In the following section we provide a brief evaluation of the MCFACT technology.

Reverse-Engineering
MCFACT prevents an adversary from obtaining an inside view of the protected program code and protected data through observation of the program’s runtime behavior. The program code is transformed into large finite automata tables. An adversary can not reverse-engineer the automata tables, because a reverse transformation from large finite automata to program code would involve the decomposition of large finite automata, which is a hard mathematical problem.

Decomposition Problem and Reversing
If an adversary wants to attack the automata tables, he is forced to decompose large Multi-Channel-Finite-Automata. Experience with the decomposition of large finite automata has been obtained e.g. by analyzing the Chinese public key algorithm FAPKC. One version of this algorithm was broken by reversing the public key. Nevertheless, today there is no known approach to break this algorithm using decomposition. Reversing is no security issue for MCFACT, no information about the inner structure can be obtained using this approach.

Complexity of Program Code
The degree of security obtained by employing MCFACT also depends on how much program code is protected and how complex that code is. An adversary is forced to develop a model of the protected code based upon input-output data observation. The effort of guessing the sequence of instructions of a protected program part increases exponentially by the number of instructions used.

Removal of Watermark
The automata tables within the protected application also serve as a unique watermark. Removal of the watermark is not possible, because the automata tables accommodate the protected program code.