The document discusses the importance of mastering encryption and obfuscation for protecting software, especially with the introduction of AXProtector CTP by Wibu-Systems. It compares traditional methods of encryption and obfuscation and highlights the advanced features of AXProtector CTP, including modular licensing, automatic protection, and support for various operating systems. The document concludes with an emphasis on hybrid protection approaches that combine code obfuscation and data encryption for enhanced security.

1. Mastering Encryption
and Obfuscation
AxProtector CTP
Axel Engelmann
R&D Software
axel.engelmann@wibu.com
Ruediger Kuegler
VP Professional Services
ruediger.kuegler@wibu.com
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation

2. To access the on-demand replay of this masterclass,
please visit
https://www.wibu.com/wibu-systems-webinars/mastering-
encryption-and-obfuscation/access.html
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation

3. 5 Years Ago
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 3

4. Encryption vs Obfuscation
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
Encryption
Obfuscation
4

5. Encryption vs Obfuscation – Security Level
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
Code Not In Use Code In Use
Obfuscation
Encryption
Encryption
Obfuscation
5

6. AxProtector CTP
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 6

7. LLVM
Compile Time Protection
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
CPSRT
AxProtector
CTP
Language Logos: https://wikipedia.org , Dragon: https://www.llvm.org/Logo.html
WibuCpsConf
7

8. Comparison AxProtector Classic vs. CTP
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 8
Classic
CTP
Compiler Linker AxP Classic
Compiler Linker
AxP CTP

9. Structure of a Function
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
T
Basic Block
Jump
String
9

10. Obfuscation Techniques
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
?
?
Block Obfuscation
“Dead” Block
String Encryption
No Transformation
10

11. Control Flow Encryption
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
?
Address table
Data
Code
11

12. 2024-10-23
Unprotected
© WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 12

13. Protected
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
Entire function
13

14. Usage – CMake Configuration Without Protection
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 14

15. Usage – CMake Configuration With Protection
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 15

16. AxProtector CTP Features
• Protection
• Automatic Protection
• Modular Licensing
• License-Free
• CodeMoving
• File Encryption
• Advanced Obfuscation
• WUPI Interface
• Event handling through CpsEvents
• Traps
• Available for Windows, macOS, and Linux
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 16

17. Usage – protect.WibuCpsConf
Advanced Obfuscation + Licensing
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 17

18. Demo
Automatic- & Modular Protection
License-Free
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 18

19. Automatic CodeMoving
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
CM
19

20. • Encryption & Basic Obfuscation
• String encryption
• Jump indirection
• Constant encryption
• Advanced Obfuscation
• Instruction Substitution
• Call indirection
• Rtti obfuscation
• Opaque Predicates + Dead Code
• Constant Mutation
• Function Outlining
• Function Interleaving
• Code Virtualization
2024-10-23
Protection Feature Comparison
© WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 20

21. Automatic Protection Pipeline
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
Execution
Profile
Metrics
Protection
Model
Transformation
Classification
21

22. Demo
Automatic CodeMoving
Advanced Obfuscation
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 22

23. OS Security
• Microsoft: Security is a top priority (May 2024)
• Apple Hardened Runtime since the introduction of Apple Silicon
• SE Linux
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation
01011101010110
10101001000101
11101101010100
01011101000110
10101110000101
11101101010110
23

24. Roundup
• Encryption cannot protect code in use  Obfuscation
• Systems are getting hardened more and more
• Hybrid protection approach: Code Obfuscation & Data Encryption
• Tight Integration is the key to high security
• Solution: AxProtector CTP
• Future-proof protection measures
• Automatic deep integration
• Available currently for
• C/C++, Rust
• Windows, macOS, and Linux
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 24

25. &
Type your questions in the chatbox
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation 25

26. Headquarters +49-721-931720
USA +1-425-7756900
China +86-21-55661790
Japan +81-45-5659710
Korea +82-2-62069490
https://www.wibu.com
info@wibu.com
Thank You!
Let’s keep in touch
2024-10-23 © WIBU-SYSTEMS AG 2024 | Mastering Encryption and Obfuscation