RE: How secure are dongles for copy-protection?

["c0ncept" <c0ncept () hushmail com>]

        If the dongle performs some cryptographic operation based on constant
information from the machine, then it should be possible to record and play
back the information.
        If the information is based on a psuedo-random value, then some way must
also exist to verify the authenticity of the returned value on the computer.
The application would have to perform the same operations in software, and
compare the result against the value it computes.
        A similar hardware example would be the RSA SecureID / ACE Server. The ID
generates a new ID every 60 seconds; the ACE server generates the same ID. A
dongle scheme based on some cryptographic operation would be functionally
simaller, with the caveat that the ACE Server is implemented in software on
the box [ The application requiring the dongle]. Simply reverse engineering
the software would be sufficient.
        I may be missing something, but I can't think of a way to implement
something in hardware and have it verified by software in a secure manner
when a malicious user has access to the software.

        --c0ncept


-----Original Message-----
From: Ryan Permeh [mailto:ryan () eEye com]
Sent: Tuesday, June 05, 2001 11:24 AM
To: Felix Huber; Penetration Testers
Subject: Re: How secure are dongles for copy-protection?


the only types of dongle protection that don't completely suck are those
that take information from the machine and perform a specific set of
operations on the dongle(prefereably a cryptographic operation, a hash or
crypte/decrypt) purely in hardware on the dongle.  This means that the
cracker either has to reverse the entire crypto algorithm(using black box
techniques like known plaintext attacks), including finding the keyed value
on the dongle, or use a hardware lab to actually reverse the hardware.  This
has been doen a few times, by both academic groups and security groups like
atstake.  you don't only want to look at dongle research, but also smartcard
research and all of the other hardware authentication methods since most of
the techniques to authenticate a user using a fob and authenticating
software using a fob are basically the same.

This basically works down to a time/money scheme, just like most crypto
adversary equations.  Is the data you are protecting(you program in this
sense) worth the value of spending time and money to protect in this manner?
will an adversary think it valueable enough to do the work to break this
scheme?  This is all assuming a "perfect" implementation, of course, where
breaking the algorithm/key on the dongle is the easiest way in, and not just
subverting control of the application.  Also, keep in mind that if you use
off the shelf componenets for your dongle/algorithm, someone spending the
time and money to crack yours may in turn crack all derivitive and
corrolated products, making the worth of cracking your scheme potentially
more valuable than just cracking your software(ie, look at the decss
scenario.  one implementation fell, and with that information, all soon
fell).


Signed,
Ryan Permeh
eEye Digital Security Team
http://www.eEye.com/Retina -Network Security Scanner
http://www.eEye.com/Iris -Network Traffic Analyzer

----- Original Message -----
From: "Felix Huber" <huberfelix () webtopia de>
To: "Penetration Testers" <PEN-TEST () SECURITYFOCUS COM>
Sent: Tuesday, June 05, 2001 4:05 AM
Subject: Re: How secure are dongles for copy-protection?


> Hi,
>
> of course - the most dongle checks were cracked. I have seen 3DSMax and
> other... For more information:
> http://www.google.com/search?q=3Ddongle+cracked
>
>
>
> Regards,
> Felix Huber
>
>
> -------------------------------------------------------
> Felix Huber, Web Application Programmer, Webtopia
> Guendlinger Str.2, 79241 Ihringen - Germany
> huberfelix () webtopia de     (07668)  951 156 (phone)
> http://www.webtopia.de     (07668)  951 157 (fax)
>                                          (01792)  205 724 (mobile)
> -------------------------------------------------------
>   ----- Original Message -----=20
>   From: Harold Thimm=20
>   To: pen-test () securityfocus com=20
>   Sent: Monday, June 04, 2001 9:43 PM
>   Subject: How secure are dongles for copy-protection?
>
>
>   I'm looking for any information on incorporating dongles into a =
> software package for copy protection. In particular, I'm looking for =
> information on the Rainbow Technologies Sentinel, but advice on =
> dongle-based copy protection in general is appreciated.
>
>   How easy/difficult is it to break this kind of copy-protection? Are =
> there any known weaknesses in the dongle-type systems themselves (as =
> opposed to implementation weaknesses?)=20
>
>   Are there any dongle-based protection schemes that have been cracked, =
> and if so, how?=20
>
>
>
>   (A pointer to a URL would be appreciated, if you have it.)
>
>   Thanks in advance.
>
>   HAL