Thursday, February 12, 2009

How UniKey Hardware Keys Help Us Improve The Product’s Security.[By Michael Ricci]

How UniKey Hardware Keys Help Us Improve The Product’s Security.
Better security through UniKey


When we began work on the UniKey security keys (http://www.esecutech.com/), our Engineers were to find a device that would be an adequate deterrent to software piracy thefts. While we understand that complete security is impossible in open systems like PCs, we wanted to make it hard enough to break that would-be hackers would look elsewhere.

Software license is that the software publisher grants a license to use one or more copies of software, but that ownership of those copies remains with the software publisher. One consequence of this feature of proprietary software licenses is that virtually all rights regarding the software are reserved by the software publisher. Only a very limited set of well-defined rights are conceded to the end-user.

In an effort to show that UniKey security keys were more than smoke-and-mirrors, I submitted an article to my blog that gave significant details on how the UniKey USB security key worked (http://softwarecopyprotectionsecuritykeys.blogspot.com/). There are some real ferrets out there.

I was not disappsointed. UniKey responded with a variety of suggestions and judgements. The most common response we got from UniKey support team is that there is a technical support ticket system to help me work with them. While there are many articles at their website www.esecutech.com/ indicating how easy it is to integrate the keys, the articles I read assume that your questions are available. In our case, the questions are not available.

Let's assume that enterprising intruders are able to analyze the data on the USB bus, collect a sufficient number of values, and apply the appropriate effort to determine the key values. Is the usefulness of the UniKey over? Not really. An intruder cannot use information to clone another key.It is impossible (even with that information) for a program communicating with a UniKey by using the correct keys to change the key values on the device. The keys are not stored in memory that can be accessed by any program, even if it knows the keys. The bottom line is that this approach cannot change a hardware key for product A to be modified to become a key for product B.

UniKey dongles are driverless dongles and available in standalone, network and real time. Using a software developer’s kit, software developers can protect applications with the right hardware key by calling for the dongle’s presentation. UniKey API protection scheme ensures the highest security for software vendors.

We appreicate the HID technology which let us forget the dongle NOT FOUND problem of other brand dongles, and we also appreciate the review and feedback we received from UniKey technical support Team and other UniKey end users. It help us a lot to improve our software’s security. The software development customers don't have to change the code with Unikey envelop secuirty technology, and the security is improved. We aren't so naïve as to believe that UniKey provides an unbreakable solution, but we do believe that the time and effort required to crack and bypass the security is sufficiently high that intruders will look for easier targets.

SecuTech Solution Inc. offers several ready license protection solutions along with UniKey. UniKey takes the role of hardware ID and works as the container of digital credentials. UniKey Software Protection System provides a completed set of tools and samples for software vendors to control their software's distribution.

No comments:

Post a Comment