CodeMeter Protection Suite – A Tool for All Seasons
How do you protect software from reverse engineering? How do you make sure that your users pay the licensing fees they owe you? You come up with a great application for your users – and we give you the tools you need to turn it into a profitable commercial success.
CodeMeter Protection Suite brings together the best tools to encrypt applications and software libraries automatically, to protect executables from reverse engineering, and to shield your invaluable IP from the prying eyes of your competitors.
There are tools perfectly suited for each target platform and for the many needs of different formats, giving you the best possible protection with the least possible effort. The technology works by modifying executables to first load the code they need for decryption, for which Wibu-Systems deliberately uses standard algorithms: in encryption, the key should matter, not the algorithm, which makes finding the right key the essence of the entire exercise. The key is made up of several pieces, with most contained in the software’s license. It is derived from the combination of the correct Firm Code and Product Code and is an integral part of the decryption process, as are the hash values calculated by the protected file itself.
The only tool deviating from this principle is the IP Protection mode, which is designed exclusively for protection against reverse engineering without any need for licenses. The solution is particularly well-suited for trial or demo software or for freemium models if it is combined with some license-based encryption. KEYnote issue 38 included a dedicated article all about this special mode and the use cases it is meant for.
AxProtector and IxProtector
Native Windows, Linux, and macOS applications are easily encrypted with AxProtector, which works by completing encrypting the entire executable code. After it is decrypted with the key derived from the license and the embedded values, the application can run as normal, with the same speed you are accusftomed to from unprotected software. All flavors of AxProtector also come with regular license checks as standard as well as special security mechanisms to ward off debugging or other common hacking attacks.
IxProtector finetunes the operation and encrypts individual functions separately, either with the same encryption data from the license or another key. These protected functions are decrypted and executed dynamically while the application is running, either automatically or specifically requested by the software protection API (WUPI). Accessing the protected functions without decrypting them first would cause the application to crash immediately. Particularly sensitive code could also be configured to be moved onto a CmDongle for execution in a highly secure environment.
Assemblies, i.e. applications written in C# or another .NET language, are translated into an intermediate language for delivery, which is easily readable and readily decompiled. To counter the inherent weakness of this approach, AxProtector .NET uses a different type of encryption process: It encrypts the actual contents of methods in separate data, leaving only a stub code in the method that initiates the decryption when it is executed. This keeps the protected program a valid .NET assembly, while the code is securely encrypted.
This approach requires decryption whenever a method is used, which normally affects performance. This is why AxProtector .NET includes different options for encrypting or not encrypting individual methods or entire classes to find the right balance between protection for your intellectual property and performance for your users. These settings are easy to configure with annotations in the source code or with the AxProtector configuration file, giving you immense freedom of choice. You can ramp up the level of protection to even require separate licenses for individual methods or classes, paving the way for truly modular protection.
AxProtector .NET Standard
.NET Standard was introduced to promote standardization between the many different .NET implementations, bringing a standard API that can be accessed from any platform. An assembly programmed with .NET Standard can be used in the various frameworks without having to be compiled anew every time.
Wibu-Systems decided to support the automatic encryption of .NET Standard assemblies long ago and has been adding new capabilities with every new version of .NET Standard, now up to the current version 2.1. Its protection approach uses the same process as AxProtector .NET.
Not unlike .NET code, Java source code is first translated into an intermediate language, called the Java Byte Code, which is platform-independent and translated for execution by the Java Virtual Machine (JVM). As with .NET, AxProtector Java encrypts each method sepa-rately and loads and decrypts it on the fly when they are needed.
Simple to Use
All flavors of AxProtector are available as command line tools to make them perfect choices for automated build environments, easily managed and tailored for the intended use with simple settings in the configuration files. A GUI is available to make it easier for first time users to get into the world of automatic encryptions and create these configurations, allowing them to simply select the options they want. This also accounts for the special requirements and capabilities of each protection mechanism, e.g. listing the .NET methods that could be excluded from encryption or assigned another license.
A user message interface is available for all AxProtectors if e.g. the right license is not avail-able or certain restrictions, like the choice of server, should apply for a license. It can display messages for the user or offer the opportunity to activate the missing license. Wibu-Systems has prepared a range of user message libraries, which can still be customized via their configuration files. The interface could also be used to provide libraries in your own corporate design.
The specialists at Wibu-Systems never stop improving and refining all parts of CodeMeter Protection Suite. This means more than just adding new mechanisms to offer even higher levels of protection. Performance is always top of mind with our developers. Would-be attackers progress with the times, and protection that was sufficient three years ago might be easier for them to beat today. With this in mind, Wibu-Systems keeps at the forefront of technological developments to give you and your products stronger and more perfectly matched protection capabilities every time. You can trust our expertise!
KEYnote 40 – Edition Fall 2020