Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP.

Published byClaire Copeland Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP."— Presentation transcript:

1 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP HL, HASP4, HASP SL, HASP TT, are trademarks or registered trademarks of Aladdin Knowledge Systems, Ltd. All other product and brand names mentioned in this presentation are trademarks or registered trademarks of their respective owners. Yariv Drory International Technical Support Manager June 2007

2 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. In This Presentation The threats and the causes The solutions Security enhancements in HASP SRM Maximizing protection with HASP SRM

3 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. The Threats Decrease in income –One license used by many users –“Free” copies are downloaded –Distributors sell more than they report Waste of R&D resources –Invest in protection rather than development

4 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Why crack an application? Fame Challenge Money

5 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Who is Behind the Cracks? Fame –Programmers who think they are better –Professional crackers (“see what else I have in my site”) Challenge –Professional (practice) –Hobby Money –Professional crackers

6 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Types of cracks Emulators: –Imitate behavior of S/W or H/W –Replay attack Application patches: –Parts of non-HASP-protected Apps –Poorly protected Apps

7 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. How Do They Crack? File replacement –Beta versions –Demo –Technicians code Tools –Debuggers –Disassemblers –Google

8 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. How to prevent cracks? Make it not worthwhile –Expensive –Long working hours –Boring In other words… Use HASP SRM

9 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Use the HASP Envelope Multi-layered random encryption Strong anti-debugging DataHASP – driver-level protection Obfuscation & Encryption of.NET Classes Background checks

10 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Security Enhancements via a simple Firmware update Opens a dormant section in HASP HL HASP HL keys in the field are HASP SRM-ready! Current HASP HL: HASP4 backward compatible Single AES encryption for all features 4 KB Read/write memory 112 protected programs HASP SRM: AES encryption per Feature Secure channel Larger memory + ROM More Features

11 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Secure Memory 112 bytes read only 12-39 features/apps 112 bytes read/write (protected) + + Pro Max, Time, Net, NetTime + 112 bytes legacy 2 KB read only 58-234 features/apps 4 KB read/write (protected) + + + 4 KB legacy

12 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. HASP DriverHASP Lib Protected Software Secure Communication Channel Eavesdropping Replay attack Man-in-the-middle Attacks Secure communication channel

13 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. LicenseOnChip Hardware “understands” and protects license logic

14 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Multiple Encryption Keys Unique protection for every feature Software-based protection doesn’t compromise hardware-based protection Feature 1 Feature 3 Feature 2 Enc Key 1 Enc Key 3 Enc Key 2 Enc Key n Feature n

15 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Vendor-Unique HASP SRM System Developer installs HASP software HASP HASP system generates API libs with embedded Vendor secrets HASP Developer introduces Developer key HASP Developer introduces Master key to get Vendor Library from Aladdin web

16 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Vendor keys - HASP SRM Master Keeps vendor private identifiers secure Contains licenses to use HASP SRM Used for customization of the runtime API per vendor Needed for signing updates and activation Contains RSA Private Key for encrypting updates

17 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Don’t Rely on ‘if’ Statements 00022B31: cmp cx,0 00022B33: jne 000022B42 00022B35: mov ax,00001 ;Go 00022B41: retn 00022B42: jmp 00002E660 ;No Go 00022B31: cmp cx,0 00022B33: nop ;Ignore the HASP check 00022B35: mov ax,00001 ;Go 00022B41: retn 00022B42: jmp 00002E660 ;No Go

18 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Encrypt Data Encrypt internal and external data Encrypt random data using AES Use DataHASP Use the HASP ROM Decrypted Data AES HASP HL HASP SL Encrypted Data

19 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Security Traps Use some of the traps rarely Don’t respond immediately Usually, don’t respond Save indication in the HASP memory

20 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Questions?

21 © 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Summary The threats and the causes The solutions Security enhancements in HASP SRM Maximizing protection with HASP SRM

Download ppt "© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP."

Similar presentations

Vpn-info.com.

Vpn-info.com.
A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.
Using SharePoint Server 2007 for Site and Enterprise Search at Monsanto Company Vincent L. Arter, Jr. Project Lead Portals and Collaboration Monsanto.

Using SharePoint Server 2007 for Site and Enterprise Search at Monsanto Company Vincent L. Arter, Jr. Project Lead Portals and Collaboration Monsanto.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
E-mail Protection Through Software and Services James Hamilton General Manager Microsoft Corporation.

Protection Through Software and Services James Hamilton General Manager Microsoft Corporation.
Chapter 9 Security 9.7 - 9.8 Malware Defenses. Malware Can be used for a form of blackmail. Example: Encrypts files on victim disk, then displays message.

Chapter 9 Security Malware Defenses. Malware Can be used for a form of blackmail. Example: Encrypts files on victim disk, then displays message.
MSP432™ MCUs Training Part 7: Security

MSP432™ MCUs Training Part 7: Security
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
Copyright Microsoft Corp. 2006 Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.
Internet Explorer Opportunities For Partners Margaret Cobb Product Manager IE Group Microsoft Corporation.

Internet Explorer Opportunities For Partners Margaret Cobb Product Manager IE Group Microsoft Corporation.
UniKey Software Protection Solutions, Products & Services All Rights Reserved © 2008. SecuTech Solution Inc.

UniKey Software Protection Solutions, Products & Services All Rights Reserved © SecuTech Solution Inc.
Introduction to HASP ® Software DRM Solutions, Products, Benefits All Rights Reserved © 2005. Aladdin Knowledge Systems.

Introduction to HASP ® Software DRM Solutions, Products, Benefits All Rights Reserved © Aladdin Knowledge Systems.
Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.

Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.
©2012 Check Point Software Technologies Ltd. Cloud Security Tamir Zegman Architect.

©2012 Check Point Software Technologies Ltd. Cloud Security Tamir Zegman Architect.
Www.ahsay.com. Company Background  Leb Shama Company Limited  Founded in 1999  Focus – Online backup software development  Business Strategy - Rely.

Company Background  Leb Shama Company Limited  Founded in 1999  Focus – Online backup software development  Business Strategy - Rely.
Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.
Cost effective marketing Aileen Hunter Little Voice Communications Ltd 07918 083951 www.littlevoicecommunications.com.

Cost effective marketing Aileen Hunter Little Voice Communications Ltd
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Similar presentations

Ads by Google