MATLAB Answers

0

Can I depend on the MATLAB Compiler 4.0 (R14) to protect my intellectual property?

In the MATLAB Compiler documentation, it states: "Compiler 4 also uses a Component Technology File (CTF) archive to house the deployable package. All MATLAB files are encrypted in the CTF archive using the Advanced Encryption Standard (AES) cryptosystem where symmetric keys are protected by 1024-bit RSA keys." I would like to know how secure this algorithm is and whether it can sufficiently protect my intellectual property.

1 Answer

Answer by MathWorks Support Team on 6 Jul 2017
 Accepted Answer

When the MATLAB Compiler, or one of the associated Builder products, creates an application, it bundles the MATLAB-based executable and data content of that application into a single file, which is known as the CTF archive. The Compiler encrypts each MATLAB file that it places into the archive. The Compiler does not encrypt any other type of file: MEX-files, MAT-files, FIG-files, Java JAR or class file. Every other type of file is simply copied, unchanged, into the archive.
When the deployable application is later run, the files in the CTF archive are extracted onto the disk. Those files that were encrypted in the archive remain encrypted on the disk.
The MATLAB Compiler uses the Advanced Encryption Standard (AES) encryption algorithm. Different parts of a deployed application have different levels of security:
1. Only the MATLAB files in a deployed application are protected by encryption. However, the names of the MATLAB files are not obscured, neither is the directory structure of the application.
2. The binaries generated by the MATLAB Compiler (the library or executable wrapper code) contain very little of the intellectual property inherent in the application.
3. Any data shipped with a deployed application (MAT-files or other data files) is not secured by the MATLAB Compiler. You should expect that users can easily access the content in these files unless you encrypt them yourself.
Note that our encryption protocol does not have an “Orange Book” classification. No security protocol or encryption algorithm is ever completely secure. It is possible that a determined attacker could find a way to read the contents of the MATLAB files in a deployed application. We expect this would be quite difficult to do, but we neither claim it is impossible nor can we quantify the level of difficulty.

  0 Comments

Sign in to comment.