On Fri, May 16, 2003 at 07:42:30PM -0700, Charles Tilbury wrote:
I was thinking more along the lines of PGP with both keys being private.
How? The interpreter needs to decrypt the source, once it is done it may be captured, or the key may be extracted from the interpreter binary, etc. (it is like how DVDs encryption may be avoided, not cracked).
In general, you cannot use encryption to keep your source hidden (unless you have some hardware-based interpreter, but even then...), it will only slow down reverse engineering, just a bit. But finally the attacker will get the source code as is (the original).
However, in case when you use a byte code there is no way to convert it to original source, so it is preffered way to keep source closed (it is also quite difficult to modify or tweak byte-code for an attacker, since it requires deep knowledge of the interpreter, VM and program logic).
Regards, /Al