Secure software licensing
How good is good software protection? As a software developer what do I need to think about during development to make sure my software is as perfect as possible? How long should good software protection last? The Egyptian Pyramids are a classic example of good protection. Many fatal accidents of varying nature made sure no attacker had a chance to attack again. Of course progress in the world continued and thanks to X-ray equipment, the internal workings of the pyramids are no longer a secret. It has always been a good idea to protect one’s property, and the pyramids certainly were well protected by the standards of the time. If they hadn’t been, it is questionable whether they would today enjoy the fame they do.
Why protection is sensible
The same principle applies to software protection today. If everything can eventually be cracked, is it worth protecting software at all? Isn’t it a waste of time and effort? This may be true in a few cases, but in general the benefit of software protection is greater than the cost. Honest customers can’t accidentally violate license terms and use more licenses than they have paid for. Your competitors can’t just copy and plagiarize your methods. Hence you keep your competitive edge in the market. If the Egyptians had just buried their pharaohs in a field, they probably wouldn’t have earned their place in history. They were protected so well that they are now on exhibition in museums around the world. Hence they achieved their desire for immortality.
Reading out data
The simple “is there a license?” question provides the most primitive type of protection. Accidental multiple use of the software is thus avoided, but this simple question does not protect it against hackers who professionally copy the software or use reverse engineering to find out your methodology. The hackers also read the data in the license e.g. activated modules or flow control data.
This type of protection requires a yes/no decision in the code. A disassembler can locate the question and replace it with code which ensures the question is always answered with “yes”. Alternatively, the hacker can imitate the right answer. It makes no different whether this is done in a self-written statically linked library or in an external copy protection system.
Encrypting random data
If more sophisticated protection is required, cryptography can be used. The “what do I encrypt when?” strategy is important here.
Encrypting random data is slightly more reliable than reading out data. The data is decoded later and the license is only correctly verified if the two values match. However, this type of protection also requires a simple yes/no decision in the code. This type of encryption can also be simulated by another encryption e.g. an XOR.
Encrypting required data
A more suitable method is to encrypt data or, better still, the executable code required by the application. The data is encrypted and embedded in the software prior to release. It is subsequently decoded by the copy protection system, for example a dongle. If the license is missing, the required key is missing and hence the data cannot be decoded or used.
A hacker can try to change the question so that the checksum comparison always returns “yes”. The software calculates an incorrect value and hence will not run correctly or, in the worst case, crashes. Hence it is almost impossible to crack the software without the relevant license. The hacker would have to guess the encrypted data.
Unfortunately this type of protection has a major drawback: it can be cracked by eavesdropping on the transmission between the software and copy protection. The only solution is to build lots of encrypted secrets into the software at different places.
More than one key
In particular, CodeMeter improves encryption of the necessary data as it allows more than one key to be used. As a consequence the same data can be encrypted with different keys and embedded in different places in the software. At runtime you randomly select which key to use. It is now much more difficult for the hacker to locate all the questions.
This method makes it extremely difficult and therefore expensive to crack existing licenses. You can further improve protection by NOT randomly choosing the random key. Instead you should couple it to the date and the computer data. The hacker thinks he has found a hack which works, but he will soon discover it doesn’t work later on or for his “customers”.
Not only does CodeMeter offer AES-based encryption, it can optionally generate signatures. You generate a random number, the so-called challenge, which you let the CmDongle sign. You then receive the response. The corresponding private signature key is securely stored in a secret or hidden data field in the CmDongle.
You verify the signature in the software using the matching public key which you have embedded in your software. This key is only used for verification. Even if the hacker manages to extract it from the software, he can’t use it to generate a valid signature.
Challenge-response requires a yes/no decision in the software, but it cannot be simulated using XOR. Compared to AES encryption, signature generation is very slow. It takes approximately 300 ms which means the mechanism should be used sparingly.
Alongside simulation of the copy protection by the hacker, the second weak point is the modification of the protected application. The hacker changes the code in the application. For example, he replaces a JNZ (“jump if not zero”) command with a JZ (“jump if zero”) command. You can prevent this by monitoring your software for changes i.e. by building checksums and hash values over certain sections of the software and checking them at runtime. The saying “the more the better” certainly applies here. A high level of nesting is also helpful. An even better solution is to use checksums as jump addresses. Integrating these manually into the code is a time consuming and an error-prone job though.
Traps destroy the license
How were the pyramids protected so well? They contained deadly traps! CodeMeter is the modern day version of these traps. When you detect a manipulation, for example an invalid hash value, a locking sequence is sent to the CmDongle. This detects and subsequently locks all of your licenses so they can’t be used any more. Any data which has not yet been decoded is now permanently out of reach of the attacker. You can of course reactivate your licenses at any time via a remote update file. The licenses are not permanently destroyed; on the contrary, they are always under your control. Incidentally, the remote update file can only be transferred to and used once by the dedicated CmDongle. If the attacker falls into the next trap, the procedure is repeated.
CodeMeter offers an extensive framework for state-of-the-art software protection. When correctly integrated into the depths of your software, the protection may not last several thousands of years as it did for the pyramids, but it will certainly last several thousand days.
Instead of using a hammer and axe for the integration, Wibu-Systems offers you AxProtector and, more importantly, IxProtector. AxProtector fully encrypts your software using different keys and implements traps to lock the license.
IxProtector is needed to subsequently decode the individual parts of your application.
You don’t have to make any decisions about what to encrypt. Just use the executable code with IxProtector. Without this tool, the software won’t run properly.
The hacker has to execute all of the software to discover all of the secrets. The longer he executes and analyses the software, the more traps he will fall into.
Some of the recently discovered individual hacks demonstrate how incredibly important it is to integrate the protection deeply within the product. None of the analyzed hacked software was protected by IxProtector and none had simple questions built in. For good protection we recommended using AxProtector and IxProtector. Enable as many of the anti-debug features as possible in AxProtector. Our Professional Services team will also be happy to support you with the individualized integration into your software.
KEYnote 22 – Edition Fall 2011