Wibu-Systems White Paper | Seite 26

The strengths of CodeMeter are clearly apparent. The following table shows the security-relevant aspects where the dongle solution is far superior to the activation solution. CodeMeter Advantages Description Firmware runs protected in the hardware The firmware, i.e. key storing and calculation, and the related encryption and decryption are safely protected and run in the CmStick’s smartcard chip. The hacker cannot analyze the chip because it represents a black box. Hardware is able to be locked In case you detect an attack within your software (this is done automatically by our tools), you are able to send a lock command to the CmStick directly from within your software. This command locks all your licenses, i.e. those in your FIRM ITEM. You are able to reactivate these licenses by remote programming. However, until reactivation the CmStick behaves as if those licenses (and the keys involved) were not present. The hacker does not have a second try. Counters cannot be set back by a backup Counters are safely stored in the CmStick’s smartcard-Chip. The “counter values” cannot be manipulated from the outside and cannot be reset by installing a backup. Deleted licenses cannot be set back by a backup Licenses which have been deleted in a CmStick no longer exist. By transfer of a receipt, the developer is sure that the license does not exist in the current CmStick, and also is irretrievable. Expiration Time and Usage Period are checked against the internal clock All times and dates used, such as, EXPIRATION TIME and USAGE PERIOD are checked against the clock running internally in the smartcard chip. The recorded times cannot be manipulated; the internal clock cannot be set back. Consequently, an expired license is irretrievable. For futher security, the developer can update the internal clock via a CodeMeter Certified Time Server. License Portability The user wants the convenience of using software legally purchased on different computers (home, office, etc). The developer wants to make sure that his programs are not used illegally on multiple computers. With CodeMeter, both the user and developer are winners; since the license is contained on the CmStick, the user can move it by simply relocating the CmStick. And the developer knows that while his program may be installed on more than one system, it can only be used on one of them at a time. Security against license loss by viruses and other malware Programming (create, edit, delete) of a license in a CmStick is secured by cryptography. Only you with your FSB are able to delete entries. No virus is able to destroy the user’s licenses. Table 7: Hardware Advantages 6.3 One License Entry – Many Keys The software is encrypted at runtime on the user’s PC. At runtime the communication between the software and the license is encrypted (in the case of CodeMeter even as far as into the CmStick). A common practice among hackers is to use a “record / playback” tool at the interface in order to discover the encryption key. This is not possible with the CodeMeter System because WIBU-SYSTEMS uses the concept of alternating keys. Each license entry provides a set of 4 billion different keys to be used for the protection of the ???????Q???)????????????????????? ?M?????? ???5???????????????????????Q???????????? ???5??????) ???5????????????????????????((??????((0