© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP.

Slides:

Advertisements

Similar presentations

Advertisements

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

RIVERSIDE RESEARCH INSTITUTE Helikaon Linux Debugger: A Stealthy Custom Debugger For Linux Jason Raber, Team Lead - Reverse Engineer.

Using SharePoint Server 2007 for Site and Enterprise Search at Monsanto Company Vincent L. Arter, Jr. Project Lead Portals and Collaboration Monsanto.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Protection Through Software and Services James Hamilton General Manager Microsoft Corporation.

Chapter 9 Security Malware Defenses. Malware Can be used for a form of blackmail. Example: Encrypts files on victim disk, then displays message.

MSP432™ MCUs Training Part 7: Security

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Internet Explorer Opportunities For Partners Margaret Cobb Product Manager IE Group Microsoft Corporation.

UniKey Software Protection Solutions, Products & Services All Rights Reserved © SecuTech Solution Inc.

Introduction to HASP ® Software DRM Solutions, Products, Benefits All Rights Reserved © Aladdin Knowledge Systems.

Code Injection and Software Cracking’s Effect on Network Security Group 5 Jason Fritts Utsav Kanani Zener Bayudan ECE 4112 Fall 2007.

©2012 Check Point Software Technologies Ltd. Cloud Security Tamir Zegman Architect.

Company Background  Leb Shama Company Limited  Founded in 1999  Focus – Online backup software development  Business Strategy - Rely.

Security Squad Keeping your Equipment and Information Safe Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part.

Cost effective marketing Aileen Hunter Little Voice Communications Ltd

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Software Licensing, Made Simple SELECT Server XM Edition

Using cryptography to protect data in networks. Summary National Taras Shevchenko University of Kiev Ukraine Vsevolod Ievgiienko.

Application Security Tom Chothia Computer Security, Lecture 14.

Information Systems Security Computer System Life Cycle Security.

Lesson 14: Installing and Uninstalling Programs how to install a new program what to do if the new program doesn’t work how to uninstall a program © CCI.

Copyright © DivXNetworks, Inc. All Rights Reserved. DivX is a registered trademark of DivXNetworks, Inc. SLIDE 2 © DivXNetworks, Inc. 19 September 2015.

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.

Mark Aslett Microsoft Introduction to Application Compatibility.

Advanced Windows 8 Apps Using JavaScript Jump Start Exam Prep M5: Data, Files, and Encryption Michael Palermo Microsoft Technical Evangelist Jeremy.

“TK8 Safe” – Easy-to-use, secure password manager Download a free trial copy: Product Info Highlights TK8 Safe is a perfect password manager.

Ryan Hemmy.  The ultimate goal is to create a single efficient and lightweight program that both unifies features of existing programs and offers unique.

RL78 Code & Dataflash.

Sony Pictures Confidential Watermarking in AACS. Sony Pictures Confidential SPE Forensic Watermarking Goals Goals: – Identify the device that was compromised.

WLANs & Security Standards (802.11) b - up to 11 Mbps, several hundred feet g - up to 54 Mbps, backward compatible, same frequency a.

HASP ® SRM Enabling Business Growth through Software Rights Management All Rights Reserved © 2007 Aladdin Knowledge Systems. Yariv Drory International.

Build Your Business by making the Right Connections.

OARN Database UPDATE – SEPTEMBER We’re Live – and Testing  The site is up and running in Google’s data centers:  The site has been secured: 

November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.

Wireless and Mobile Security

CIS 325: Data Communications1 Chapter Seventeen Network Security.

EzCheckprinting Offers QuickBooks And Quicken Customers A New Quick Start Guide For Ease of Use 1888PressRelease - Halfpricesoft.com assists business owners.

QuickBooks Users Get New ezCheckprinting Instructions On Easy Printing On Blank Check Stock 1888 PressRelease - Halfpricesoft.com accommodates business.

Copyright © 2015 Cyberlight Global Associates Cyberlight GEORGIAN CYBER SECURITY & ICT INNOVATION EVENT 2015 Tbilisi, Georgia19-20 November 2015 Hardware.

1 Information Security – Theory vs. Reality , Winter Lecture 12: Trusted computing architecture (cont.), Eran Tromer Slides credit:

Giuseppe Bianchi Warm-up example WEP. Giuseppe Bianchi WEP lessons  Good cipher is far from being enough  You must make good USAGE of cipher.

©2012 Check Point Software Technologies Ltd. [PROTECTED] — All rights reserved. Securing Your Data in Endpoint and Mobile Environments Frank Suijten Security.

John Samuels October, Why Now?  Vista Problems  New Features  >4GB Memory Support  Experience.

Virus Removal Support Services. H OW TO K EEP Y OUR C OMPUTER F REE F ROM V IRUS T HREAT ? Virus can attack your PC any time without any.

Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.

Reverse Engineering Contemporary Countermeasures By: Joshua Schwartz.

©2016 Aegate. All rights reserved. Aegate and the Aegate logo are among the trademarks or registered trademarks owned by or licensed to Aegate Limited.

MiLazyCracker Kevin Larson.

Hardware-rooted Trust for Secure Key Management & Transient Trust

Chapter 3 Installing and Learning Software

Business Connectivity Services in SharePoint 2010 and Office 2010

Windows Store for Business

Ian Ramsey C of E School GCSE ICT Smart working Software choices.

The Application Lifecycle

Chap 10 Malicious Software.

NEW PRODUCT INTRODUCTION CONEKT™ Mobile Smartphone Access Control Identification Solution June 2018.

Chap 10 Malicious Software.

Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow

Segmentation Observation: Programmers don’t think in pages!

Desktop App Assure Service Microsoft Representative Name June 7, 2019

Presentation transcript:

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Aladdin, Aladdin Knowledge Systems, the Aladdin Knowledge Systems logo, HASP, HASP SRM, HASP HL, HASP4, HASP SL, HASP TT, are trademarks or registered trademarks of Aladdin Knowledge Systems, Ltd. All other product and brand names mentioned in this presentation are trademarks or registered trademarks of their respective owners. Yariv Drory International Technical Support Manager June 2007

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. In This Presentation The threats and the causes The solutions Security enhancements in HASP SRM Maximizing protection with HASP SRM

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. The Threats Decrease in income –One license used by many users –“Free” copies are downloaded –Distributors sell more than they report Waste of R&D resources –Invest in protection rather than development

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Why crack an application? Fame Challenge Money

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Who is Behind the Cracks? Fame –Programmers who think they are better –Professional crackers (“see what else I have in my site”) Challenge –Professional (practice) –Hobby Money –Professional crackers

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Types of cracks Emulators: –Imitate behavior of S/W or H/W –Replay attack Application patches: –Parts of non-HASP-protected Apps –Poorly protected Apps

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. How Do They Crack? File replacement –Beta versions –Demo –Technicians code Tools –Debuggers –Disassemblers –Google

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. How to prevent cracks? Make it not worthwhile –Expensive –Long working hours –Boring In other words… Use HASP SRM

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Use the HASP Envelope Multi-layered random encryption Strong anti-debugging DataHASP – driver-level protection Obfuscation & Encryption of.NET Classes Background checks

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Security Enhancements via a simple Firmware update Opens a dormant section in HASP HL HASP HL keys in the field are HASP SRM-ready! Current HASP HL: HASP4 backward compatible Single AES encryption for all features 4 KB Read/write memory 112 protected programs HASP SRM: AES encryption per Feature Secure channel Larger memory + ROM More Features

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Secure Memory 112 bytes read only features/apps 112 bytes read/write (protected) + + Pro Max, Time, Net, NetTime bytes legacy 2 KB read only features/apps 4 KB read/write (protected) KB legacy

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. HASP DriverHASP Lib Protected Software Secure Communication Channel Eavesdropping Replay attack Man-in-the-middle Attacks Secure communication channel

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. LicenseOnChip Hardware “understands” and protects license logic

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Multiple Encryption Keys Unique protection for every feature Software-based protection doesn’t compromise hardware-based protection Feature 1 Feature 3 Feature 2 Enc Key 1 Enc Key 3 Enc Key 2 Enc Key n Feature n

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Vendor-Unique HASP SRM System Developer installs HASP software HASP HASP system generates API libs with embedded Vendor secrets HASP Developer introduces Developer key HASP Developer introduces Master key to get Vendor Library from Aladdin web

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Vendor keys - HASP SRM Master Keeps vendor private identifiers secure Contains licenses to use HASP SRM Used for customization of the runtime API per vendor Needed for signing updates and activation Contains RSA Private Key for encrypting updates

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Don’t Rely on ‘if’ Statements 00022B31: cmp cx, B33: jne B B35: mov ax,00001 ;Go 00022B41: retn 00022B42: jmp 00002E660 ;No Go 00022B31: cmp cx, B33: nop ;Ignore the HASP check 00022B35: mov ax,00001 ;Go 00022B41: retn 00022B42: jmp 00002E660 ;No Go

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Encrypt Data Encrypt internal and external data Encrypt random data using AES Use DataHASP Use the HASP ROM Decrypted Data AES HASP HL HASP SL Encrypted Data

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Security Traps Use some of the traps rarely Don’t respond immediately Usually, don’t respond Save indication in the HASP memory

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Questions?

© 2007 Aladdin Knowledge Systems Ltd. All rights reserved. Summary The threats and the causes The solutions Security enhancements in HASP SRM Maximizing protection with HASP SRM