Hide something like a key or a fourCC in the compiled program

Question

First of all, I have done a lot of research before but I have to ask something that may be simple... or not, but I prefer to ask you in order to be sure...

I have two kind of keys, one set up by me and the other is a simple FourCC code. However, It's pretty simple to find them in the code of the .exe by using HxD for example. So I would like to hide the key in the .exe, but not to change it, here is the example of my key :

BYTE * pbData = new BYTE[dwDataSize];
file.Read(pbData, dwDataSize);

CLZObject zObj;

static DWORD mykey[4] =
{
    000000,
    11111111,
    222222222,
    33333333
};

if (!CLZO::Instance().Decompress(zObj, pbData, mykey))
{
    delete[] pbData;
    return false;
}

As you can see, I use LZO but it's still easy to find the key as we usually know where she is...

Then, here's the FourCC (it's absolutely easy to find because we just have to type the letter, example : DXT1.

    case MAKEFOURCC('D','X','T','1'):
    strncpy_s(strPixelFormat, 512, "DXT1", 31);
    m_CompFormat = PF_DXT1;
    break;

So I thought to hide the key by using memory (I don't have example but I could provide one) or to encrypt the key in order to hide it from the program, but I don't know (or I'm not sure) how to encrypt something like that :

    000000,
    11111111,
    222222222,
    33333333

Thanks, Have a nice day ! :)

Edit: Years ago I have come with a whole different approach using some obfuscating algorithm (some publicly available) that did exactly what I was looking for.

Answer 1

It's be good if you said why you want to hide it. FourCC is 4 bytes so can be seen as int. You can xor it, or encrypt it in some other way. But obviously this will not serve against serious adversaries as the key will be in the code anyway.

Don't forget serious hackers will scan the code and data when the program is running in addition to the program on disk.

EDIT:

Here's a quick and dirty bit of code to get your fourcc xor-ed. You'd apply the same in runtime to get back to the original value. Using 0x55555555 is convenient as printable chars remain printable so you can use the output string rather than the number:

int main( int argc, char* argv[] ) {
  char s[5];
  *(unsigned int*)s = *(unsigned int*)argv[1] ^ 0x55555555u;
  s[4] = '\0';
  printf("\"%s\"  ==>  \"%s\" (0x%08xu)\n", argv[1], s, *(unsigned int*)s);
  return 0;
}

$ ./a.exe xvid
"xvid"  ==>  "-#<1" (0x313c232du)
$ ./a.exe mpeg
"mpeg"  ==>  "8%02" (0x32302538u)
$ ./a.exe avc1
"avc1"  ==>  "4#6d" (0x64362334u)