0

During the workflow of my application, there are some "reconfiguration" messages I'd like the user not to be able to see.

I'm going to use SSL for protecting those messages while they are in transit, but I'm not sure if the client can see them before they are encrypted.

  • You mean you don't want the user to see them in the memory of your application if he dumps the memory? By "reconfiguration messages" you mean your custom messages or SSL protocol messages? – Evgeny S. Mar 15 '16 at 14:02
  • @EvgenyS. custom JSON messages –  Mar 15 '16 at 14:03
  • WIth memory research and cracking tools it is possible to inspect anything in memory used by your application. The only you can do is just to make this process more complicated using a kind of obfuscation when there is no ready message in the memory "as is" but you conctruct,encrypt and destroy it on-the-fly part by part. But even in this case it is possible to reconstruct the data flow. – Evgeny S. Mar 15 '16 at 14:07

1 Answers1

2

Your application is running on a computer the user has full access to. Therefore the user can manipulate your application and application memory and extract everything "secret" you implement.

The same is true for SSL connection. By simply adding a Man-in-the-Middle attack proxy into the network path the user will be able to see everything that is transmitted. Or the user can grab the data unencrypted from the application memory before you send them via SSL/TLS.

Conclusion: Don't rely on data that needs to be kept secret on client side. If it is secret data only process it on server side.

Robert
  • 39,162
  • 17
  • 99
  • 152
  • SSL is precisely for preventing MitM... Anyway, I'm accepting it because it's the only answer so far. My devs team will need to figure out a new way of managing this reconfiguration. –  Mar 15 '16 at 14:26
  • 1
    SSL/TLS relies on a list of trusted certificates - usually provided by the OS. By adding the certificate of the MitM proxy to list of certificates the MitM proxy is accepted as server. Only work-around would be to use certificate pinning in the app, but that can be patched out using reverse engineering. – Robert Mar 15 '16 at 14:35