Software publishers often attempt to restrict access to portions of compiled software executables to thwart would-be reverse engineering while still allowing the executables to function properly. Reverse engineering is the practice of dissecting and/or analyzing software to understand how it works. On certain systems, reverse engineering can retrieve information stored within software such as information related to cryptographic keys or copy protection schemes. Reverse engineers can even tamper with the software itself.
A reverse engineer attacks a program from two main paths, data and control flow. One simple straight forward way to protect data is to mask it. That is, change its representation with an efficient operation. So, instead of storing A in memory, store A^X, where X is some static mask selected at runtime.
An even better way to mask A would be to use a dynamic mask, or an X that is selected ‘randomly’ at runtime. This way, A^X changes at runtime even though A itself may not be changing. This is better security, as the A^X changes when either A changes or X changes, as opposed to only when A changes (when X is static).
However, one of the drawbacks to this mechanism is that this dynamic transform to A cannot be applied at compile time if A is supposed to be ‘baked’ into the binary itself (for example, as an initializer), so that the initial starting value does not actually receive a dynamic mask. It is impossible to do so, without going in and rewriting the binary code, and then loading the freshly written one, since it is a static value baked into the binary.
Therefore, traditional mechanisms for protecting program data are slow, bulky, and not effective.