This is Part III of our discussion on ROT128 Encryption.

Part I: “Applying ROT128 Encryption On ByteArray”
Part II: “Applying ROT128 Encryption On Embedded/Module SWFs”

In “Saving XML As Binary”, we looked at how text XML can be stored in a ByteArray object so that it can be compressed and made non-human-readable. In this post, we look at how you can integrate ROT128 into the XML-to-ByteArray-to-XML routines. Binary XML is used only as an example; you can definitely apply the same concept to other binary data.

Continue Reading »

This post is a supplement to “Applying ROT128 Encryption On ByteArray”.

Some time back, we posted a simple technique for hiding assets and AS3 code from prying eyes by embedding one SWF within another SWF. In this post, we revisit that topic and look at how ROT128 can be used to provide an additional layer of protection.

Continue Reading »

In this post, we will look at a very simple algorithm for weak encryption. You should not use this method for real cryptographic security. However, because it is so simple to implement, the light-weight algorithm could easily escape prying eyes and avoid being the target for decryption in the first place.

I should also clarify that the term “ROT128″ does not actually exist. The original idea comes from ROT13, a variant of the Caesar Cipher (named after Julius Caesar of ancient Rome who used it to encrypt messages, but it is not clear who first invented or started using the cipher).

Continue Reading »

When targeting Flash Player 10 or AIR 1.5, you can use the clear() method of the ByteArray class to explicitly clear the contents of the byte array and free up the memory otherwise used by the bytes. The length and position properties are reset to zero after calling the clear() method.

Unfortunately, when targeting Flash Player 9, this clear() method is not available. If you are using a ByteArray object as a data store, keeping a reference to the object and therefore not allowing the object to be garbage collected, do take note that there is no way to clear the contents. This means that the size of ByteArray objects can only be enlarged and never shrunk.

It is important to note that while you can truncate the ByteArray to zero byte by setting its length property to zero, this will not dispose the contents or free up the memory used.

Continue Reading »

The technique discussed below is fairly easy to implement and will cost nothing other than a few minutes of your time. You can use this method in conjunction with code obfuscation, encryption or whatever other protection methods – this just adds another layer of protection. While this isn’t going to be a 100% foolproof protection, it is nevertheless better than no protection at all, and should help to deter most if not all casual decompiling.

Continue Reading »