Ryan Permeh <ryanat_private> wrote: > 1. Take a key issued by vendor. This is the "liscence" key > offered in most scenarios. > 2. Pipe this key to the dongle. > 3. perform cryptographic transformation on the issued "liscence > key". this cryptographic transform could be a > hash/crypt/decrypt depending on situation. Potentially this > could be multiple transformation. The closer to hardware > configured the better. > 4. return the value of the transformation(s) from the dongle to > the program. > 5. use this as a key to uncrypt the codesegment of the > executeable(the .text segment of the pe or whatever format > you need). This is still vulnerable to the replay attack. You just look at the output of the dongle and replay that to the software; it requires no attack on the dongle itself. I come to the conclusion that dongle based protection systems cannot be perfect. Either you can replay the dongle output; or you can attack the part of the software that does the same operation as the dongle in order to verify the result. Cheers, Dan -- Daniel Roethlisberger <danielat_private> PGP Key ID 0x8DE543ED with fingerprint 6C10 83D7 2BB8 D908 10AE 7FA3 0779 0355 8DE5 43ED
This archive was generated by hypermail 2b30 : Wed Jun 06 2001 - 12:03:43 PDT