SlideShare ist ein Scribd-Unternehmen logo

From Hack to Counterattack

LicensingLive! - SafeNet
LicensingLive! - SafeNet
Technologie
1 von 6
Downloaden Sie, um offline zu lesen
From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats WHITE PAPER Nowadays, an ever increasing Table of Contents number of Independent Software Vendors (ISV) chose Types Of Software Attacks And How To Defend Against Them ...................................... 2 to implement some sort of Hack #1: Patching Executable Files Or Dynamically Linked Libraries .......................... 2 protection in order to ensure Counterattack ..................................................................................................... 2 that they are being fully paid upon end-users utilizing their Hack #2: Brute Force Attack ....................................................................................... 2 applications. Counterattack ..................................................................................................... 2 Hack #3: Emulating Protection Keys ........................................................................... 3 Counterattack ..................................................................................................... 3 Hack #4: Modifying Key Memory ................................................................................. 3 Counterattack ..................................................................................................... 3 Hack #5: Device Sharing ............................................................................................. 3 Counterattack ..................................................................................................... 4 Hack #6: Cloning Hardware Keys................................................................................. 4 Counterattack ..................................................................................................... 4 Hack #7: Time Tampering ............................................................................................ 4 Counterattack ..................................................................................................... 4 Hack #8: Tampered License Requests And Updates .................................................... 5 Counterattack ..................................................................................................... 5 General ProtectIon Strategies ..................................................................................... 5 Use Both The Api-Based Implementation And Automatic Protection...............................5 Insert Multiple Calls In Your Code ....................................................................................5 Encrypt/Decrypt Data Using The Protection Key’s On-Chip Encryption Engine ...............................5 Conclusion .......................................................................................................................6 SafeNet Sentinel Software Monetization Solutions.........................................................6 From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 1
According to the BSA/IDC 2010 Types of Software Attacks and How to Defend Against Them Piracy Report - for every $100 Nowadays, Independent Software Vendors (ISV) must implement some type of protection in worth of legitimate software order to ensure that they are being fully paid upon end-users utilizing their applications. sold, an additional $75 worth of unlicensed software also The basic idea behind any software protection solution is to restrict the use of unlicensed made its way into the market software by some form of licensing scheme. This can be achieved via hardware tokens (also generating absolutely no known as dongles), software-only licenses, or homegrown solutions. In general, hardware-based revenue to the original ISV. protection keys provide the most robust security, while software-based keys provide support for Trialware and Electronic Software Distribution. External hardware-based solutions provide the highest level of security currently available. Unfortunately, hackers are a persistent nuisance that cost Software Vendors billions of dollars in lost revenue worldwide. Therefore, it’s important that the selected solution and the actual implementation seal off all potential hacker entry points. This white paper examines a variety of the most common hacking techniques and the best counterattacks available for protecting applications from piracy. HACK #1: Patching Executable Files or Dynamically Linked Libraries In this scenario, the software cracker attempts to disassemble and/or debug executable files or dynamically linked libraries in order to retrieve the protected code. The executable file(s) is then patched in order to modify run-time flow, or to remove calls in the code. Commonly, the software cracker sends a small standalone patch executable (called a “crack”) that the end-user runs in order to patch the licensed software. Counterattack The goal is to make the process of patching executable files more complex and costly than purchasing the software. There is a direct proportion between the number of protected file(s) and the amount of time required by the software cracker in order to remove the protection. The most convenient way to protect a large number of executable and dynamically linked libraries is by using automatic protection tools, also known as “packers”. Injecting the protection code into the compiled binary files reduces the need to laboriously write protection code for every individual file. The most effective tools also offer anti-piracy specific measures such as anti-debugging mechanisms, executable file encryption and data file encryption mechanisms allowing the protected application to encrypt and decrypt data files on-the-fly. HACK #2: Brute Force Attack A brute force attack scenario, whether generic or specific, consists of hackers exhaustively attempting to compromise every security measure of the secret being protected. A generic hack means that the dongle itself is compromised - no amount of implementation improvement can counter such a hack, and all applications protected by the hacked dongle are at threat. Specific hacks break only one specific dongle implementation for one particular software application – this in result does not pose a risk for other software vendors using the same dongle. Counterattack Brute force attack can be overcome if the secured data is large enough, i.e. cracking all combinations becomes virtually impossible. In order to protect the algorithms that are central to the security of a dongle, the dongle should have a secure kernel and communication channel that allows storing the cryptographic key. The security kernel of a dongle consists of a 128- bit AES encryption key allowing for the protection of the algorithms central to the dongle’s operation. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 2
Forces driving piracy down HACK #3: Emulating Protection Keys in many economies included In an emulation (record/playback) attack scenario, all information exchanged between the vendor legalization programs, application and the dongle is recorded – in an attempt to replace the device driver. government education, enforcement actions and major The use of middleware, usually a software application, provides a platform which attempts technological shifts – such as to mimic the requests and responses provided by the host. The dongle is replaying previously employment of Digital Rights recorded calls as if the actual key is returning the calls. Management (DRM). Limited functionality emulators only record and replay previously recorded calls, whereas fully- functional emulators also emulate the key, including its encryption. In order to create a fully-functional emulator, the software cracker requires access to the encryption key. Successful emulation of the two-way communication means that the application has been compromised. Emulating the protection keys is not a generic hack as it only affects the application copies on which it may exist, and can be easily amended. Counterattack Protection keys rely on a secure channel between the application and the hardware key; data that passes between the protected application and the key is encrypted. On-chip 128-bit randomized AES encryption ensures a robust link between the application and the hardware key fully securing the communication channel. The channel employs a different encryption key for every session. This means that the cracker attempting to record data passing through the secure channel would not be able to replay the data, since the encryption key used to encrypt the data will differ from that used to decrypt the data. In addition, the protected application can detect limited-functionality emulators by utilizing the encryption engine of the hardware key to decrypt hard-coded data. The emulator itself has no way of correctly decrypting such data, as it has no access to the encryption key. HACK #4: Modifying Key Memory Licensing data is normally stored in specific area in the memory of a software protection key. In this scenario, the software cracker will attempt to access the dongle’s memory in order to modify its licensing terms. For example, the cracker will attempt to change a depleted execution-based license into a perpetual license, or enable a feature that was not initially paid for. This can dramatically decrease any current or future applications’ usage revenues. Counterattack To prevent key memory modification, the licensing implementation has to include usage of the built-in Read-Only Memory (ROM). ROM is a segment of memory that can contain data to which only the protection application can access, but not overwrite, unlike regular Read/Write memory segments. This memory segment can only be updated using remote updates (C2V and V2C file types), and the creation of such updates is only possible for the specific vendor. HACK #5: Device Sharing Device sharing refers to multiple PC’s sharing a single license without authorization, i.e. one dongle is used by several machines on the same network operating on multiple concurrent terminals. This scenario does not jeopardize the security of the application itself; rather it has the potential of dramatically decreasing current or potential application revenues as multiple users share a common copy of a single application. The use of a static key for encryption results has greater susceptibility to this attack. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 3
A software publisher’s own There are two potential scenarios under which device sharing can be done: protection implementation • Multiple VMware Sessions: In this scenario, multiple VMware sessions are concurrently must be thorough, complete, running on a single hardware platform. For example, each VMware session utilizes its own and to a certain extent instance of the driver to communicate with the dongle allowing for multiple virtual operating creative. Only when both the systems access to a single application. security infrastructure and its implementation are maximized • USB Sharing Hub: In this scenario, multiple computers sharing a USB hub are concurrently is the software truly protected. using a single license dongle as if individually communicating with it. This can allow multiple This may sound like an PC’s to run an application even though only a single hardware license exists. enormous task to accomplish, and while it is by no means Counterattack trivial, it is definitely achievable. Software vendors need to ensure that the quantity of computers or device drivers accessing the Implementing effective dongle does not exceed the purchased number of customers. Secure tunneling of a dongle can protection can not only increase help safeguard against multiple devices or machines trying to simultaneously access a single your product’s longevity, but it dongle. can also significantly increase your company’s revenue, making Every use of the application will open an instance of the driver; two or more instances of the it well worth the effort. driver will not be able to communicate with the dongle through the secure channel. The dongle driver will protect against these scenarios and enforce only the allowed number of licenses to be run. HACK #6: Cloning Hardware Keys In this unlikely scenario, the cracker attempts to reverse-engineer a hardware protection key and manufacture exact duplicates. This is an extremely difficult and costly attack both in terms of reverse-engineering tools and expertise, not to mention the ongoing production costs of such dongles. Counterattack The countermeasure of such attacks can be either hardware or software based, preferably both. One method of reducing the likelihood of this attack is by implementing customized hardware components that are not available for purchase off-the-shelf, and that contain specific anti-tampering measures. In terms of software, the firmware used is to be protected against extraction/cloning/copying. HACK #7: Time Tampering This relatively simple scenario occurs when the end-user attempts to tamper with the machine system clock on which the protected software is running to an earlier date, thus re-enabling a time-limited license that has already expired. Counterattack One method of securing trial licenses is to simply offer limited or crippled software versions. However, if you would like to create time-based licenses in order to offer software subscriptions or complete time-limited trials, time-tampering is a risk that must be assessed and battled. An additional method for securing time-based licenses is using a battery powered RTC (Real Time Clock) built into the hardware key. Equipping the dongle with the ability to check and store the current system time, allows the developers to use this information in an attempt to prevent time tampering by detecting any significant changes in system time. Thus, the application can be preprogrammed to disable or run in a restricted mode. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 4
HACK #8: Tampered License Requests and Updates General Strategies for This scenario refers to the actual implementation of license requests and updates. If such Protection requests are verified at the software level, i.e. by the device drivers of the hardware key, crackers • Use Both the API-Based may attempt to attack this code and force all licenses to be automatically granted or applied. Implementation and Automatic This can even apply to licenses which have already expired or license updates that have already Protection been applied, potentially granting full access to revoked/expired dongles. • Insert Multiple Calls in Your Code Counterattack • Encrypt/Decrypt Data Using The granting of licenses and the application of license updates should be performed by the the Protection Key’s On-Chip hardware key itself, outside the reach of debuggers. Failing to obtain a valid license results in Encryption Engine locked functionality. For example, the encryption engine should remain disabled until a license is successfully granted. Similarly, license updates should only be applied after the hardware key itself verifies the signature. General Protection Strategies These following general software protection strategies are recommended for publishers employing hardware-based protection keys: Use Both the API-Based Implementation and Automatic Protection Maximize security by using the API to implement calls to the software protection keys, and protect the program with an automatic protection tool that offers anti-debugging and anti- reverse engineering measures. Using one protection method does not preclude the use of the other. Insert Multiple Calls in Your Code Inserting many calls throughout the code to the protection key and binding data from the key with the software functionality frustrates those attempting to crack your software. Multiple calls increase the difficulty in tracing a protection scheme. Encrypt/Decrypt Data Using the Protection Key’s On-Chip Encryption Engine The encryption process, which takes place before distributing the software, and the decryption processes, which take place during run-time of the protected application, should be performed inside a hardware protection key, beyond the reach of any debugging utility. The protection key should employ a highly secure public encryption algorithm such as AES. Encrypting data with protection keys using such algorithms considerably enhances software security. Cracking the software necessitates the software cracker to decrypt the data. The encryption key length represents a trade-off between security and performance. A short encryption key provides better performance while reducing the security level. 128-bit AES provides a well balanced choice, as it is faster than 256-bit AES, yet still impractical to attack. It is important to remember that protection is only as strong as the weakest link. An effective implementation must build upon a software protection solution that offers all the building blocks for a secure implementation: • An encryption engine that employs a proven public encryption algorithm such as AES • Automatic protection with anti-debugging detection and other anti-reverse engineering measures • A secure communication channel • ROM – Read Only Memory From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 5
Conclusion A software publisher’s own protection implementation must be thorough, complete, and to a certain extent creative. Only when both the security infrastructure and its implementation are maximized is the software truly protected. This may sound like an enormous task to accomplish, LicensingLive!™ (lahy’sun sing lahyv’), and while it is by no means trivial, it is definitely achievable. Implementing effective protection adj. n. [SAFENET, INTERACTIVE] can not only increase your product’s longevity, but it can also significantly increase your 1. Immediate access to the best company’s revenue, making it well worth the effort. practices and emerging challenges associated with software packaging, SafeNet Sentinel Software Monetization Solutions pricing, fulfillment, delivery and SafeNet has more than 25 years of experience in delivering innovative and reliable software management. 2. A forum bringing licensing and entitlement management solutions to software and technology vendors worldwide. together software vendors, industry Easy to integrate and use, innovative, and feature-focused, the company’s family of Sentinel® analysts, licensing consultants and Software Monetization Solutions are designed to meet the unique license enablement, technology vendors. enforcement, and management requirements of any organization, regardless of size, technical requirements or organizational structure. Only with SafeNet are clients able to address all of their anti-piracy, IP protection, license enablement, and license management challenges while increasing overall profitability, improving internal operations, maintaining competitive positioning, and enhancing relationships with their customers and end users. With a proven history in adapting to new requirements and introducing new technologies to address evolving market conditions, SafeNet’s more than 25,000 customers around the globe know that by choosing Sentinel, they choose the freedom to evolve how they do business today, tomorrow, and beyond. For more information on SafeNet’s complete portfolio of Software Monetization Solutions for installed, embedded, and cloud applications or to download a free evaluation of our award winning products please visit: http://www.safenet-inc.com/sentinel/ To download a FREE SENTINEL HASP Developer Kit, visit: http://www3.safenet-inc.com/Special/hasp/safenet-hasp-srm-order/default.asp Join the Conversation Sentinel Online www.Safenet-inc.com/sentinel www.LicensingLive.com Twitter http://twitter.com/#!/LicensingLive LinkedIn http://bit.ly/LinkedInLicensingLive YouTube http://www.youtube.com/user/LicensingLive Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected BrightTalk http://www.brighttalk.com/channel/5572 ©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. WP (EN)-11.09.10 From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 6

Empfohlen

Co r mlg_integration_network
Co r mlg_integration_networkCo r mlg_integration_network
Co r mlg_integration_networkThomas Jézéquel
 
The Revolution in Licensing - Cloud-Based Licensing
The Revolution in Licensing - Cloud-Based LicensingThe Revolution in Licensing - Cloud-Based Licensing
The Revolution in Licensing - Cloud-Based LicensingLicensingLive! - SafeNet
 
Build vs. Buy: The Hidden Costs of Licensing
Build vs. Buy: The Hidden Costs of Licensing Build vs. Buy: The Hidden Costs of Licensing
Build vs. Buy: The Hidden Costs of Licensing LicensingLive! - SafeNet
 
Turning Technology Threats into Opportunities – The Licensing View
Turning Technology Threats into Opportunities – The Licensing ViewTurning Technology Threats into Opportunities – The Licensing View
Turning Technology Threats into Opportunities – The Licensing ViewLicensingLive! - SafeNet
 
SHARE Network
SHARE NetworkSHARE Network
SHARE NetworkThomas Jézéquel
 
Love Is The Thing
Love Is The Thing Love Is The Thing
Love Is The Thing cmnurwy
 
Curs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucru
Curs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucruCurs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucru
Curs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucruCursurile Varilogic
 
20130830 pres foyer_en
20130830 pres foyer_en20130830 pres foyer_en
20130830 pres foyer_enThomas Jézéquel
 

Empfohlen

Co r mlg_integration_network
Co r mlg_integration_networkCo r mlg_integration_network
Co r mlg_integration_networkThomas Jézéquel
 
The Revolution in Licensing - Cloud-Based Licensing
The Revolution in Licensing - Cloud-Based LicensingThe Revolution in Licensing - Cloud-Based Licensing
The Revolution in Licensing - Cloud-Based LicensingLicensingLive! - SafeNet
 
Build vs. Buy: The Hidden Costs of Licensing
Build vs. Buy: The Hidden Costs of Licensing Build vs. Buy: The Hidden Costs of Licensing
Build vs. Buy: The Hidden Costs of Licensing LicensingLive! - SafeNet
 
Turning Technology Threats into Opportunities – The Licensing View
Turning Technology Threats into Opportunities – The Licensing ViewTurning Technology Threats into Opportunities – The Licensing View
Turning Technology Threats into Opportunities – The Licensing ViewLicensingLive! - SafeNet
 
SHARE Network
SHARE NetworkSHARE Network
SHARE NetworkThomas Jézéquel
 
Love Is The Thing
Love Is The Thing Love Is The Thing
Love Is The Thing cmnurwy
 
Curs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucru
Curs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucruCurs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucru
Curs Adobe Photoshop CS5 incepatori - 01 - Familiarizare cu zona de lucruCursurile Varilogic
 
20130830 pres foyer_en
20130830 pres foyer_en20130830 pres foyer_en
20130830 pres foyer_enThomas Jézéquel
 
La web 2
La web 2La web 2
La web 2Ory Ramírez
 
Microsoft power point implemetoring riga abstract
Microsoft power point implemetoring riga abstractMicrosoft power point implemetoring riga abstract
Microsoft power point implemetoring riga abstractThomas Jézéquel
 
Suggenda
SuggendaSuggenda
SuggendaEmir Ozturk
 
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...Thomas Jézéquel
 
Trimbos institute
Trimbos instituteTrimbos institute
Trimbos instituteThomas Jézéquel
 
Ovnis
OvnisOvnis
OvnisSusana Mayela Reyes Martin
 
Shakespeare in film_presentation
Shakespeare in film_presentationShakespeare in film_presentation
Shakespeare in film_presentationGeneralitat de Catalunya
 
Amicall overview slides key points for eurocities
Amicall overview slides key points for eurocitiesAmicall overview slides key points for eurocities
Amicall overview slides key points for eurocitiesThomas Jézéquel
 
Texas STaR chart
Texas STaR chartTexas STaR chart
Texas STaR chartcarol_cullen2
 
Liudviko Rėzos kultūros centro veiklos pristatymas
Liudviko Rėzos kultūros centro veiklos pristatymasLiudviko Rėzos kultūros centro veiklos pristatymas
Liudviko Rėzos kultūros centro veiklos pristatymasausramika
 
VSTEP Case Study
VSTEP Case StudyVSTEP Case Study
VSTEP Case StudyLicensingLive! - SafeNet
 
Cloud Monetization: A Step by Step Guide
Cloud Monetization: A Step by Step GuideCloud Monetization: A Step by Step Guide
Cloud Monetization: A Step by Step GuideLicensingLive! - SafeNet
 
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...LicensingLive! - SafeNet
 
Integrating Billing and Licensing in a Cloud Environment
Integrating Billing and Licensing in a Cloud EnvironmentIntegrating Billing and Licensing in a Cloud Environment
Integrating Billing and Licensing in a Cloud EnvironmentLicensingLive! - SafeNet
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachLicensingLive! - SafeNet
 
VSM Case Study
VSM Case StudyVSM Case Study
VSM Case StudyLicensingLive! - SafeNet
 
Geocap Case Study
Geocap Case StudyGeocap Case Study
Geocap Case StudyLicensingLive! - SafeNet
 
EMS Case Study
EMS Case StudyEMS Case Study
EMS Case StudyLicensingLive! - SafeNet
 
Inea cs en__v4_web
Inea cs en__v4_webInea cs en__v4_web
Inea cs en__v4_webLicensingLive! - SafeNet
 
Key Traffic Systems
Key Traffic SystemsKey Traffic Systems
Key Traffic SystemsLicensingLive! - SafeNet
 
DipTech
DipTechDipTech
DipTechLicensingLive! - SafeNet
 
Iritech Inc.
Iritech Inc.Iritech Inc.
Iritech Inc.LicensingLive! - SafeNet
 

Weitere ähnliche Inhalte

Andere mochten auch

Microsoft power point implemetoring riga abstract
Microsoft power point implemetoring riga abstractMicrosoft power point implemetoring riga abstract
Microsoft power point implemetoring riga abstractThomas Jézéquel
 
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...Thomas Jézéquel
 
Amicall overview slides key points for eurocities
Amicall overview slides key points for eurocitiesAmicall overview slides key points for eurocities
Amicall overview slides key points for eurocitiesThomas Jézéquel
 
Liudviko Rėzos kultūros centro veiklos pristatymas
Liudviko Rėzos kultūros centro veiklos pristatymasLiudviko Rėzos kultūros centro veiklos pristatymas
Liudviko Rėzos kultūros centro veiklos pristatymasausramika
 

Andere mochten auch (10)

La web 2
La web 2La web 2
La web 2
 
Microsoft power point implemetoring riga abstract
Microsoft power point implemetoring riga abstractMicrosoft power point implemetoring riga abstract
Microsoft power point implemetoring riga abstract
 
Suggenda
SuggendaSuggenda
Suggenda
 
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
Tampere hessen model_regions_integration_2013_08_30_english [schreibgeschützt...
 
Trimbos institute
Trimbos instituteTrimbos institute
Trimbos institute
 
Ovnis
OvnisOvnis
Ovnis
 
Shakespeare in film_presentation
Shakespeare in film_presentationShakespeare in film_presentation
Shakespeare in film_presentation
 
Amicall overview slides key points for eurocities
Amicall overview slides key points for eurocitiesAmicall overview slides key points for eurocities
Amicall overview slides key points for eurocities
 
Texas STaR chart
Texas STaR chartTexas STaR chart
Texas STaR chart
 
Liudviko Rėzos kultūros centro veiklos pristatymas
Liudviko Rėzos kultūros centro veiklos pristatymasLiudviko Rėzos kultūros centro veiklos pristatymas
Liudviko Rėzos kultūros centro veiklos pristatymas
 

Mehr von LicensingLive! - SafeNet

Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...LicensingLive! - SafeNet
 
Integrating Billing and Licensing in a Cloud Environment
Integrating Billing and Licensing in a Cloud EnvironmentIntegrating Billing and Licensing in a Cloud Environment
Integrating Billing and Licensing in a Cloud EnvironmentLicensingLive! - SafeNet
 
Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service LicensingLive! - SafeNet
 
Addressing New Challenges in Software Protection for .NET
Addressing New Challenges in Software Protection for .NETAddressing New Challenges in Software Protection for .NET
Addressing New Challenges in Software Protection for .NETLicensingLive! - SafeNet
 
SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)
SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)
SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)LicensingLive! - SafeNet
 

Mehr von LicensingLive! - SafeNet (20)

VSTEP Case Study
VSTEP Case StudyVSTEP Case Study
VSTEP Case Study
 
Cloud Monetization: A Step by Step Guide
Cloud Monetization: A Step by Step GuideCloud Monetization: A Step by Step Guide
Cloud Monetization: A Step by Step Guide
 
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
Hybrid Customer Insight - Data Collection and Analysis from On-premise and in...
 
Integrating Billing and Licensing in a Cloud Environment
Integrating Billing and Licensing in a Cloud EnvironmentIntegrating Billing and Licensing in a Cloud Environment
Integrating Billing and Licensing in a Cloud Environment
 
Cloud Adoption - A Practical Approach
Cloud Adoption - A Practical ApproachCloud Adoption - A Practical Approach
Cloud Adoption - A Practical Approach
 
VSM Case Study
VSM Case StudyVSM Case Study
VSM Case Study
 
Geocap Case Study
Geocap Case StudyGeocap Case Study
Geocap Case Study
 
EMS Case Study
EMS Case StudyEMS Case Study
EMS Case Study
 
Inea cs en__v4_web
Inea cs en__v4_webInea cs en__v4_web
Inea cs en__v4_web
 
Key Traffic Systems
Key Traffic SystemsKey Traffic Systems
Key Traffic Systems
 
DipTech
DipTechDipTech
DipTech
 
Iritech Inc.
Iritech Inc.Iritech Inc.
Iritech Inc.
 
CPC
CPCCPC
CPC
 
RiserTec
RiserTecRiserTec
RiserTec
 
Sentinel HASP Envelope
Sentinel HASP EnvelopeSentinel HASP Envelope
Sentinel HASP Envelope
 
Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service Navigating the Top Six Business Challenges of Delivering Software as a Service
Navigating the Top Six Business Challenges of Delivering Software as a Service
 
SaaS Pricing and Packaging Strategies
SaaS Pricing and Packaging Strategies SaaS Pricing and Packaging Strategies
SaaS Pricing and Packaging Strategies
 
Cloudy with a Chance of Insight
Cloudy with a Chance of InsightCloudy with a Chance of Insight
Cloudy with a Chance of Insight
 
Addressing New Challenges in Software Protection for .NET
Addressing New Challenges in Software Protection for .NETAddressing New Challenges in Software Protection for .NET
Addressing New Challenges in Software Protection for .NET
 
SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)
SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)
SafeNet Vollständige Schutz-& Lizenzlösung Webcast (DE)
 

Kürzlich hochgeladen

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Kürzlich hochgeladen (20)

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

From Hack to Counterattack

  • 1. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats WHITE PAPER Nowadays, an ever increasing Table of Contents number of Independent Software Vendors (ISV) chose Types Of Software Attacks And How To Defend Against Them ...................................... 2 to implement some sort of Hack #1: Patching Executable Files Or Dynamically Linked Libraries .......................... 2 protection in order to ensure Counterattack ..................................................................................................... 2 that they are being fully paid upon end-users utilizing their Hack #2: Brute Force Attack ....................................................................................... 2 applications. Counterattack ..................................................................................................... 2 Hack #3: Emulating Protection Keys ........................................................................... 3 Counterattack ..................................................................................................... 3 Hack #4: Modifying Key Memory ................................................................................. 3 Counterattack ..................................................................................................... 3 Hack #5: Device Sharing ............................................................................................. 3 Counterattack ..................................................................................................... 4 Hack #6: Cloning Hardware Keys................................................................................. 4 Counterattack ..................................................................................................... 4 Hack #7: Time Tampering ............................................................................................ 4 Counterattack ..................................................................................................... 4 Hack #8: Tampered License Requests And Updates .................................................... 5 Counterattack ..................................................................................................... 5 General ProtectIon Strategies ..................................................................................... 5 Use Both The Api-Based Implementation And Automatic Protection...............................5 Insert Multiple Calls In Your Code ....................................................................................5 Encrypt/Decrypt Data Using The Protection Key’s On-Chip Encryption Engine ...............................5 Conclusion .......................................................................................................................6 SafeNet Sentinel Software Monetization Solutions.........................................................6 From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 1
  • 2. According to the BSA/IDC 2010 Types of Software Attacks and How to Defend Against Them Piracy Report - for every $100 Nowadays, Independent Software Vendors (ISV) must implement some type of protection in worth of legitimate software order to ensure that they are being fully paid upon end-users utilizing their applications. sold, an additional $75 worth of unlicensed software also The basic idea behind any software protection solution is to restrict the use of unlicensed made its way into the market software by some form of licensing scheme. This can be achieved via hardware tokens (also generating absolutely no known as dongles), software-only licenses, or homegrown solutions. In general, hardware-based revenue to the original ISV. protection keys provide the most robust security, while software-based keys provide support for Trialware and Electronic Software Distribution. External hardware-based solutions provide the highest level of security currently available. Unfortunately, hackers are a persistent nuisance that cost Software Vendors billions of dollars in lost revenue worldwide. Therefore, it’s important that the selected solution and the actual implementation seal off all potential hacker entry points. This white paper examines a variety of the most common hacking techniques and the best counterattacks available for protecting applications from piracy. HACK #1: Patching Executable Files or Dynamically Linked Libraries In this scenario, the software cracker attempts to disassemble and/or debug executable files or dynamically linked libraries in order to retrieve the protected code. The executable file(s) is then patched in order to modify run-time flow, or to remove calls in the code. Commonly, the software cracker sends a small standalone patch executable (called a “crack”) that the end-user runs in order to patch the licensed software. Counterattack The goal is to make the process of patching executable files more complex and costly than purchasing the software. There is a direct proportion between the number of protected file(s) and the amount of time required by the software cracker in order to remove the protection. The most convenient way to protect a large number of executable and dynamically linked libraries is by using automatic protection tools, also known as “packers”. Injecting the protection code into the compiled binary files reduces the need to laboriously write protection code for every individual file. The most effective tools also offer anti-piracy specific measures such as anti-debugging mechanisms, executable file encryption and data file encryption mechanisms allowing the protected application to encrypt and decrypt data files on-the-fly. HACK #2: Brute Force Attack A brute force attack scenario, whether generic or specific, consists of hackers exhaustively attempting to compromise every security measure of the secret being protected. A generic hack means that the dongle itself is compromised - no amount of implementation improvement can counter such a hack, and all applications protected by the hacked dongle are at threat. Specific hacks break only one specific dongle implementation for one particular software application – this in result does not pose a risk for other software vendors using the same dongle. Counterattack Brute force attack can be overcome if the secured data is large enough, i.e. cracking all combinations becomes virtually impossible. In order to protect the algorithms that are central to the security of a dongle, the dongle should have a secure kernel and communication channel that allows storing the cryptographic key. The security kernel of a dongle consists of a 128- bit AES encryption key allowing for the protection of the algorithms central to the dongle’s operation. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 2
  • 3. Forces driving piracy down HACK #3: Emulating Protection Keys in many economies included In an emulation (record/playback) attack scenario, all information exchanged between the vendor legalization programs, application and the dongle is recorded – in an attempt to replace the device driver. government education, enforcement actions and major The use of middleware, usually a software application, provides a platform which attempts technological shifts – such as to mimic the requests and responses provided by the host. The dongle is replaying previously employment of Digital Rights recorded calls as if the actual key is returning the calls. Management (DRM). Limited functionality emulators only record and replay previously recorded calls, whereas fully- functional emulators also emulate the key, including its encryption. In order to create a fully-functional emulator, the software cracker requires access to the encryption key. Successful emulation of the two-way communication means that the application has been compromised. Emulating the protection keys is not a generic hack as it only affects the application copies on which it may exist, and can be easily amended. Counterattack Protection keys rely on a secure channel between the application and the hardware key; data that passes between the protected application and the key is encrypted. On-chip 128-bit randomized AES encryption ensures a robust link between the application and the hardware key fully securing the communication channel. The channel employs a different encryption key for every session. This means that the cracker attempting to record data passing through the secure channel would not be able to replay the data, since the encryption key used to encrypt the data will differ from that used to decrypt the data. In addition, the protected application can detect limited-functionality emulators by utilizing the encryption engine of the hardware key to decrypt hard-coded data. The emulator itself has no way of correctly decrypting such data, as it has no access to the encryption key. HACK #4: Modifying Key Memory Licensing data is normally stored in specific area in the memory of a software protection key. In this scenario, the software cracker will attempt to access the dongle’s memory in order to modify its licensing terms. For example, the cracker will attempt to change a depleted execution-based license into a perpetual license, or enable a feature that was not initially paid for. This can dramatically decrease any current or future applications’ usage revenues. Counterattack To prevent key memory modification, the licensing implementation has to include usage of the built-in Read-Only Memory (ROM). ROM is a segment of memory that can contain data to which only the protection application can access, but not overwrite, unlike regular Read/Write memory segments. This memory segment can only be updated using remote updates (C2V and V2C file types), and the creation of such updates is only possible for the specific vendor. HACK #5: Device Sharing Device sharing refers to multiple PC’s sharing a single license without authorization, i.e. one dongle is used by several machines on the same network operating on multiple concurrent terminals. This scenario does not jeopardize the security of the application itself; rather it has the potential of dramatically decreasing current or potential application revenues as multiple users share a common copy of a single application. The use of a static key for encryption results has greater susceptibility to this attack. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 3
  • 4. A software publisher’s own There are two potential scenarios under which device sharing can be done: protection implementation • Multiple VMware Sessions: In this scenario, multiple VMware sessions are concurrently must be thorough, complete, running on a single hardware platform. For example, each VMware session utilizes its own and to a certain extent instance of the driver to communicate with the dongle allowing for multiple virtual operating creative. Only when both the systems access to a single application. security infrastructure and its implementation are maximized • USB Sharing Hub: In this scenario, multiple computers sharing a USB hub are concurrently is the software truly protected. using a single license dongle as if individually communicating with it. This can allow multiple This may sound like an PC’s to run an application even though only a single hardware license exists. enormous task to accomplish, and while it is by no means Counterattack trivial, it is definitely achievable. Software vendors need to ensure that the quantity of computers or device drivers accessing the Implementing effective dongle does not exceed the purchased number of customers. Secure tunneling of a dongle can protection can not only increase help safeguard against multiple devices or machines trying to simultaneously access a single your product’s longevity, but it dongle. can also significantly increase your company’s revenue, making Every use of the application will open an instance of the driver; two or more instances of the it well worth the effort. driver will not be able to communicate with the dongle through the secure channel. The dongle driver will protect against these scenarios and enforce only the allowed number of licenses to be run. HACK #6: Cloning Hardware Keys In this unlikely scenario, the cracker attempts to reverse-engineer a hardware protection key and manufacture exact duplicates. This is an extremely difficult and costly attack both in terms of reverse-engineering tools and expertise, not to mention the ongoing production costs of such dongles. Counterattack The countermeasure of such attacks can be either hardware or software based, preferably both. One method of reducing the likelihood of this attack is by implementing customized hardware components that are not available for purchase off-the-shelf, and that contain specific anti-tampering measures. In terms of software, the firmware used is to be protected against extraction/cloning/copying. HACK #7: Time Tampering This relatively simple scenario occurs when the end-user attempts to tamper with the machine system clock on which the protected software is running to an earlier date, thus re-enabling a time-limited license that has already expired. Counterattack One method of securing trial licenses is to simply offer limited or crippled software versions. However, if you would like to create time-based licenses in order to offer software subscriptions or complete time-limited trials, time-tampering is a risk that must be assessed and battled. An additional method for securing time-based licenses is using a battery powered RTC (Real Time Clock) built into the hardware key. Equipping the dongle with the ability to check and store the current system time, allows the developers to use this information in an attempt to prevent time tampering by detecting any significant changes in system time. Thus, the application can be preprogrammed to disable or run in a restricted mode. From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 4
  • 5. HACK #8: Tampered License Requests and Updates General Strategies for This scenario refers to the actual implementation of license requests and updates. If such Protection requests are verified at the software level, i.e. by the device drivers of the hardware key, crackers • Use Both the API-Based may attempt to attack this code and force all licenses to be automatically granted or applied. Implementation and Automatic This can even apply to licenses which have already expired or license updates that have already Protection been applied, potentially granting full access to revoked/expired dongles. • Insert Multiple Calls in Your Code Counterattack • Encrypt/Decrypt Data Using The granting of licenses and the application of license updates should be performed by the the Protection Key’s On-Chip hardware key itself, outside the reach of debuggers. Failing to obtain a valid license results in Encryption Engine locked functionality. For example, the encryption engine should remain disabled until a license is successfully granted. Similarly, license updates should only be applied after the hardware key itself verifies the signature. General Protection Strategies These following general software protection strategies are recommended for publishers employing hardware-based protection keys: Use Both the API-Based Implementation and Automatic Protection Maximize security by using the API to implement calls to the software protection keys, and protect the program with an automatic protection tool that offers anti-debugging and anti- reverse engineering measures. Using one protection method does not preclude the use of the other. Insert Multiple Calls in Your Code Inserting many calls throughout the code to the protection key and binding data from the key with the software functionality frustrates those attempting to crack your software. Multiple calls increase the difficulty in tracing a protection scheme. Encrypt/Decrypt Data Using the Protection Key’s On-Chip Encryption Engine The encryption process, which takes place before distributing the software, and the decryption processes, which take place during run-time of the protected application, should be performed inside a hardware protection key, beyond the reach of any debugging utility. The protection key should employ a highly secure public encryption algorithm such as AES. Encrypting data with protection keys using such algorithms considerably enhances software security. Cracking the software necessitates the software cracker to decrypt the data. The encryption key length represents a trade-off between security and performance. A short encryption key provides better performance while reducing the security level. 128-bit AES provides a well balanced choice, as it is faster than 256-bit AES, yet still impractical to attack. It is important to remember that protection is only as strong as the weakest link. An effective implementation must build upon a software protection solution that offers all the building blocks for a secure implementation: • An encryption engine that employs a proven public encryption algorithm such as AES • Automatic protection with anti-debugging detection and other anti-reverse engineering measures • A secure communication channel • ROM – Read Only Memory From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 5
  • 6. Conclusion A software publisher’s own protection implementation must be thorough, complete, and to a certain extent creative. Only when both the security infrastructure and its implementation are maximized is the software truly protected. This may sound like an enormous task to accomplish, LicensingLive!™ (lahy’sun sing lahyv’), and while it is by no means trivial, it is definitely achievable. Implementing effective protection adj. n. [SAFENET, INTERACTIVE] can not only increase your product’s longevity, but it can also significantly increase your 1. Immediate access to the best company’s revenue, making it well worth the effort. practices and emerging challenges associated with software packaging, SafeNet Sentinel Software Monetization Solutions pricing, fulfillment, delivery and SafeNet has more than 25 years of experience in delivering innovative and reliable software management. 2. A forum bringing licensing and entitlement management solutions to software and technology vendors worldwide. together software vendors, industry Easy to integrate and use, innovative, and feature-focused, the company’s family of Sentinel® analysts, licensing consultants and Software Monetization Solutions are designed to meet the unique license enablement, technology vendors. enforcement, and management requirements of any organization, regardless of size, technical requirements or organizational structure. Only with SafeNet are clients able to address all of their anti-piracy, IP protection, license enablement, and license management challenges while increasing overall profitability, improving internal operations, maintaining competitive positioning, and enhancing relationships with their customers and end users. With a proven history in adapting to new requirements and introducing new technologies to address evolving market conditions, SafeNet’s more than 25,000 customers around the globe know that by choosing Sentinel, they choose the freedom to evolve how they do business today, tomorrow, and beyond. For more information on SafeNet’s complete portfolio of Software Monetization Solutions for installed, embedded, and cloud applications or to download a free evaluation of our award winning products please visit: http://www.safenet-inc.com/sentinel/ To download a FREE SENTINEL HASP Developer Kit, visit: http://www3.safenet-inc.com/Special/hasp/safenet-hasp-srm-order/default.asp Join the Conversation Sentinel Online www.Safenet-inc.com/sentinel www.LicensingLive.com Twitter http://twitter.com/#!/LicensingLive LinkedIn http://bit.ly/LinkedInLicensingLive YouTube http://www.youtube.com/user/LicensingLive Contact Us: For all office locations and contact information, please visit www.safenet-inc.com Follow Us: www.safenet-inc.com/connected BrightTalk http://www.brighttalk.com/channel/5572 ©2010 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet. All other product names are trademarks of their respective owners. WP (EN)-11.09.10 From Hack to Counterattack: A Guide to Protecting Software Products Against the Top 8 Piracy Threats White Paper 6