Can I depend on the MATLAB Compiler 4.0 (R14) to protect my intellectual property?

21 views (last 30 days)
In the MATLAB Compiler documentation, it states: "Compiler 4 also uses a Component Technology File (CTF) archive to house the deployable package. All MATLAB files are encrypted in the CTF archive using the Advanced Encryption Standard (AES) cryptosystem where symmetric keys are protected by 1024-bit RSA keys." I would like to know how secure this algorithm is and whether it can sufficiently protect my intellectual property.

Accepted Answer

MathWorks Support Team
MathWorks Support Team on 22 Feb 2022
Edited: MathWorks Support Team on 22 Feb 2022
When the MATLAB Compiler, or one of the associated Builder products, creates an application, it bundles the MATLAB-based executable and data content of that application into a single file, which is known as the CTF archive. The Compiler encrypts each MATLAB file that it places into the archive. The Compiler does not encrypt any other type of file: MEX-files, MAT-files, FIG-files, Java JAR or class file. Every other type of file is simply copied, unchanged, into the archive.
When the deployable application is later run, the files in the CTF archive are extracted onto the disk. Those files that were encrypted in the archive remain encrypted on the disk.
The MATLAB Compiler uses the Advanced Encryption Standard (AES) encryption algorithm. Different parts of a deployed application have different levels of security:
1. Only the MATLAB files in a deployed application are protected by encryption. However, the names of the MATLAB files are not obscured, neither is the directory structure of the application.
2. The binaries generated by the MATLAB Compiler (the library or executable wrapper code) contain very little of the intellectual property inherent in the application.
3. Any data shipped with a deployed application (MAT-files or other data files) is not secured by the MATLAB Compiler. You should expect that users can easily access the content in these files unless you encrypt them yourself.
Note that our encryption protocol does not have an “Orange Book” classification. No security protocol or encryption algorithm is ever completely secure. It is possible that a determined attacker could find a way to read the contents of the MATLAB files in a deployed application. We expect this would be quite difficult to do, but we neither claim it is impossible nor can we quantify the level of difficulty.
Walter Roberson
Walter Roberson on 27 Oct 2020
Bruno is correct. Any decryption mechanism for portable files that can work on systems not connected to the Internet, and which does not require that the user enter the key, inherently has to build the key into the code, and then it becomes a matter of how much the code can obfuscate the key.
Key distribution is a big problem in cryptography.

Sign in to comment.

More Answers (0)

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!