On Tue, 5 Jun 2001, Ryan Permeh wrote: > the only types of dongle protection that don't completely suck are those > that take information from the machine and perform a specific set of > operations on the dongle(prefereably a cryptographic operation, a hash or > crypte/decrypt) purely in hardware on the dongle. This means that the > cracker either has to reverse the entire crypto algorithm(using black box > techniques like known plaintext attacks), including finding the keyed value > on the dongle, or use a hardware lab to actually reverse the hardware. . . . Not if all this trickery ends in a function returning a 0 for failure and a 1 for success . . . What does the software do with the hash once it's passed back to the application? Compare it to a constant? Hopefully not. Use the returned value as a pointer to the next code segment? Better, but usually still not very difficult to break. To completely emulate the dongle, the cracker does have to reverse the dongle. But a cracker does not need to reverse the dongle to break the protection. [snip] > > > Signed, > Ryan Permeh > eEye Digital Security Team > http://www.eEye.com/Retina -Network Security Scanner > http://www.eEye.com/Iris -Network Traffic Analyzer > > ----- Original Message ----- > From: "Felix Huber" <huberfelixat_private> > To: "Penetration Testers" <PEN-TESTat_private> > Sent: Tuesday, June 05, 2001 4:05 AM > Subject: Re: How secure are dongles for copy-protection? > > > > Hi, > > > > of course - the most dongle checks were cracked. I have seen 3DSMax and > > other... For more information: > > http://www.google.com/search?q=3Ddongle+cracked > > > > > > > > Regards, > > Felix Huber > > > > > > ------------------------------------------------------- > > Felix Huber, Web Application Programmer, Webtopia > > Guendlinger Str.2, 79241 Ihringen - Germany > > huberfelixat_private (07668) 951 156 (phone) > > http://www.webtopia.de (07668) 951 157 (fax) > > (01792) 205 724 (mobile) > > ------------------------------------------------------- > > ----- Original Message -----=20 > > From: Harold Thimm=20 > > To: pen-testat_private=20 > > Sent: Monday, June 04, 2001 9:43 PM > > Subject: How secure are dongles for copy-protection? > > > > > > I'm looking for any information on incorporating dongles into a = > > software package for copy protection. In particular, I'm looking for = > > information on the Rainbow Technologies Sentinel, but advice on = > > dongle-based copy protection in general is appreciated. > > > > How easy/difficult is it to break this kind of copy-protection? Are = > > there any known weaknesses in the dongle-type systems themselves (as = > > opposed to implementation weaknesses?)=20 > > > > Are there any dongle-based protection schemes that have been cracked, = > > and if so, how?=20 > > > > > > > > (A pointer to a URL would be appreciated, if you have it.) > > > > Thanks in advance. > > > > HAL > > > > > > > ------------------------------------------------------------------------------- shampster / 3xT.org
This archive was generated by hypermail 2b30 : Tue Jun 05 2001 - 16:26:52 PDT