KEYnote 45 English - Spring/Summer 2023 | Page 11

a thousand times over . In practice , this means that a simulator created by recording all sequences would never be complete and would be severely limited in its capabilities .
Mr X : But what about software updates ?
Are we using the same key then ? Or would it be safer to create a new license with every update , even minor ones ?
My answer : No it would not . You can protect each update with the same license . That is the point : CodeMeter does not only give you secure protection , it also simplifies the licensing process . Behind every license , there is a root key , the Product Item Secret Key ( PISK ), from which the required CodeMeter keys are created during encryption ( on the CmDongle ). The keys are derived from a checksum of the application that you want to protect .
Same application / Same license � Same key � Same protected application .
Different application ( e . g . after a mini update ) / Same license � Different key � Different protected application .
Mr X : My colleagues managed to read our own keys on one of our chips via a side channel attack . Wouldn ’ t that work with a CmDongle as well ?
My answer : Again , we are using several countermeasures : We are using a secure smart card chip that is equipped with means against side channel attacks by the manufacturer . And we have some of our own tricks in the firmware . Finally , the PISK cannot be used directly , so that you could not attack the root key directly .
C ++ application is better than a . NET application ? With . NET , you have intermediate code that is more easily read out than machine code .
My answer : Paradoxically , the opposite is true . With AxProtector . NET , you have a far higher level of protection than with AxProtector Windows because the intermediate code is easier to read . AxProtector Windows encrypts and decrypts the entire application in one go , whereas AxProtector . NET breaks the application down into individual functions that it encrypts piece by piece . During runtime , only the pieces that are actively being used are decrypted , turned into machine code , and then immediately removed from working memory again . That raises the bar of protection massively .
Mr X : Could an attacker not simply read out and decrypt every function of a . NET application ?
My answer : In theory , that is possible .
You call this static analysis , because the code is not being executed , as it would be with dynamic analysis . AxProtector . NET has traps built in to prevent this . These traps look like regular code , but they would lock the license when an attacker decrypts them . The license would be useless . You could not continue to decrypt the rest of the application , even by static analysis , once the trap has been sprung .
With a native application , e . g . in C / C ++, Delphi , Fortran etc ., you can also choose dynamic decryption during runtime and include traps , but this would force you to define those functions and traps in the application . In essence , it means a bit more work on your side .
Mr X : What would you recommend if I wanted the highest possible level of protection with CodeMeter and AxProtector ?
My answer : For C / C ++ applications , we have introduced a new type of obfuscation in AxProtector . We call it CTP ( Compile Time Protection ). It works by changing the application when it is compiled so that its structure would be unrecognizable . The technology goes far beyond the IP Protection mode and it can be used with or without CodeMeter license . However , you need a Clang compiler for the purpose .
If you are using a CmDongle or a CmCloudContainer , I would then suggest that you move particularly sensitive code into the CmContainer . The code is written by you , encrypted , and moved into the CmContainer to be decrypted and executed . We call this mechanism Code- Moving , and it is our top weapon against reverse engineering , because no would-be attacker would ever get to see the code which never touches the computer ’ s memory in unencrypted form .
The two people facing me thanked me for the complete and technically detailed explanations of CodeMeter ’ s security capabilities , including my honest words about the potential limitations of our technology . It is Wibu-Systems ’ openness about these details that speaks in favor of CodeMeter . Even 140 years ago , Auguste Kerckhoff knew that real security cannot come from keeping the mechanisms and principles secret : It is the key that has to stay secret . And , as my new customers agreed , a CmDongle is the perfect place to keep a key safe and secure .
Mr X : And how secure is the IP Protection mode if it allows me to use the software without a CodeMeter license ?
My answer : To be frank , this type of protection cannot rival the level of protection offered by a CodeMeter license . With a CodeMeter license , you have the software linked to a key that is kept in secure key storage . With the IP Protection mode , the software key is encrypted , but it is kept in the protected application . Hiding the key is one of our , pardon the pun , key competences , but separating the software and the license naturally increases the level of protection .
Mr X : Did I understand it correctly that the automatic protection of a native C /
0101001010101010101001010101010100 1010101001010101010100101010101010 1001010010101010010101010101001010
Encrypted 1010101010010100101001010010101010 1010101001010101001010101010100100 1010101010101001010010101010010101
Code 0101010010101010101010010100101001 0100101010101001010101010101010101
Imput
Decryption
0101001010101010101001010101010100 1010101001010101010100101010101010 1001010010101010010101010101001010
Moved 1010101010010100101001010010101010 1010101001010101001010101010100100 1010101010101001010010101010010101
Code 0101010010101010101010010100101001 0100101010101001010101010101010101
Interpreter-RAM ( Sandbox )
CmDongle / CmCloudContainer
Output
11