Looking at the of effort some oragnizations do to obfuscate Java bytecode to avoid others to decompile it and extract secret information from the code, taking in account the limitations of this practice):
Wouldn't it be feasible to use asymmetric encryption to face this problem? I mean, wouldn't it be possible for Oracle to equip the JVM with a certificate and a ClassLoader capable of decrypt encrypted class files using the private key of this certificate?
Of course, the classes would have been encrypted using the public key of this "unique oracle certificate".
The private key would be inside the JVM.
I suppose that maybe it is not mathematically possible to protect this private key inside the JVM (encrypting it in turn...), and that it would be eventually hacked... is this the case???
I suppose that maybe it is not mathematically possible to protect this private key inside the JVM (encrypting it in turn...), and that it would be eventually hacked... is this the case???
Essentially, yes.
If you use symmetric algorithms and store the key in the JVM, it will be trivial to reverse engineer and find those. If you employ obfuscation to hide them, it becomes less trivial, but it can still be done.
With public key crypto, the key doing the decrypting needs to be stored somewhere again. This is essentially a key storage problem and the only difficult to reverse engineer problems are in hardware; even then, they get broken.
My answer on IT security concerning effective DRM protection methods covers this in a little more detail.