What is an esp key. Electronic keys

Good afternoon, dear readers! This article is dedicated to business owners, regardless of its size and organizational form and ordinary citizens of our country. It will be equally useful and interesting, both for simple individual entrepreneurs and for the owners of large enterprises. commercial enterprises. What do they have in common? The answer is simple - document flow and the need to interact with various government agencies! Therefore, let's talk about a tool that will greatly simplify the movement of documentation, both within the enterprise and beyond! Today we will consider in detail how to obtain an electronic signature (EDS)!

Let's start with the essence of the electronic signature and the mechanism of its functioning, then we will consider the scope and unconditional usefulness, after which we will discuss how to obtain it for individual entrepreneurs, individual entrepreneurs and legal entities, and also talk about the necessary documents. We have collected the most complete information on how to get an EDS! By the way, if necessary, with its help you can close the IP. The article describes how to do it!

What is an electronic digital signature: the simple essence of a complex concept!

Each document at the enterprise must be signed by an authorized person. The signature gives it legal force. Modern technologies converted documents to electronic format. Which turned out to be extremely convenient! Firstly, electronic documents simplified and accelerated data exchange in the enterprise (especially with international cooperation). Secondly, the expense associated with their turnover has been reduced. Thirdly, the security of commercial information has been significantly improved. Despite the electronic format, each document must be signed, so the EDS was developed.

What is electronic digital signature? This is an analogue of traditional painting in digital format, which is used to give legal effect to documents on electronic media. The word "analogue" should be understood as a sequence of cryptographic symbols generated randomly using a special software. It is stored electronically. Usually flash drives are used.

There are two important concepts associated with ES: a certificate and a key. A certificate is a document that certifies that an electronic signature belongs to a specific person. It comes in normal and enhanced. The latter is issued only by some accredited certification centers or directly by the FSB.

The electronic signature key is the same sequence of characters. The keys are used in pairs. The first is the signature, and the second is the verification key that certifies its authenticity. For each new signed document, a new unique key is generated. It is important to understand that the information received on a flash drive in a certification center is not an ES, it is just a means for creating it.

An electronic signature has the same legal weight and effect as a paper document. Of course, if there were no violations during the application of this parameter. If a discrepancy or any deviation from the norm is detected, the document will not become valid. The use of EDS is regulated by the state with the help of two laws FZ-No. 1 and FZ-No. 63. They affect all areas of application of the signature: in civil law relations, in interaction with municipal and state bodies.

How did the idea of ​​using the EPC come about: let's remember the past!

In 1976, two American cryptographers Diffie and Hellman suggested that electronic digital signatures could be created. It was just a theory, but it resonated with the public. As a result, already in 1977, the RSA cryptographic algorithm was released, which made it possible to create the first electronic signatures. Compared to the present, they were very primitive, but it was at this moment that the foundation was laid for the future rapid development of the industry and the ubiquity of electronic document management.

The millennium brought significant changes. In the United States, a law was passed according to which a signature on paper was equal in legal force to an electronic one. Thus, a new rapidly growing segment of the market appeared, the volume of which, according to the forecasts of American analysts, by 2020 will amount to $30 billion.

In Russia, the first EPs began to be used only in 1994. The first law that regulated their application was adopted in 2002. However, it was distinguished by extreme vagueness of wording and ambiguity in the interpretation of terms. The law did not give an unambiguous answer to the question of how to obtain an electronic signature and use it.

In 2010, a large-scale project was developed to create a virtual environment to provide public services in electronic format, which in August of the same year was submitted for consideration to the President of the Russian Federation. One of the key areas of the project is the possibility of using EDS. The regions were obliged to create conditions for free access physical and legal entities to the possibilities of electronic document management, so that everyone can get an ES. Since then, the “electronic state” has been actively developing in Russia.

In 2011, the President ordered the executive authorities to switch to electronic document management within the structures. By June of the same year, all officials were provided with EDS. The program was financed from the federal budget. In 2012, electronic document management began to work in all executive authorities of the Russian Federation without exception.

After these transformations, two questions were acute. First, EP was not universal. For each goal, a new signature had to be obtained. Secondly, some crypto providers were not compatible with others, which put their clients in a difficult position. Therefore, since 2012, a global process of unification in the field of electronic document management has begun. Thanks to this, we have modern universal signatures and software.

EDS Signature: 5 Benefits and 6 Uses!

Many entrepreneurs do not yet apply in their economic activity EPC. In many ways, the reason for this is elementary ignorance of all its capabilities and advantages. Using an electronic format to sign documents, subjects entrepreneurial activity(IP, LE) receive the following benefits:

1. Documents are maximally protected from falsification.

Since the computer is very difficult to deceive. In this case, it is completely excluded human factor. After all, you can simply not notice that the signature under the document is different from the original. An electronic signature cannot be forged. This requires very large computing power, which is almost impossible to implement at the current level of development of devices, and a lot of time.

1. Optimization, acceleration and simplification of workflow.

Complete exclusion of the possibility of data leakage or loss of important papers. Any copy certified with an electronic identifier is guaranteed to be received by the addressee in the sent form: no extraordinary circumstances can cause damage to it.

1. Reduction of costs due to refusal of paper carriers.

For small firms keeping records in paper form was not burdensome, which cannot be said about large enterprises. Many of them had to rent separate premises, warehouses for storing documents for 5 years. In addition to the cost of paper, printers, ink, stationery, rent was added! In addition, depending on the field of activity, some companies could reduce costs by reducing the number of employees who were involved in documents: receiving, processing, etc. The need to recycle paper has also disappeared: for certain types organizations whose activities are related to confidential information, even this line of expenses turned out to be significant. The process of destroying documents under the EDS is a few clicks with a computer mouse.

1. The format of papers signed by ES fully complies with international requirements.
2. There is no need to obtain a separate signature to participate in bidding or submit reports to regulatory authorities.

You can get an ES, which will allow you to use it at all necessary sites.

Before proceeding to the consideration of the question of how to obtain an electronic signature, we list all possible options its use:

1. Internal document flow. It implies the transfer of commercial information, orders, instructions, etc. inside the company.
2. External document flow. We are talking about the exchange of documents between two organizations partners in the B2B system or between an enterprise and a B2C client.
3. Submission of reports to regulatory authorities:

• Federal Tax Service,
• Pension Fund,
• social insurance fund,
• customs service,
• Rosalkogolregulirovanie,
• Rosfinmonitoring and others.

1. To gain access to the "Client-Bank" system.
2. To participate in auctions and bidding.
3. For public services:

• Website of the State Service,
• RosPatent,
• Rosreestr.

How to get an electronic signature: step by step instructions!

Having appreciated all the advantages of using an electronic signature, you have decided to get it. And, of course, faced with a natural question: how to do it? We will answer this question with a detailed step by step instructions which will help you quickly and easily get EDS signature!

There are 6 steps in total.

Step 1. Selecting the type of ES.

Step 2. Choosing a certification authority.

Step 3. Filling out the application.

Step 4. Payment of the invoice.

Step 5. Collecting a package of documents.

Step 6. Obtaining an EDS.

Now let's talk about each step in more detail!

Step 1. Choice of view: to each his own!

The first step to obtaining an electronic signature is choosing its type. According to federal laws distinguish the following types of EDS:

1. Simple. It encodes data about the owner of the signature, so that the recipient of the paper is convinced who the sender is. It does not protect against forgery.
2. Reinforced:

• unqualified - confirms not only the identity of the sender, but also the fact that no changes were made to the document after signing.
• qualified - the most secure signature, the legal force of which is 100% equivalent to that of an ordinary signature! It is issued only in those centers that are accredited by the FSB.

Recently, more and more customers want to get enhanced qualified signature, which is quite reasonable. Like any other “keys” that provide access to private information or financial transactions, fraudsters of various categories hunt for EDS. Analysts believe that over the next 10 years, the first two species will simply become obsolete. The choice depends on the use of the EDS. To make it easier to make a decision, we have compiled the data in a table, it will help you make a choice and stop at a specific necessary and sufficient form.

Scope of application	Simple	Unskilled	qualified
Internal document flow	+	+	+
External document flow	+	+	+
Court of Arbitration	+	+	+
Website of the State Services	+	-	+
Supervisory authorities	-	-	+
Electronic auctions	-	-	+

If you are going to get an EDS signature for the convenience of reporting, you will have to apply for a qualified one. If the goal is document flow at the enterprise, then it is enough to get a simple or unqualified signature.

Step 2. Certification Authority: TOP-7 largest and most reliable companies!

A certification authority is an organization whose purpose of functioning is to generate and issue electronic digital signatures. A CA is a legal entity whose charter specifies the relevant type of activity. Their functions include:

• issuance of EDS;
• providing a public key to everyone;
• blocking the electronic signature, in the event that there is a suspicion of its unreliability;
• confirmation of the authenticity of the signature;
• mediation in case of conflict situations;
• provision of all necessary software for clients;
• technical support.

On the this moment within the territory of Russian Federation there are about a hundred such centers. But only seven are industry leaders:

1. EETP is the market leader electronic trading RF. The company's activities are highly diversified, which does not prevent it from occupying leading positions in each segment. In addition to organizing and conducting auctions, he is engaged in the sale of property that is not selling well, teaches the features of participation in auctions, forms and sells EDS.
2. Electronic Express is the official operator of the electronic document management of the Federal Tax Service. It has a full set of licenses (including the FSB license).
3. Taxnet - develops software for electronic document management. Including is engaged in the creation and implementation of EDS.
4. Sertum-Pro Kontur - the company deals with certificates of electronic signatures. In addition, it offers many convenient additional services for its customers, which will significantly expand the possibilities of ES.
5. Taxcom - the company specializes in external and internal document management of companies and reporting to various regulatory authorities. For this, appropriate software is being developed and electronic signatures are being created. It is on the list of official data operators from cash registers.
6. Tenzor is a giant in the world of document management in telecommunications networks. It provides a full range of services: from the development of complexes for automating the workflow at enterprises to the creation and implementation of electronic signatures.
7. National certification center - develops and sells various EDS certificates, offers customers software for generating and submitting reports to all government bodies.

Choose a CA depending on your capabilities and location. It is important to check whether there is a point of issue of ready-made electronic signatures in your city. This is fairly easy to find out by visiting the official websites of the companies.

If for some reason you are not satisfied with the centers from our TOP-7 list, then you can use the services of other companies. A complete list of accredited CAs can be found on the website www.minsvyaz.ru in the "Important" section.

Step 3. How to get an electronic signature: fill out an application!

The choice is made, now you know exactly what you want, so it's time to apply to the certification center. This can be done in two ways: by visiting the company's office or by filling out an application on its website.

Sending an application remotely will save you from a personal visit. The application contains a minimum of information: full name, contact phone number and e-mail. Within an hour after sending, an employee of the CA will call you back and clarify the necessary data. In addition, he will answer all the questions that interest you and advise which type of EDS to choose for your case.

Step 4. Paying the bill: money in advance!

You will have to pay for the service before you receive it. That is, immediately after the application is accepted and the details are agreed with the client, an invoice will be issued in his name. The cost of an EDS varies depending on the company you applied to, the region of residence and the type of signature. It includes:

• generating a signature key certificate,
• software necessary for creating, signing and sending documents,
• customer technical support.

The minimum price is about 1500 rubles. The average is 5,000 - 7,000 rubles. The cost of one ES may be lower than 1,500 rubles, only if signatures are ordered for a large number of employees of one enterprise.

Step 5. Documents for obtaining an EDS: we form a package!

When forming a package of documents, it is essential which subject of civil law acts as a customer: individual, legal or individual entrepreneur. Therefore, we will consider documents for obtaining an EDS separately for each category.

Individuals must provide:

• statement,
• passport plus copies
• individual taxpayer number,
• SNILS.
• Receipt of payment.

An authorized representative of the recipient of the electronic signature can submit documents to the CA. To do this, you need to issue a power of attorney.

To obtain an EDS, a legal entity will have to prepare:

1. Statement.
2. Two certificates of state registration: with OGRN and TIN.
3. Extract from the register of legal entities. Important! The extract must be "fresh". Each certification authority has its own requirements for this.
4. Passport plus a copy of the person who will use the ES.
5. SNILS of the employee who will use the EDS.
6. If the signature is issued for the director, then you need to attach an order of appointment.
7. For employees who are lower in the hierarchical ladder of the company, you will have to issue a power of attorney for the right to use the EPC.
8. Receipt of payment.

Documents for obtaining an EDS by individual entrepreneurs:

1. Statement.
2. Registration certificate with OGRNIP number.
3. Certificate with TIN.
4. Extract from the register of entrepreneurs, issued no earlier than 6 months ago, or a copy certified by a notary.
5. The passport.
6. SNILS.
7. Receipt of payment.

Confidant individual entrepreneur can pick up an electronic digital signature in the presence of a power of attorney and a passport. When submitting an application in electronic form, documents are sent to the CA by mail, and during a personal visit, they are submitted simultaneously with the application.

Step 6. Getting a digital signature: the finish line!

Documents can be obtained at numerous points of issue, which are located throughout the country. Information about them can be found on the official website of the UC. Usually, the term for obtaining a signature does not exceed two to three days.

Delay is possible only on the part of the customer who did not pay for the services of the certification center in time or did not collect all Required documents. Please note that you need to get an extract from the unified state register of individual entrepreneurs or legal entities on time, since this process takes 5 working days! Some CAs provide the service of urgent issuance of EDS. Then the whole procedure takes about one hour. Now you know how to get an electronic signature.

Important! The EP is valid for one year from the date of its receipt. After this period, it will need to be renewed or a new one obtained.

Do-it-yourself digital signature: the impossible is possible!

In fact, creating an electronic signature on your own is quite realistic. If you have the appropriate education, you can thoroughly understand what an electronic digital signature is and stock up with invincible enthusiasm. True, we should not forget that we will not only have to generate a cryptographic sequence, we also need to develop and write the appropriate software. A natural question arises: why do this? Moreover, the market is replete with ready-made solutions! For large companies it is also not profitable to “mess around” with the independent development of an electronic signature, since you will have to hire a staff of new employees in the IT department. And in the article

August 01, 2001 This material is devoted to the protection of hacking software. To be more precise, it will focus on electronic keys - one of the most common ways to protect software products today.

Electronic keys- in fact, the only technical solution that provides acceptable level protection and, at the same time, delivers the least inconvenience to end users.

Application protection methods

Among the technical solutions proposed for the protection of replicated software, several main groups can be distinguished.

Use of key floppy disks and specially coated CDs, passwords and registration numbers

These protection methods do not require large financial costs during implementation, however, they have low resistance to cracking. As a result, the use of such protection is justified only for software of the lower price category. For such programs, popularity and large circulations are important (sometimes due to pirated copies). The use of a more reliable, but also expensive protection system, in this case, will not make sense (it will even have a negative effect).

Binding to the unique characteristics of the computer

The burglary resistance of this protection method is much higher than that of the previous ones, with low cost for implementation. However, due to the peculiarities of the implementation of the protection mechanism, it is the most inconvenient for end users and causes numerous complaints. After all, a program protected in this way cannot be transferred to another computer, there are difficulties with upgrades, etc. The use of such protection is advisable in cases where the manufacturer is sure that it will not scare away customers.

The most recent use of this method is in the built-in copy protection of new Microsoft software products.

Software and hardware protection using electronic keys

Today it is the most reliable and convenient method of protecting replicated software of the middle and highest price categories. It is highly resistant to hacking and does not restrict the use of a legal copy of the program. The use of this method is economically justified for programs costing more than $80, since the use of even the cheapest dongles increases the cost of the software by $10-15. Therefore, each key manufacturer strives to develop new, cheaper models to protect high-circulation low-cost products without compromising their effectiveness.

Electronic keys mainly protect the so-called "business" software: accounting and warehouse programs, legal and corporate systems, construction estimates, CAD, electronic directories, analytical software, environmental and medical programs, etc. The development costs of such programs are high, and their cost is correspondingly high, so the damage from piracy will be significant. Here, electronic keys are the optimal protection.

As you can see, when choosing a means of protection, the developer must proceed from the principle of economic feasibility. Protection should fulfill its main purpose - to significantly reduce, and ideally stop, losses from piracy, while not greatly increasing the cost of the program, which may adversely affect sales. The manufacturer is also obliged to take into account the interests of users. Ideally, protection should not cause them any inconvenience.

What is an electronic key

The electronic key prevents illegal use (exploitation) of the program. It is often said that the key protects against copying, but this is not entirely true. A protected program can be copied, but a copy without a key will not work. That. copying just doesn't make sense.

Actually, an electronic key is a device the size of, as they say, “with a matchbox”, which is connected to one of the ports of the computer. The key consists of a board with microcircuits (auxiliary elements, microcontroller and memory) enclosed in a plastic case. The microcontroller contains the so-called "mathematics" - a set of commands that implement a certain function or functions that serve to generate key exchange information blocks and a protected program. Otherwise, these blocks are called "questions and answers". The memory of the electronic key contains information about its characteristics, as well as user data. The key has two sockets. Using one, it is connected to the LPT port (parallel port) of the computer, the other is used to connect a peripheral device. When used correctly, a modern dongle usually does not interfere with the operation of printers, scanners and other peripherals that are connected through it to the parallel port.

What are electronic keys

Electronic keys are extremely diverse in their design (internal and external), purpose, appearance etc. They can also be classified according to compatibility with software environments and types of computers, according to the connection method and degree of complexity (functionality), etc. However, a story about all types of keys would take a lot of time, so you should focus on the most widely used decisions.

So, dongles are most often used to protect local and network Windows and DOS applications. The bulk of the keys today are devices for the parallel port. However, USB dongles are gaining more and more popularity, and it is likely that in the near future they will seriously compete with LPT dongles.

Complex (multifunctional) keys are used to protect expensive software; simpler keys are used to protect cheaper programs.

According to the device, electronic keys are divided into

• Keys without built-in memory
  Such keys do not provide the proper degree of security for the application. After all, only the presence of memory in addition to the logical block of the key allows you to build a protection system of any complexity. The dongle's memory can store information necessary for the program to work, password lists (essentially, an electronic key can be used as a means of identification), etc. The memory capacity of most modern dongles usually reaches several hundred bytes. The use of dongles without built-in memory can only be justified for the protection of cheap large-circulation programs.
• Keys containing only memory
  This class of keys is obsolete. Such keys are no longer issued, but a fairly large number of them are still retained by end users of the software.
• Keys on a custom ASIC chip
  Today it is the most common class of keys. Their functionality is determined by the specific type of ASIC chip. The disadvantage of such keys is, so to speak, the "completeness" of the design. The range of their properties is limited by the framework defined during the creation of the microcircuit. All keys of the same model work according to the same algorithm or algorithms (i.e., they contain functions of the same type). This feature can adversely affect the degree of resistance of the protection system. After all, the frequently repeated protection model makes it easier for a cracker.
• Microprocessor keys
  This type of keys, unlike the previous one, has a much more flexible device. In the controller of the microprocessor key, you can "flash" a program that implements functions that are different for each client. In principle, any microprocessor key can be easily programmed so that it will work according to its own unique algorithm.

An electronic key is a hardware part of protection. The software part consists of special software for working with keys. It includes tools for programming keys, utilities for installing protection and diagnostics, key drivers, etc.

Protecting applications with a key

In order to install the security system, it is necessary to program the electronic key in the required way, i.e. to enter into its memory information by which the protected program will identify the key and "bind" the program to the key by setting automatic protection and / or protection using API functions.

For dongle memory programming, special utilities are mainly used, with the help of which the contents of the memory fields are read and overwritten, the fields themselves are edited, changed or deleted, and the dongle is programmed remotely. Programming utilities are also used to debug the protection scheme. With their help, they check the correct execution of API functions, create arrays of questions and answers of the key, etc.

Protection methods

There are protection systems that are installed on executable software modules(hinged or automatic protection), and protection systems that are built into the source code of the program (protection using API functions).

Automatic protection

The executable file of the program is processed by the corresponding utility included in the software package for working with dongles. As a rule, this protection method is almost completely automated, the installation process takes only a few minutes and does not require special knowledge. After that, the program turns out to be “tuned” to an electronic key with certain parameters.

Automatic protection utilities usually have many service functions that allow you to select different modes of "binding" the program to the dongle and implement additional features. For example, such as protection against viruses, limiting the operating time and the number of program launches, etc.

However, it should be borne in mind that this method cannot provide sufficient reliability. Since the automatic protection module is attached to the finished program, it is likely that an experienced hacker will be able to find a "connection point" and "unhook" such protection. A good auto-protect utility should have options that make it difficult to debug and disassemble the protected program.

Protecting with API Functions

This protection method is based on the use of API functions collected in object modules. The API functions allow you to perform any operations with a key (search for a key with specified characteristics, reading and writing data, calculating checksums, converting information, etc.). This allows you to create custom protection schemes suitable for any occasion. In general, we can say that the possibilities of API protection are limited only by the richness of the developer's imagination.

Libraries of special API functions and examples of their use, written in various programming languages, should be included in the software package for working with dongles. To install protection, you need to write calls to the necessary API functions, insert them into the source code of the program, and compile them with object modules. As a result, protection will be embedded deep into the body of the program. Using API functions provides a much higher degree of security than automatic protection

Almost the only “disadvantage” of this method of protection, according to some software manufacturers, is the additional cost of training personnel to work with API functions. However, without using the API, it is impossible to count on an acceptable resistance of the protection system. Therefore, in order to make life easier for developers, protection system manufacturers are working on programs that simplify the installation of API protection.

AT in general terms The work of the protection system can be represented as follows:

During operation, the protected program transmits information, the so-called “question”, to the electronic key. The electronic key processes it and returns it back - “answers”. The program identifies the key based on the returned data. If it has the correct parameters, the program continues to run. If the key parameters do not match, or it is not connected, then the program stops its work or goes into demo mode.

The confrontation between the developers of security systems and crackers (hackers or crackers) is an arms race. The constant improvement of means and methods of hacking forces security developers to continuously update or invent new means and methods of protection in order to be one step ahead. After all, a scheme that was effective yesterday may be unsuitable today.

Security cracking methods

Making a hardware copy of the key

This method consists in reading the contents of the key's memory chip by special software and hardware. Then the data is transferred to the chip of another key (""blank"). This method is quite laborious and can be used if the key memory is not protected from reading information (which was typical for keys containing only memory). In addition, creating a hardware copy of the dongle does not solve the problem of replicating the program, because it still remains "attached", but only to another dongle. For these reasons, the production of hardware copies of keys is not widely used.

Making an emulator (software copy) of a key

The most common and effective method hacking, which consists in creating a software module (in the form of a driver, library or resident program) that reproduces (emulates) the operation of an electronic dongle. As a result, the protected program no longer needs a key.

Emulators can reproduce the operation of keys of a certain model, or keys supplied with some program, or one specific key.

By organization, they can be divided into structure emulators and response emulators. The former reproduce the structure of the key in detail (usually these are universal emulators), the latter work on the basis of a table of questions and answers for a specific key.

In the simplest case, to create an emulator, a hacker must find all possible correct questions to the key and match the answers with them, that is, get all the information exchanged between the key and the program.

Modern keys have a whole set of tools that prevent emulation. First of all, these are various options for complicating the key exchange protocol and the protected program, as well as encoding the transmitted data. The following main types of secure exchange protocols or their combinations are used:

• floating protocol - "garbage" is transmitted along with real data, and over time, the alternation order and the nature of both real and unnecessary data change chaotically
• encrypted protocol - all transmitted data is encrypted
• with automatic verification - any operation of writing to the dongle memory is accompanied by an automatic check of the data for adequacy

Additional complication of the exchange protocol is achieved by increasing the amount of transmitted information and the number of questions to the key. Modern keys have enough memory to handle large amounts of data. For example, a key with a memory of 256 bytes can process up to 200 bytes of information in one session. Compiling a table of questions for such a key today seems to be a very laborious task.

Automatic protection module compartment

As mentioned earlier, automatic protection does not have a sufficient degree of resistance, since it does not form a single whole with a protected program. As a result, the "envelope protection" can be removed with some effort. There are a number of tools used by hackers for this purpose: special automatic cracking programs, debuggers, and disassemblers. One way to bypass protection is to determine the point at which the protection "envelope" ends and control is transferred to the protected program. After that, forcibly save the program in an unprotected form.

However, in the arsenal of manufacturers of protection systems there are several tricks that make it possible to make the process of removing protection as difficult as possible. A good auto-protection utility will definitely include options that provide

• countering automatic hacking programs,
• counteracting debuggers and disassemblers (blocking standard debugging tools, dynamic coding of the protection module, calculation of checksums of program code sections, “crazy code” technology, etc.),
• encoding of the protected body and overlays of the program using conversion algorithms (functions).

Removing API Function Calls

To remove API function calls from program source code, hackers use debuggers and disassemblers to find where the calls originate, or function entry points, and patch the code accordingly. However, with the right organization of API protection, this method becomes very laborious. In addition, the cracker can never be completely sure that he has correctly and completely removed the protection, and the program will work without failures.

There are several effective ways to counter attempts to remove or bypass API calls:

• use of "crazy code": when creating API functions, their commands are mixed with "garbage" - unnecessary commands, i.e. the code is very noisy, which makes it difficult to study the logic of the functions
• using multiple API entry points: In good API protection, each function has its own entry point. To completely neutralize the protection, the attacker must find all points

Software and hardware protection provides the person who implements it with a sufficiently large freedom of action. Even with automatic protection, you can choose among the available options and define the properties of the protected program accordingly. And when using API functions, you can implement any, even the most sophisticated protection model. That. There is no single and detailed scheme for building protection. However, there are many ways to make your defense more durable (listed below are just a few).

Hacking countermeasures

Combining automatic and API protection

As mentioned above, each of these types of protection has its own bottlenecks. But together they perfectly complement each other and constitute an insurmountable barrier even for an experienced burglar. At the same time, automatic protection plays the role of a kind of shell, an external boundary, and API protection is the core.

API protection

It is recommended to use several functions in API protection. Their calls must be distributed throughout the application code and mix function variables with application variables. Thus, the protection of the API is deeply embedded in the program, and the cracker will have to work hard to determine and select all the protection functions.

It is mandatory to use algorithms (or functions) for data transformation. Encoding information makes it pointless to remove API function calls, because the data will not be decoded.

An effective way to complicate the security logic is to delay the program's reaction to the return codes of API functions. In this case, the program decides on further work after some time after receiving the return codes. Which forces the cracker to trace complex cause-and-effect relationships and examine too large sections of code in the debugger.

Automatic protection

With automatic protection, it is necessary to enable the protection options against debugging and disassembly tools, the options for encoding and checking keys over time. It is also useful to use virus protection. At the same time, the CRC of code sections is checked, which means that the file is also protected from modification.

Protection update

After the implementation of the protection system, it is important not to forget about the timely updating of software for working with keys. Each new release- these are fixed errors, closed "holes" and new security features. It is also necessary to constantly monitor the situation on the protection systems market and, if necessary, change the protection system to a more advanced and reliable one in a timely manner.

Possibilities of the electronic key

Of course, first of all, the key is designed to protect programs. However, the potential of modern software and hardware protection is so great that it allows the use of electronic keys to implement marketing strategy and sales optimization. Here are some options for such "inappropriate" use.

Demos

Using dongles, you can easily create demo versions of software products without writing a demo version of the program. You can freely distribute copies by blocking or restricting some features of the program, which are activated only with a dongle. Or provide customers with a fully functional program as a trial ("trial") version, limiting the number of runs. And after payment, extend the period of using the program or remove the restriction altogether.

Rental and leasing

If the program is expensive, it is often convenient and profitable to sell it in parts or rent it out. In this case, the keys will also be of great service. How does this happen? A full-fledged working copy of the program, limited in time, is provided to the client. After the client makes the next payment, the period of use of the program is extended by remotely reprogramming the key memory.

Selling the program in parts

If the program consists of several components (for example, a set of electronic translators - English-Russian, Franco-Russian, etc.), then you can include all the modules in the distribution package, but activate only those for which you paid. If desired, the client can always pay for the program component he is interested in, which will be activated using remote key programming.

Updating a protected application

Manufacturer released new version programs. Now he faces the problem of updating the program for registered users. Remote key programming makes this procedure quick and easy. When a new version of the application is released, users of previous versions do not need to issue or sell a new key. You just need to reprogram the memory section of the existing key and send the new version to the client (free of charge or for a small extra charge - depends on the company's marketing policy).

Licensing in local area networks

Licensing in this case means control over the number of copies of the program used. Network software vendors are well aware of the situation when one licensed program is bought, and dozens of copies of it are worked on the LAN. Under these conditions, the electronic key becomes effective tool, preventing the launch of "overlimit" copies of the program.

How is licensing carried out? Suppose a user is going to install some kind of program on the network (accounting, warehouse, etc.). When purchasing, he specifies the number of copies of the program that he needs and receives the appropriate license. The manufacturer gives the client a distribution kit and a properly programmed key. Now the user will be able to work only with the number of copies for which he paid. If necessary, he can always buy the missing copies, and the manufacturer will reprogram the electronic key for him without leaving his office.

It is easy to see that a modern hardware and software protection system provides many service functions that allow you to organize an effective marketing policy and, of course, get additional (and very tangible) benefits.

The future of electronic key

As long as software exists and the problem of software piracy persists, software and hardware protection will remain relevant. It is difficult to say what exactly it will be in ten years. But even now, some trends can be noted that are becoming obvious.

USB dongles are gaining popularity and are likely to gradually replace parallel port dongles. More complex and stable algorithms will be implemented in the keys, and the amount of memory will increase.

Electronic keys (arranged a little differently) are beginning to be used as a means of identifying computer users. Such identification keys, in combination with special programs, can protect web pages.

The possibilities of electronic keys will be used more and more to form the marketing strategy of software manufacturers, to promote software products.

General information. Electronic key is a device that can be in one of two stable states: closed or open. The transition from one state to another in an ideal electronic key occurs abruptly under the influence of a control voltage or current.

In modern electronic technology, transistor switches are most widely used.

Keys on bipolar transistors. The simplest transistor switch circuit (Fig. 5.2, a) is similar to the transistor amplifier circuit, but it differs in the transistor operation mode. When operating in the key mode, the operating point of the transistor can only be in two positions: in cutoff areas(transistor closed) and in saturation regions(transistor open and saturated). Such keys are called rich transistor keys. Sometimes switches are used in which the operating point with the transistor open is in the active region (usually near the saturation region, but does not reach it). Such keys are called unsaturated. Transistor saturated switches are more commonly used, since in their “On” state the output voltage has a lower level and is more stable.

Rice. 5.2. Transistor switch circuits (a) and characteristics (b) illustrating the mode changes when the key switches from the closed state (point A) to the open state (point B)

To ensure the cut-off mode, a negative voltage must be applied to the key input
(or positive for a p-n-p transistor).

For reliable locking of the transistor, the absolute value of the negative voltage
must be at least some value of the threshold voltage
, and the condition for ensuring the cutoff mode has the form

To switch the transistor to saturation mode, it is necessary to apply such a positive voltage to the input of the key , at which a current is created in the base circuit

where
- base current at the border between the active mode and the saturation mode (point B in Fig. 5.2, b).

Collector current in saturation mode

.

In saturation mode, the collector voltage
remains positive with respect to the emitter, but has a very small value (tenths of a volt for germanium transistors and 1 ... 1.5 V for silicon ones). Therefore, the voltage on the collector EAF turns out to be negative:

and it turns on in the forward direction.

The performance of the electronic key depends on the on and off time.

The turn-on time is determined by the delay time due to the inertia of the diffusion motion of minority charge carriers in the base of the BT, and the front formation time (settling time) of the output voltage. The turn-off time is the sum of the time of resorption of the minor charge carriers accumulated in the base and the time of formation of the cutoff of the output voltage.

The increase in the speed of the transistor switch is facilitated by the use of high-frequency transistors, an increase in the unlocking and reverse base currents, as well as a decrease in the base current in saturation mode.

To reduce the base current in saturation mode, unsaturated switches are used, in which a Schottky diode is connected between the base and the collector (Fig. 5.3). The Schottky diode has a trigger voltage of 0.1 ... 0.2 V less than the saturation voltage of the collector junction, so it opens before saturation occurs, and part of the base current passes through the open diode into the collector circuit of the transistor, thereby preventing accumulation in charge base of minority carriers. Unsaturated switches with a Schottky diode are widely used in ICs. This is due to the fact that the manufacture of Schottky diodes based on a transistor structure using integrated technology does not require any additional operations and does not increase the area of ​​the crystal occupied by the switch elements.

Rice. 5.3. Scheme of a key with a Schottky diode

Keys on MIS transistors. In the keys on field-effect transistors (Fig. 5.4) there is no such drawback as the accumulation and resorption of minority carriers, therefore the switching time is determined by the charging and recharging of the interelectrode capacitances. The role of the resistor can perform field effect transistors. This greatly facilitates the production technology of integrated switches based on field-effect transistors.

Rice. 5.4. Schemes of electronic keys on a FET with a p-n-gate (a) and MIS-type (b).

In keys on MIS transistors with an induced channel (Fig. 5.5), the role of the resistor transistors VT1 perform, and the role of the active element is transistors VT2. VT2 transistors have a p-type channel, and VT1 transistors have an n-type channel (Fig. 5.5, a) or n-type (Fig. 5.5, b). Their transfer characteristics are shown in fig. 5.6, a and 5.6, b respectively. Voltage graphs explaining the operation of the keys are shown in fig. 5.7.

Rice. 5.5. Schemes of electronic switches based on MIS transistors with induced channels of the same (a) and opposite (b) types of electrical conductivity

Rice. 5.6. Transfer characteristics of MIS transistors with induced channels of various types of electrical conductivity

Rice. 5.7. Graphs of changes in the input (a) and output (b) voltages of electronic switches on MIS transistors

When a positive voltage is applied to the input transistors VT2, having a p-type channel, are closed. Transistor VT1 of the first key (Fig. 5.5, a) is open due to the negative bias voltage applied to its gate
. Transistor VT1 of the second key, which has an n-type channel (Fig. 5.5, b), also turns out to be open, since its gate is connected to the input, which has a positive voltage
. The resistance of open transistors VT1 is small compared to the resistance of closed transistors VT2, and
.

When a negative voltage is received at the input of the keys
transistors VT2 open, and transistors VT1 close. Almost all stress drops on the high resistance of the transistor VT1 channel, and
.

5.4. Basic logic elements on bipolar structures. Depending on the components that are used in the construction of the LE, and the method of connecting the components within one LE, the following types of LE, or types of logics, are distinguished:

diode-transistor logic (DTL);

transistor-transistor logic (TTL);

emitter-coupled logic (ECL);

injection-integrated logic (I 2 L, IIL);

logical elements on MOS-transistors (KMDP).

There are other types of LE. Some of them are obsolete and are not currently used, while others are under development.

Logic elements TTL. Transistor-transistor called such logical elements, in the input circuit of which a multi-emitter transistor (MET) is used. According to the principle of construction and operation, TTL circuits are close to DTL circuits. The emitter junctions of the MET act as input diodes, and the collector junction acts as a biasing diode. TTL elements are more compact than DTL elements, which increases the degree of integration of TTL chips. Integrated circuits based on TTL compared to DTL microcircuits have higher speed, noise immunity and reliability, greater load capacity and lower power consumption.

On fig. 5.8, a shows a 3I - NE LE TTL circuit with a simple inverter. If voltages are applied to all MET inputs
corresponding to level 1, then all the emitter junctions of МЭТВТ1 are reverse-biased, and the collector junctions are forward-biased. The MET collector current flows through the base of the transistor VT2, which opens and goes into saturation mode. A low level voltage is set at the output of the LE
.

If at least one MET input is energized
corresponding to level 0, then the corresponding MET emitter junction is shifted in the forward direction. The emitter current of this transition flows through the resistor R1, as a result of which the collector current of the MET decreases and the transistor VT2 closes. Voltage is set at the LE output high level
.

To increase the speed of the LE, a nonlinear feedback is introduced into it, carried out using a Schottky diode (diode VD in Fig. 5.10, a). A Schottky diode VD with an integrated transistor VT2 makes up a single structure, which is sometimes called a Schottky transistor.

Rice. 5.8. Logic AND - NOT TTL circuits with simple (a) and complex (b) inverters

On fig. 5.8, b shows a diagram of a logic element 2I - NOT TTL with a complex inverter. The operation of such an inverter has been discussed earlier.

A feature of a complex inverter is the inertia of the process of switching transistors VT2, VТЗ and VT4. Therefore, the performance of a complex inverter is worse than a simple one. To increase the speed of a complex inverter, an additional transistor is introduced into it, which is connected in parallel to the VT4 emitter junction.

Currently, several varieties of microcircuit series with TTL elements are being produced: standard (series 133; K155), high-speed (series 130; K131), micropower (series 134), with Schottky diodes (series 530; K531) and micropower with Schottky diodes ( series K555). They have a high percentage of output, low cost, have a wide functional set and are convenient for practical use.

ESL logic elements. The element base of emitter-coupled logic is devices based on current switches.

The simplest current switch circuit is shown in fig. 5.9, a.

Rice. 5.9. A simplified diagram of the current switch (a) and voltage graphs (b) explaining its operation

The total current of the transistors VT1 and VT2 is set by the current generator I included in the emitter circuit of the transistors. If the input (base VT1) receives a low level voltage
(logical 0), then transistor VT1 is closed and all current flows through the transistor VT2, the base of which is supplied with a reference voltage
, exceeding the lower level of the base voltage VT1.

A high-level voltage (logic 1) is generated on the collector of the closed transistor VT1, and a low-level voltage (logic 0) is formed on the collector of the open transistor VT2, as shown in Fig. 5.9, b. If a
, then transistor VT1 will open. Because
, then the transistor VT2 will be closed and all the current will flow through transistor VT1. A low level voltage is formed on the VT1 collector, and a high level is formed on the VT2 collector.

The parameters of the current generator are such that the transistors VT1 and VT2 do not go into saturation mode. This achieves high performance of the ESL elements.

The schematic diagram of the basic logical element of the ESL is shown in fig. 5.10. This LE simultaneously performs two logical operations: OR - NOT on output 1 and OR on output 2.

Rice. 5.10. Diagram of the basic logic element of the ESL

On transistors VT1, VT2 and VTZ, a current switch is made that provides the logical functions OR - NOT (on the VT2 collector) and OR (on the VТЗ collector). A high-resistance resistor R5 is used as a current generator, which is included in the combined emitter circuit of transistors VT1, VT2 and VТЗ. The reference voltage source is made on the transistor VT4 and diodes VD1 and VD2. The reference voltage, the level of which is approximately in the middle between the levels corresponding to 0 and 1, is applied to the base of the VТЗ transistor, so the VТЗ transistor will be closed if a higher level voltage (logic 1) is applied to at least one of the inputs and open if all the inputs have a low level voltage (logic 0). Logical information from collectors VT2 and VТЗ is supplied to the bases of output emitter followers made on transistors VT5 and VT6. Emitter followers serve to increase the load capacity of the LE and shift the output voltage levels for compatibility of the LE of this series in terms of input and output.

Representatives of LE ESL are integrated circuits of the 500th series.

The advantage of LE ESL is a well-established technology for their production, which provides a fairly high percentage of the yield of suitable microcircuits and their relatively low cost. ESL elements have a higher speed compared to LE TTL. Because of this, they are widely used in high-speed and high-performance computing. Differential cascades of LE ESL provide high noise immunity, stability of dynamic parameters with changes in temperature and voltage of power sources, constant current consumption independent of switching frequency.

The disadvantage of LE ESL is the high power consumption.

Logic elements AND 2 L. LE AND 2 L are made in the form of a chain of injection-powered transistors. A distinctive feature of such transistors in comparison with BT is the presence of an additional electrode - an injector. In this structure, two transistors can be distinguished: horizontal current supply and vertical switching connected as shown in Fig. 5.11, b. The role of the electronic key S is usually performed by the structure of the BT, connected with the OE and operating in the key mode.

Rice. 5.11. Schematic diagram of an injection-powered inverter

The displacement of the injector junction in the forward direction is achieved by applying a positive voltage equal to 1 ... If the key is open (in this case, the input voltage is high), then almost all of the generator current enters the base of the transistor VT2. The transistor is open and saturated, and its output voltage is units or tens of millivolts (assuming a load is connected to the collector). With the key S closed, almost the entire current of the current generator flows through the key and only a small part of it enters the base of the transistor VT2. The transistor is in active mode near the cutoff region. The collector voltage of the transistor in this mode corresponds to a high level - approximately 0.8 V.

Thus, an injection-powered transistor can be considered as an inverter or LE that performs a NOT operation.

On fig. 5.12 shows the circuit LE OR - NOT for two inputs. When logical zeros arrive at both inputs, transistors VT1 and VT2 are closed and a logical 1 is formed at the output. If at least one of the inputs receives a logical 1, then the corresponding transistor is open and saturated and the output, which is the union of all collectors, is set to logical 0.

Rice. 5.12. Simplified diagram of LE 2OR - NOT injection logic

The advantages of LE and 2 L are high degree integration, high speed, ability to operate at very low currents (units of nanoamperes) and low supply voltages.

5.5. Basic logical elements on MIS and CMIS structures. The basic element of logical ICs on MIS transistors is an inverter (NOT element). On fig. 5.13 shows inverter circuits on MIS transistors with a p-type channel with one (a) and two (b) power supplies.

Rice. 5.13. Schemes of inverters on MIS transistors (a, b) and graphs of input and output voltages (c)

Transistors VT1 of both circuits have narrower and longer channels compared to transistors VT2. Therefore, if both transistors VT1 and VT2 are open, then
. If a
, i.e.
, then the transistors VT2 are open. Since at the same time
, then the output voltage is close to zero (Fig. 5.13, c).

If a
, i.e.
, then the transistors VT2 are closed, and the transistors VT1 are on the verge of blocking. Wherein
and the output is set to a low negative level corresponding to logic 1.

Inclusion in the gate circuit of the transistor VT1 additional voltage source
increases the noise immunity of the LE.

On fig. 5.14, a shows a diagram of a two-input LE OR - NOT, made on complementary MIS transistors. Transistors VТЗ and VT4 connected in parallel with an n-type channel are control transistors, and transistors VT1 and VT2 with a p-type channel are load transistors. The control transistors form the lower, and the load transistors form the upper arm of the divider, from which the output voltage is removed.

Rice. 5.14. Schemes of logical elements OR - NOT (a) and AND - NOT (b) on KMDP transistors

If the inputs and low level voltage:
, then the transistors VТЗ and VT4 are closed. The source of the transistor VT1 with a p-type channel is connected to the plus of the source , so its gate voltage
and exceeds the threshold voltage in absolute value. Transistor VT1 is open, the resistance of its channel is small and the source voltage of transistor VT2 is close to the voltage
. Consequently, the transistor VT2 is also open, and the resistance of the upper arm is much less than the resistance of the lower arm. The output is set to a high level voltage close to the power supply voltage.

If at least one input or a high-level voltage is supplied, then the corresponding transistor of the lower arm opens, and the upper arm closes. The output produces a low level voltage close to zero.

In the logic elements AND - NOT KMDP-TL (Fig. 5.14, b), the control MOS transistors with an n-type channel VTZ and VT4 are connected in series, and the load ones with p-type channels are connected in parallel. The resistance of the lower arm will be small if both transistors VТЗ and VT4 are open, i.e. when at the entrances and voltages corresponding to logical units act. Wherein
and corresponds to logical zero. If there is a low voltage at one of the inputs, then one of the transistors VT1 or VT2 is open, and one of the transistors VT3 or VT4 is closed. In this case, the resistance of the upper arm is much less than the resistance of the lower arm, and the output voltage level corresponds to a logical unit.

KMDP-TL logic elements are characterized by low power consumption (tens of nanowatts), sufficiently high speed (up to 10 MHz or more), high noise immunity and power supply voltage utilization factor (
). Their disadvantage is the greater complexity of manufacturing compared to LE MDP-TL.

(Software) and data from copying, illegal use and unauthorized distribution.

Modern electronic keys

The principle of operation of electronic keys. The key is attached to a specific computer interface. Further, the protected program sends information to it through a special driver, which is processed in accordance with the specified algorithm and returned back. If the answer of the key is correct, then the program continues its work. Otherwise, it can perform developer-defined actions, such as switching to demo mode, blocking access to certain functions.

There are special keys capable of licensing (limiting the number of copies of the program running on the network) a protected application over the network. In this case, one key is enough for the entire local network. The key is installed on any workstation or network server. Protected applications access the key by local network. The advantage is that in order to work with the application within the local network, they do not need to carry a dongle with them.

The following product lines are best known on the Russian market (in alphabetical order): CodeMeter by WIBU-SYSTEMS, Guardant by Aktiv, HASP by Aladdin, LOCK by Astroma Ltd., Rockey by Feitian, SenseLock by Seculab, etc.

Story

Protecting software from unlicensed use increases the developer's profit. To date, there are several approaches to solving this problem. The vast majority of software developers use various software modules that control user access using activation keys, serial numbers, etc. Such protection is a cheap solution and cannot claim to be reliable. The Internet is replete with programs that allow you to illegally generate an activation key (key generators) or block a request for a serial number / activation key (patches, cracks). In addition, do not neglect the fact that the legal user himself can make public his serial number.

These obvious shortcomings led to the creation of hardware software protection in the form of an electronic key. It is known that the first electronic keys (that is, hardware devices for protecting software from illegal copying) appeared in the early 1980s, however, for obvious reasons, it is very difficult to establish primacy in the idea and direct creation of the device.

Software protection with an electronic key

Software Development Kit

Dongles are classified as hardware-based software protection methods, but modern dongles are often defined as multiplatform hardware-software tool systems for software protection. The fact is that in addition to the key itself, companies that issue electronic keys provide an SDK (Software Developer Kit - a software development kit). The SDK includes everything you need to start using the presented technology in your own software products- development tools, complete technical documentation, support for various operating systems, detailed examples, code snippets, automatic protection tools. The SDK may also include demo keys for building test projects.

Protection Technology

The technology of protection against unauthorized use of software is based on the implementation of requests from an executable file or a dynamic library to a key with subsequent receipt and, if necessary, analysis of the response. Here are some typical queries:

• checking the presence of a key connection;
• reading from the key the data necessary for the program as a launch parameter (used mainly only when searching for a suitable key, but not for protection);
• a request for decryption of data or executable code necessary for the operation of the program, encrypted during program protection (allows for "comparison with the standard"; in the case of code encryption, execution of undecrypted code leads to an error);
• a request to decrypt data previously encrypted by the program itself (allows you to send different requests to the key each time and, thus, protect yourself from emulation of the API libraries / the key itself)
• verification of the integrity of the executable code by comparing its current checksum with the original checksum read from the key (for example, by executing the digital signature of the code or other transmitted data by the key algorithm and checking this digital signature within the application; since the digital signature is always different - a feature of the cryptographic algorithm - this also helps to protect against API/key emulation);
• a request to the real-time clock built into the dongle (if any; can be performed automatically when the operating time of the hardware algorithms of the dongle is limited by its internal timer);
• etc.

It is worth noting that some modern keys (Guardant Code from Aktiv Company, LOCK from Astroma Ltd., Rockey6 Smart from Feitian, Senselock from Seculab) allow the developer to store their own algorithms or even separate parts of the application code (for example, developer-specific algorithms that receive input a large number of parameters) and perform them in the key on his own microprocessor. In addition to protecting software from illegal use, this approach allows you to protect the algorithm used in the program from being studied, cloned and used in its applications by competitors. However, for a simple algorithm (and developers often make the mistake of choosing an insufficiently complex algorithm to load), cryptanalysis can be performed using the "black box" analysis method.

As follows from the above, the "heart" of the electronic key is the conversion algorithm (cryptographic or other). In modern dongles, it is implemented in hardware - this practically excludes the creation of a full key emulator, since the encryption key is never transmitted to the dongle output, which excludes the possibility of its interception.

The encryption algorithm can be secret or public. Secret algorithms are developed by the manufacturer of protective equipment, including individually for each customer. The main disadvantage of using such algorithms is the impossibility of assessing cryptographic strength. It was only possible to say with certainty how reliable the algorithm was after the fact: whether it was hacked or not. A public algorithm, or “open source”, has incomparably greater cryptographic strength. Such algorithms are not tested by random people, but by a number of experts who specialize in the analysis of cryptography. Examples of such algorithms are the widely used GOST 28147-89, AES, RSA, Elgamal, etc.

Protection with automatic means

For most families of hardware dongles, automatic tools (included in the SDK) have been developed that allow you to protect the program "with a few mouse clicks". In this case, the application file is "wrapped" in the developer's own code. The functionality implemented by this code varies depending on the manufacturer, but most often the code checks for the presence of a key, controls the license policy (set by the software vendor), implements a mechanism to protect the executable file from debugging and decompilation (for example, compressing the executable file), etc.

The important thing is that you do not need access to the application's source code to use the automatic protection tool. For example, when localizing foreign products (when there is no possibility of interfering with the source code of the software), such a protection mechanism is indispensable, but it does not allow realize and use the full potential of electronic keys and implement flexible and individual protection.

Implementing Security with API Functions

In addition to using automatic protection, the software developer is given the opportunity to independently develop protection by integrating the protection system into the application at the source code level. To do this, the SDK includes libraries for various programming languages ​​that contain a description of the API functionality for this key. The API is a set of functions designed to exchange data between the application, the system driver (and the server in the case of network dongles), and the dongle itself. API functions provide execution various operations with a key: search, read and write memory, encrypt and decrypt data using hardware algorithms, network software licensing, etc.

Skillful application of this method provides a high level of application security. It is rather difficult to neutralize the protection built into the application due to its uniqueness and “fuzziness” in the body of the program. In itself, the need to study and modify the executable code of a protected application in order to bypass protection is a serious obstacle to breaking it. Therefore, the task of the security developer, first of all, is to protect against possible automated hacking methods by implementing their own protection using the key management API.

Security bypass

There was no information about the full emulation of modern Guardant dongles. Existing table emulators are only implemented for specific applications. The possibility of their creation was due to non-use (or illiterate use) of the main functionality of electronic keys by protection developers.

There is also no information about full or at least partial emulation of LOCK keys, or about any other ways to bypass this protection.

Hacking a software module

An attacker examines the logic of the program itself in order to, after analyzing the entire application code, isolate the protection block and deactivate it. Breaking programs is done by debugging (or stepping), decompiling, and dumping main memory. These methods of analyzing the executable code of a program are most often used by attackers in combination.

Debugging is carried out using a special program - a debugger, which allows you to execute any application step by step, emulating the operating environment for it. An important function of the debugger is the ability to set stopping points (or conditions) code execution. Using them, it is easier for an attacker to track the places in the code where accesses to the key are implemented (for example, execution stops on a message like "Key is missing! Check for the presence of the key in the USB interface").

Disassembly- a way to convert the code of executable modules into a human-readable programming language - Assembler. In this case, the attacker gets a printout (listing) of what the application is doing.

Decompilation- converting the executable module of the application into a program code in a high-level language and obtaining a representation of the application that is close to the source code. It can only be done for some programming languages ​​(in particular, for .NET applications created in C# and distributed in bytecode, a relatively high-level interpreted language).

The essence of the attack memory dump is to read the contents of RAM at the moment when the application started to execute normally. As a result, the attacker receives the working code (or the part of interest to him) in "pure form" (if, for example, the application code was encrypted and is only partially decrypted during the execution of one or another section). The main thing for an attacker is to choose the right moment.

Note that there are many ways to counteract debugging, and security developers use them: non-linear code, (multithreading), non-deterministic execution sequence, code “littering” (useless functions that perform complex operations in order to confuse an attacker), using the imperfections of the debuggers themselves, and others