stack trace.

It is not always possible to automatically fix-up all of the references to renamed elements. The matters are complicated whenever reflection or data binding techniques are used. The actual used names at runtime might even not be known by you, as the developer of the application. A type can have its name read from a configuration file, a database, dynamically loaded by using a plugin framework, or even be anonymous. This is why Yano offers a flexible exclusions configuration to handle a wide variety of cases and technologies (see Advanced Rules).

Control Flow Obfuscation

Yano employs some advanced control flow obfuscation techniques. Yano destroys the code patterns that decompilers use to recreate the source code in high level languages. The end result is code that is semantically equivalent to the original but decompilable only to IL.

Control flow is by default obfuscated at normal level for all methods. Normal level offers a compromise between obfuscation and application performance. It is recommended to change the level to high for code that contains intellectually important code, such as advanced algorithms and licensing checks. Control flow obfuscation level can be set to low or switched off entirely for performance critical methods.

Encryption

Yano can perform string literals encryption and managed resources compression and encryption. This prevents attackers from quickly finding sensitive code via string searches, while reducing assemblies size.

String literals are decrypted at runtime, right before they are used. Resources are decrypted once for each assembly, at their first access.

String literal decryption introduces a slight runtime penalty. Therefore, it is recommended to disable this functionality for performance sensitive methods.

Anti-Tampering

If you choose to sign or resign output assemblies and use string literals or resources encryption, Yano can optionally make tamper-proof modifications, so that assemblies will be protected from further modifications.

Do not use this option if you intend to make any instrumentation on your assemblies. Advanced Rules can be used to control anti-tampering option on a per-assembly basis.