Re: How secure are dongles for copy-protection?

["Ryan Permeh" <ryan () eEye com>]

certainly.  this is what i commented about earlier("This is all assuming a
"perfect" implementation, of course, where
breaking the algorithm/key on the dongle is the easiest way in, and not just
subverting control of the application.  ").
the most correct/optimal way of handling this is as follows:

1. Take a key issued by vendor.  This is the "liscence" key offered in most
scenarios.
2. Pipe this key to the dongle.
3. perform cryptographic transformation on the issued "liscence key".  this
cryptographic transform could be a hash/crypt/decrypt depending on
situation.  Potentially this could be multiple transformation.  The closer
to hardware configured the better.
4. return the value of the transformation(s) from the dongle to the program.
5. use this as a key to uncrypt the codesegment of the executeable(the .text
segment of the pe or whatever format you need).

There are other tricks you can do, ie use runtime decoding of code at use,
using different bit patterns as checks for features to be enabled,disabled,
etc.  But basically, if the code is crypted, and the key comes from a
transformation on the fob, you really don't do "compares".  it's key info,
not compare info.  do not use fobs for handling yes/no issues.  use them to
generate keys as appropriate to decode stuff.  This forces an attack on the
crypto transforms on the key, which makes softice worthless, and makes the
attacker use more traditional methods (real ice, anti hardware tactics,
etc).

this has to be implemented in a executeable wrapper around a binary(or built
as part of the binary itself), and the wrapper has to be keyed to the key
fob you use.

Signed,
Ryan Permeh
eEye Digital Security Team
http://www.eEye.com/Retina -Network Security Scanner
http://www.eEye.com/Iris -Network Traffic Analyzer

----- Original Message -----
From: <shampster () mail 3xT org>
To: "Ryan Permeh" <ryan () eEye com>
Cc: "Penetration Testers" <PEN-TEST () securityfocus com>
Sent: Tuesday, June 05, 2001 2:50 PM
Subject: Re: How secure are dongles for copy-protection?


> On Tue, 5 Jun 2001, Ryan Permeh wrote:
> > the only types of dongle protection that don't completely suck are those
> > that take information from the machine and perform a specific set of
> > operations on the dongle(prefereably a cryptographic operation, a hash
or
> > crypte/decrypt) purely in hardware on the dongle.  This means that the
> > cracker either has to reverse the entire crypto algorithm(using black
box
> > techniques like known plaintext attacks), including finding the keyed
value
> > on the dongle, or use a hardware lab to actually reverse the hardware.
>
> . . . Not if all this trickery ends in a function returning a 0 for
> failure and a 1 for success . . .
> What does the software do with the hash
> once it's passed back to the application?  Compare it to a constant?
> Hopefully not. Use the returned value as a pointer to the next code
> segment? Better, but usually still not very difficult to break.
>
> To completely emulate the dongle, the cracker does have to reverse the
dongle.
> But a cracker does not need to reverse the dongle to break the protection.
>
> [snip]
>
> > Signed,
> > Ryan Permeh
> > eEye Digital Security Team
> > http://www.eEye.com/Retina -Network Security Scanner
> > http://www.eEye.com/Iris -Network Traffic Analyzer
> >
> > ----- Original Message -----
> > From: "Felix Huber" <huberfelix () webtopia de>
> > To: "Penetration Testers" <PEN-TEST () SECURITYFOCUS COM>
> > Sent: Tuesday, June 05, 2001 4:05 AM
> > Subject: Re: How secure are dongles for copy-protection?
> >
> >
> > > Hi,
> > >
> > > of course - the most dongle checks were cracked. I have seen 3DSMax
and
> > > other... For more information:
> > > http://www.google.com/search?q=3Ddongle+cracked
> > >
> > >
> > >
> > > Regards,
> > > Felix Huber
> > >
> > >
> > > -------------------------------------------------------
> > > Felix Huber, Web Application Programmer, Webtopia
> > > Guendlinger Str.2, 79241 Ihringen - Germany
> > > huberfelix () webtopia de     (07668)  951 156 (phone)
> > > http://www.webtopia.de     (07668)  951 157 (fax)
> > >                                          (01792)  205 724 (mobile)
> > > -------------------------------------------------------
> > >   ----- Original Message -----=20
> > >   From: Harold Thimm=20
> > >   To: pen-test () securityfocus com=20
> > >   Sent: Monday, June 04, 2001 9:43 PM
> > >   Subject: How secure are dongles for copy-protection?
> > >
> > >
> > >   I'm looking for any information on incorporating dongles into a =
> > > software package for copy protection. In particular, I'm looking for =
> > > information on the Rainbow Technologies Sentinel, but advice on =
> > > dongle-based copy protection in general is appreciated.
> > >
> > >   How easy/difficult is it to break this kind of copy-protection? Are
=
> > > there any known weaknesses in the dongle-type systems themselves (as =
> > > opposed to implementation weaknesses?)=20
> > >
> > >   Are there any dongle-based protection schemes that have been
cracked, =
> > > and if so, how?=20
> > >
> > >
> > >
> > >   (A pointer to a URL would be appreciated, if you have it.)
> > >
> > >   Thanks in advance.
> > >
> > >   HAL
>
> --------------------------------------------------------------------------
-----
> shampster / 3xT.org