Quarkslab released this week a new version of Quarks App Shield, our Application Shielding software.
In the last year, our development team added new features, released two new components and continuously improved the security/performance ratio.
- Quarks App Protect, which couples code & data obfuscation with self-defending mechanisms (RASP);
- Quarks Keys Protect, a white-box cryptography library;
- Quarks Digital Vault, a cryptographic library enabling developers to leverage hardware crypto features when available.
For a better reflection of the available functions, Quarks AppShield is now split into three components:
Based on the industry-standard compiler LLVM, Quarks App Protect evolved over the years from offering obfuscation passes to integrating integrity and environments checks into applications to protect them against reverse engineering and tampering attempts.
Thanks to our team hard work, Quarks App Protect offers today more than 30 obfuscation passes, making it one the most advanced obfuscation software on the market.
To reflect the recent advancements in software protection, our team also developed Quarks Keys Protect, a white-box cryptography library resistant to BGE and DCA attacks, and Quarks Digital Vault, a secure storage library, which leverages hardware capabilities when available.
Quarks App Protect:
This component has seen a lot of improvements since our last release note, here are the most important ones:
- Quarks App Protect is now based on Clang/LLVM 10
- Implemented new obfuscation passes, now totalling more than 30+ obfuscation passes
- Added checks to detect Frida on Linux (including Android)
- Added checks to detect memory regions with rwx permissions on Linux (including Android)
- Implemented new anti-debug checks for Windows
- Support for Apple Catalyst (beta) binaries
Quarks Keys Protect
We released last year a white-box cryptography library for Linux, Android, iOS & OSX, allowing developers to use the most common cryptographic algorithms: AES in different modes, hash functions such as SHA-256 as well as asymmetric cryptography with ElGamal.
Quarks Digital Vault
We released a secure storage library for Android & Linux: it uses the Keystore facility provided by Android to store application-specific keys to encrypt and sign data stored in a secure storage database.
This library is well suited to encrypt sensitive data used in an application such as application-specific tokens, UUIDS, API tokens,…
To learn more about Quarks App Shield and its components, go to the product page at the following link: quarkslab.com/quarks-appshield
If you wish to see how Quarks App Shield could help you protect your application or connected object, schedule a meeting with our sales team at the following link: https://quarkslab.com/schedule-a-demo-quarks-appshield/