Is it even possible to make a flash application completely secure? I’m using flash as a way to connect to my socket server and relay information back and forth then communicating with JavaScript so essentially I have an HTML UI and I’m only using Flash a relay between the two. The problem is that this is VERY insecure, with any basic packet catcher such as WPE I can easily watch my packets, replay them etc… I can send false init packets, or false whatever.
I know the right way would be to go about encrypting data sent over the socket and decrypting it once it reaches the server, the issue I’m concerned with is exactly how secure will my encryptions be? I’ve done a lot of research and found several promising encryption packages that offer many different hashes, the issue is that because flash is so easily decompiled what level of security would these encryptions be offering? Wouldn’t it, in theory, be extremely easy to decompile my flash application, get the key and manufacture your own decrypter using my keys?
Anyone have any suggestions on securing data being send over a flash socket?
