> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Weyert de Boer > > > Genuine Dongles? What about dumping dongle data and then use a dongle > emulator?
I'm glad you asked! =) Making a totally un-copyable dongle is actually pretty trivial. There are many USB microcontrollers that have Flash-ROM embedded in the chip, allowing you to "lock" the memory once its programmed -- no way to read it, even if you physically dismantle the circuit, except through the program's pre-programmed outputs. Using a combination of book encryption and hashing algorithms, you can essentially have gigabytes of random data that can only be expressed through the microcontroller's pre-programmed USB outputs. Using a deliberate delay in the microcontroller, it could take 10 seconds to verify any one arbitrary key. Even if a straight year was spent downloading keys, the counterfeit would only have one answer for every 100 verifications. The PC then only stores one-way encrypted versions of the "answers", so even the PC does not know what the dongle will answer (making it impossible to steal keys from the PC). To see if the dongle answered correctly, the dongle's answer is encrypted using the same one-way encryption, and that is compared to the PC's already encrypted answers. - Kipp PS. There are ways of hacking these chips, involving slicing the top of the microchip off in a clean-room, running gold thread to the memory controller and reading the embedded memory directly. Haha. _______________________________________________ Flashcoders@chattyfig.figleaf.com To change your subscription options or search the archive: http://chattyfig.figleaf.com/mailman/listinfo/flashcoders Brought to you by Fig Leaf Software Premier Authorized Adobe Consulting and Training http://www.figleaf.com http://training.figleaf.com
