The features
Identifier renaming
It doesn't come as too great a surprise that both these products perform this
basic obfuscation process. The idea is to discard the original names of identifiers
(ie the names of classes, methods, properties etc), and choose independent replacement
name - the transformation is essentially lossy, and so a decompiler cannot retrieve
the original name. Both obfuscators on test use also use "method overloading",
which take advantage of the fact that methods in .NET with different parameter
types may use the same name, and as a result, reduce the number of different
symbols being used. For example, if you start with
internal class MyClass {
private void GetName() { }
private void GetPosition(int index) {}
private int itemCount;
print int averageScore;
}
an obfuscator might rename this to
internal class a {
private void a() { }
private void a(int a) { }
private int b;
private double c;
}
Dotfuscator and Demeanor differ from here as to how they extend this process.
Dotfuscator uses a technique known as "Overload induction", which
essentially spots where multiple identifiers can be renamed to the same thing
(for example, two private variables in two classes can use the same name), and
maximizes the use of these - in one assembly we tried, around 46% of identifiers
were renamed to “a”, 22% to “b”, etc (although obviously
these figures can vary significantly depending on how your assembly is structured).
Demeanor takes a slightly different approach, an extends this method overloading
to general name overloading. In effect, it would obfuscate MyClass
above to something like
internal class a {
private void a() { }
private void a(int a) { }
private int a;
private double a;
}
by taking advantage of features available in IL, but not supported by C# or
any other .NET language. Both companies disagree over which of these two are
the most effective - but in the end, neither are perfect, but both are going
to deter all but the most determined hackers.
The added benefit of all this renaming is that the size of your final assembly
can be reduced significantly by both of these obfuscators - often by as much
as 10%. Obviously, if your assembly is going to be used as a library, then you
don't want public methods renamed, and so both provide options to turn of renaming
on public methods, or on specific classes/namespaces according to any regular
expressions you provide.
Incremental obfuscation
When releasing new versions of your product , or attempting to track down bugs
reported by your customers, the last thing you want is the obfuscator to choose
different "obfuscated" names for your classes each time you compile.
As a result, both products provide support for what is known as "incremental
obfuscation". When you first obfuscate an assembly, you can choose to output
an XML file which describes the renaming that the obfuscator chose. Then, on
subsequent calls you can provide this XML file, and the obfuscator will preserve
its earlier naming decisions, whilst obfuscating any new methods/classes that
you have added.
String encryption
In many situations you don't want someone to be able to view certain strings
hard-coded into your application. Both Dotfuscator and Demeanor provide options
to encrypt string literals within your application, although neither are particularly
clear on the strength of this encryption. In addition, Dotfuscator allows you
to specify certain classes (such as licensing!) in which to encrypt strings,
whilst leaving others untouched.