the only types of dongle protection that don't completely suck are those that take information from the machine and perform a specific set of operations on the dongle(prefereably a cryptographic operation, a hash or crypte/decrypt) purely in hardware on the dongle. This means that the cracker either has to reverse the entire crypto algorithm(using black box techniques like known plaintext attacks), including finding the keyed value on the dongle, or use a hardware lab to actually reverse the hardware. This has been doen a few times, by both academic groups and security groups like atstake. you don't only want to look at dongle research, but also smartcard research and all of the other hardware authentication methods since most of the techniques to authenticate a user using a fob and authenticating software using a fob are basically the same. This basically works down to a time/money scheme, just like most crypto adversary equations. Is the data you are protecting(you program in this sense) worth the value of spending time and money to protect in this manner? will an adversary think it valueable enough to do the work to break this scheme? This is all assuming a "perfect" implementation, of course, where breaking the algorithm/key on the dongle is the easiest way in, and not just subverting control of the application. Also, keep in mind that if you use off the shelf componenets for your dongle/algorithm, someone spending the time and money to crack yours may in turn crack all derivitive and corrolated products, making the worth of cracking your scheme potentially more valuable than just cracking your software(ie, look at the decss scenario. one implementation fell, and with that information, all soon fell). Signed, Ryan Permeh eEye Digital Security Team http://www.eEye.com/Retina -Network Security Scanner http://www.eEye.com/Iris -Network Traffic Analyzer ----- Original Message ----- From: "Felix Huber" <huberfelixat_private> To: "Penetration Testers" <PEN-TESTat_private> Sent: Tuesday, June 05, 2001 4:05 AM Subject: Re: How secure are dongles for copy-protection? > Hi, > > of course - the most dongle checks were cracked. I have seen 3DSMax and > other... For more information: > http://www.google.com/search?q=3Ddongle+cracked > > > > Regards, > Felix Huber > > > ------------------------------------------------------- > Felix Huber, Web Application Programmer, Webtopia > Guendlinger Str.2, 79241 Ihringen - Germany > huberfelixat_private (07668) 951 156 (phone) > http://www.webtopia.de (07668) 951 157 (fax) > (01792) 205 724 (mobile) > ------------------------------------------------------- > ----- Original Message -----=20 > From: Harold Thimm=20 > To: pen-testat_private=20 > Sent: Monday, June 04, 2001 9:43 PM > Subject: How secure are dongles for copy-protection? > > > I'm looking for any information on incorporating dongles into a = > software package for copy protection. In particular, I'm looking for = > information on the Rainbow Technologies Sentinel, but advice on = > dongle-based copy protection in general is appreciated. > > How easy/difficult is it to break this kind of copy-protection? Are = > there any known weaknesses in the dongle-type systems themselves (as = > opposed to implementation weaknesses?)=20 > > Are there any dongle-based protection schemes that have been cracked, = > and if so, how?=20 > > > > (A pointer to a URL would be appreciated, if you have it.) > > Thanks in advance. > > HAL > > >
This archive was generated by hypermail 2b30 : Tue Jun 05 2001 - 14:51:33 PDT