Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- software protection techniques
February 11, 2006, 11:14 am
rate this thread
Re: software protection techniques
An implementation example:
An approach is to provide your users with a code that works only for
one particular machine. Basically you inspect the hardware for serial
numbers and unique numbers (like mac addresses) then build a "message"
from this information that can be used to generate/calculate a key
possibly using a cryptographic hash function. To implement the notion
of expiration you can include an expiration date in the message so that
the key gets valid for a given hardware and until a given date. Note
that most of the time you won't be able to calculate the expiration
date from the key (because of the properties of cryptographic hash
functions) - so either you should "guess" it by trying a range of
values of otherwise you'll need to store it somewhere.
Problems to address:
Reverse engineering. This might allow an attacker to a/ understand the
mechanisms of the protection and build a key generator, or b/ to remove
the protection. Against a/ you might want to use some programs to make
your executable difficult to reverse engineer - make a google search
for this. You might also want to implement your protection following a
logic that is difficult to follow (but don't underestimate the
motivation of an attacker). Against b/ you should make several calls to
the protection in different areas of the program and in different
manners. Probably, the best would be to implement some sort of
self-inspection, assuring the executable was not changed. But this
self-inspection part is subject to the same sort of attacks than the
In any case a regular communication with a server controlled by the
editor helps a lot.