Re: How secure are dongles for copy-protection?

["Ryan Permeh" <ryan () eEye com>]

this is only vulnerable to a replay in certain situations.

ie: a certain key on a certain dongle is matched to the distrubuted crypted
pe.  hence, a single correct key would only work in conjunction to the
specific dongle/software dist.  ie:  i make a dist for you, i gibve you a
dongle specific to that dist.

There stands a chance that if not implemented correctly, or if there is just
a single decrypt of the entire code section of the executeable, you may just
do a single memory dump to disk after it is encrypted once, then rebuild the
executeable from this.  This is why you perform some operations at runtime
also(in addition to other anti cracking tricks, self modifying code, anti
debugging, etc), so that it is unlikely that
it is worth cracking a single instance of this program while not being able
to create a general crack for all instances.

Really decent dongle protection is not cheap.  it is not useful for most
software situations because of this.  Also,  it is important to remember
that a sufficeintly dedicated cracker will break anything.  if he has it, he
will break it.  know your opponents and protect agaiunst the highest degree
of opponent that is efficent(time vs money vs value of the program) to
protect against.  It's unlikely that some 30 dollar shareware program would
require such a system.  it may be worth it, however, to protect some $100k
systems.  it's up to the developer/vendor to evaluate the degree of
protection that is useful for the situation.

Signed,
Ryan Permeh
eEye Digital Security Team
http://www.eEye.com/Retina -Network Security Scanner
http://www.eEye.com/Iris -Network Traffic Analyzer

----- Original Message -----
From: "Daniel Roethlisberger" <daniel () roe ch>
To: <PEN-TEST () securityfocus com>
Sent: Wednesday, June 06, 2001 8:11 AM
Subject: Re: How secure are dongles for copy-protection?


> Ryan Permeh <ryan () eEye com> wrote:
> > 1. Take a key issued by vendor. This is the "liscence" key
> >    offered in most scenarios.
> > 2. Pipe this key to the dongle.
> > 3. perform cryptographic transformation on the issued "liscence
> >    key". this cryptographic transform could be a
> >    hash/crypt/decrypt depending on situation. Potentially this
> >    could be multiple transformation. The closer to hardware
> >    configured the better.
> > 4. return the value of the transformation(s) from the dongle to
> >    the program.
> > 5. use this as a key to uncrypt the codesegment of the
> >    executeable(the .text segment of the pe or whatever format
> >    you need).
>
> This is still vulnerable to the replay attack. You just look at
> the output of the dongle and replay that to the software; it
> requires no attack on the dongle itself. I come to the conclusion
> that dongle based protection systems cannot be perfect. Either you
> can replay the dongle output; or you can attack the part of the
> software that does the same operation as the dongle in order to
> verify the result.
>
> Cheers,
> Dan
>
>
> --
>    Daniel Roethlisberger <daniel () roe ch>
>    PGP Key ID 0x8DE543ED with fingerprint
>    6C10 83D7 2BB8 D908 10AE  7FA3 0779 0355 8DE5 43ED