Make function secure on web...

[lidds]

I have a VB.Net exe application that has a function in it that contains my encryption method that is used through out my application. This function is used to generate all my encrypted passwords and files etc. therefore for obvious reasons I do not want this to be visible to end users. In my application this is fine as it is compiled as a .exe. However I want to now create a ASP.Net web based version of my application.

Now here comes the question, if I was to create a web version of my application then this function would be visible to the end users along with a large number of other functions that if edited could bypass security and license control. I would like to know what is the best way to keep my ASP.Net webbased version secure from tampering, or is ASP.Net not the best for this?

Really looking for some guidance on how others deal with this.

Thanks

Simon

 

[jmcilhinney]

Isn't it the complete opposite? A .NET application can be fairly easily decompiled so hiding things in a Windows app is a challenge, while your VB code in a web app is safe on the web server. It's only the client-side JavaScript code that the user can see, not the VB.

 

[lidds]

Yes I agree with the statement about Windows apps, I compile my exe using Themida, just to add that extra bit of security.

With regards to my question, sorry it was my fault I did not explain one vital piece of information. I need to supply the ASP.Net code to my clients so that they can run on intranet and make it accessable where required to their clients to access. However the companies I deal with always want to host this them selves.

Thanks