The paper regards the issue of software protection key licenses. The essential aspects the paper touches upon are determination of the software programs and their level of protection, possible ways of protection, the ways of generating key licenses, emulation, etc. When emulation produces no impact on the application, the code does not compile, and the emulator, if it is possible to construct, simply repeats all the real key behavior. The software safety level means the probability that is obtained to achieve the suitable functional results under predetermined conditions during its operation. Normally, a software license authorizes the recipient to use one or several copies of the program. Without a license, such use would be considered as a violation of the copyright of the publisher under the law
Security software, in the broadest meaning of the term, is a feature of the software meant to operate without causing various negative consequences for a particular computer system. Reasons leading to functionally unsuitable results can be different. Frequently, they comprise of computer systems failures, errors of programmers and operators, and program defects. Defects are usually separated into two types: intentional and unintentional. The first type is usually the result of a malicious act, while the second is a simple human erroneous action. Licensed software is a legal instrument that defines the use and distribution of the copyrighted software. In fact, the license stands as a guarantee that the software publisher that owns exclusive rights to the program does not sue the person who uses it. Therefore, this paper will focus on software protection by license keys.
Overview and Definitions of Protection of Various Software
There are various types of licensed software. Abandonware is known to be the software that is no longer available for sale and is not supported by the manufacturer and from which the manufacturer is no longer receiving income. As a rule, these are the commercial programs, which for various reasons are no longer on the market. They usually distribute the copyright to a holder free of charge, but with a hard commitment to ban selling and even without the right to further free replication (Kiyomoto et al., 2013). In many cases, membership rights for the abandonware programs are not clear and proper clarification of the right holder itself is costly. In some cases, any company or site receives permission from the manufacturer to distribute such a program. Most often abandonware is spread by cyber pirates (Banescu et al., 2015). Hence, due to its features, the abandonware programs are not characterized by high levels of protection.
Adware is software that a user can use any number of free time, but when it is used the user is forced to watch advertisements. Hence, it is possible to state that this type of software is characterized by the lowest degree of protection for both the program itself and for the users. Software developers often advertise the fact that their programs are more functional and paid in such a way. In addition, adware includes programs that, unbeknownst to the user, change the browser’s homepage and search service installed by default, so it advertises services (Saxena, Veerubhotla & Ponnapalli, 2015). It should be noted, however, that such programs can be very helpful in terms of functionality, and some are even quite popular among the users worldwide. The basic point of Adware is that an implicit form of payment for the use of the software is carried out at the expense of the display of the advertising information. Respectively, advertisers pay their advertising agency, i.e. a developer of the Adware program, for impression advertising..
The lowest level of software protection is found in freeware programs. Free software is software that is characterized by exceptionally broad rights granted to users. Proponents of free software, as a rule, are free to use it for an unlimited period of time, as well as to distribute it any way they like and change the source code to improve it. A special license is created for free software to regulate the rights and obligations of authors and users (Kiyomoto et al., 2013). Moreover, the free software (freeware) programs have a number of significant differences. Certainly, these two software types have one thing in common: the lack of payment for the use. However, often under license Freeware users have no right to distribute the software, copy, modify, improve, give the right to others to distribute it, as well as perform other actions that are allowed when using free software. Often, but not always, the free software is characterized by the provided source code (Rasch & Wenzel, 2015). The essence of the protection in this case is the software license agreement which does not require any payment to the rights holder. Freeware is usually distributed in binary form, and frequently goes without any source code. Finally, it is necessary to mention that freeware is important to distinguish from free software that provides each addition to the right to use the software, the right to modify, and a number of other rights. Freeware can be distributed without source (code) and includes restrictions on commercial use, modification, etc. Unlike shareware, freeware does not involve any payments to the developer and no additional services, such as improved versions of this programs. Some free programs contain advertisements of different nature. According to the license, the user may use a program for free, but it is a carrier of advertising and, therefore, can not be of the freeware status. Such software should then be called adware.
Commercial software is characterized by the highest levels of software protection. It is a type of software, which is created in order to profit from its use by others, for example, by selling copies. This is the reason why software protection is extremely high in these cases. This software is protected by different laws (Saxena, Veerubhotla & Ponnapalli, 2015). The developers of commercial software do not provide trials or limited uses. In other words, it is possible to install the program only after full payment (Zhang et al., 2016). This approach is rarely used in the software world, because it does not allow the user to test the software before buying it.
Another type of programs which is associated with a high degree of protection is the so-called donateware, or, as it is frequently referred to, donationware. It is a licensing model in which the user gets fully functioning software with the ability to make a donation to the developer. The size of the donation may be fixed or chosen by the user on the basis of individual perception of the value of the software.
Our outstanding writers are mostly educated to MA and PhD level
General Public License is an open license agreement. GPL stands for “GPL’s not UNIX” – this is a recursive acronym coined by Richard Stallman, known ideologue of open and free software. The last time a version of the GPL was released was in 2007 (Kiyomoto et al., 2013). Changes to the license were designed to protect licensed users from lawsuits related to patents, because the creators of the program can not sue the user. GPL 3.0 prohibits the use of licensed software, which is prohibited to “get” some of the laws and directives (Digital Millennium Copyright Act and the European Union Copyright Directive). In other words, it means that it can not be released under a license of any software to be made under these directives. Thus, the GPL 3.0 makes sure that any software that is released under its license is free to modify, circumvent, or improve. In general, the distributor of the program obtained under the GPL or any program based on such are obliged to give the recipient the opportunity to obtain the corresponding source code. The protection of software can be accompanied by the numerous restrictions (Kiyomoto et al., 2013). The most popular types of restrictions are limiting the time of use, number of starts, the number of levels (in games); the absence of a number of features; blocking access to important functions, such as saving a file; adding additional information to a stored file, such as a signature (watermark) on an image or a video editing programs (Oberhagemann, Oppermann & Steuer, 2013). In accordance with the license, after the trial period you need to purchase or uninstall the program. After purchasing the software, the user receives the code to remove restrictions or a single full version of the program.
Protect Software from no License
Developers can increase their profits by protecting software from unlicensed use. Several approaches have been developed to deal with issue. Different creators choose different methods to control the users accessing their software with the help of serial numbers, activation keys, etc. (Saxena, Veerubhotla & Ponnapalli, 2015). Many of those methods are quite cheap and can not be relied upon. The Internet is rife with programs allowing users to generate activation keys illegally or block serial number requests. Moreover, the fact that even a legitimate user can publish their serial number cannot be ignored.
Such deficiencies have led to such software for hardware protection as electronic keys. The first electronic key was created in the 1980s. However, the instance when the idea was first developed is difficult to establish.
Software Protection via Dongle
Dongle refers to the hardware protection method based on modern electronic keys. It is often referred to as the multi-platform hardware and software tools for system protection software. The fact is that the key companies producing electronic keys also provide SDK (Software Developer Kit) (Shaikh & Londhe, 2016). The SDK includes everything a user needs to start using the technology provided to one’s own software products: development tools, complete technical documentation, support a variety of operating systems, detailed examples, code snippets, and automatic protection tool (Kiyomoto et al., 2013). The SDK can also include demo keys for building test projects.
Technology protection against unauthorized use of software is built on the implementation of the requests from executable files or dynamic link libraries to the key followed by the receipt and, if provided, the analysis of the response. Here are some typical questions: check for the connection key; reading the necessary key program data as a startup parameter (mainly used only for suitable key finding, but not for protection); a request for decryption of data or executable code required to run the program in protecting the encrypted program (allows “a comparison with the standard”, in cases of code encryption, to perform an undeciphered code that results in an error (Rasch & Wenzel, 2015). Moreover, there can be a request for decrypting data encrypted by the program earlier. That allows you to send different queries to the key and protects against emulation API / libraries of the key. It may also check the integrity of the executable code by comparing its current checksum to the original checksum read from the key. For example, by performing with an electronic code or other data transmitted by a key algorithm and verification of electronic signatures within the application, as the electronic signature is always different. As a feature of cryptographic algorithm it also helps protect against emulation API/key. A request to the built-in real time clock key if available, can be carried out automatically by limiting working time hardware key algorithms for its internal timer (Kiyomoto et al., 2013).
It should be noted that some modern software protection key licenses allow developers to store their own algorithms, or even parts of the application code (for example, specific algorithms developer receiving a large number of parameters input), and perform them in the key on their own microprocessor (Tian et al., 2013). In addition to protecting software against illegal use of this approach to protect the algorithm used in the program of study, the cloning and the use of its competitors applications. However, a simple algorithm (and developers often make the mistake of choosing to use a complex enough algorithm) can be carried out by analyzing the method of cryptanalysis known as “black box.”
As follows, the ‘heart’ of the electronic key is the conversion algorithm (cryptographic or other). In modern keys, it is implemented in hardware. It is virtually impossible to create a complete emulator key as the encryption key, because it is never transmitted to the output dongle that excludes the possibility of intercepting it.
The encryption algorithm can be either public or secret. Secret algorithms are developed by the manufacturer of protective equipment, including individually for each customer. The main disadvantage of the use of such algorithms is the impossibility of evaluating cryptographic strength (Zhang et al., 2016). It is possible only after the fact to learn whether it is hackable or not. Public or “open source” algorithms are incomparably more cryptographically strong. Such algorithms are checked not by random people, but a number of experts specializing in the analysis of cryptography.
Protection by Automatic Means
The majority of the hardware keys’ families are developed on the basis of the automatic tools, allowing to protect the program in “a few mouse clicks.” This application file is “wrapped” in a private developer code. This code’s realized functionality varies by manufacturer, but most of the code checks the availability of key licensing policy control (specified software vendor), introduces the mechanism of protection of the executable file of the debugging and decompiling (compression of the executable file), etc.
In addition to the use of automatic protection, a software developer must have the opportunity to develop their own protection, integrating the system of protection in the application at the source level. To do this, the SDK includes libraries for various programming languages, containing the API functionality for this key. API is a set of features designed for the exchange of data between the application, system drivers (and the server in the event of network key), and the key itself. API functions provide performance of various operations with the key: search, read and write memory, the encryption and decryption of data using hardware algorithms, network licensing software, etc.
Skillful application of this method provides a high level of security applications. It is rather difficult to neutralize the protections built into the app, because of their uniqueness and “blur” in the body of the program. By itself, the need to study and modify executable code of the protected application to bypass the security is a serious obstacle to its breaking (Kiyomoto et al., 2013). Therefore, the task of protecting the developer in the first place is possible through automated methods of breaking through the implementation of self-protection, using API works with the keys.
Task attacker is generally used to make a protected program operate in the absence of a legal key which is connected to the computer. Without going deeply into technical details, the assumption that the attacker has the following features can be accepted: intercept all calls to the key; record and analyze these appeals; send requests to the key and get answers; log and analyze those responses; send responses from the key name, etc. Such opportunities can be explained by the enemy that has access to all open interfaces, documentation, drivers, and can analyze them in practice with the involvement of any means. In order to make the program work the way it would work with the key, one has to make corrections to the program (hack its software module), or simulate the presence of a key by intercepting calls to the key exchange library API.
It is worth noting that modern electronic keys (key generation Guardant Sign and modern keys HASP HL) provide strong encryption electronic key exchange protocols. API library works with a key. As a result, the most vulnerable place is the point of this API function call in the application and the processing logic of their result.
Key Emulation
When emulation, no impact on the application code and the emulator occurs if it is possible to construct simple repeats of all the real key behavior. Emulators are based on the analysis of the captured application and the responses to them are key requirements (Hu, 2014). They can be both tabular (contain all the necessary programs responding to requests to the dongle) and complete (fully emulates the key, as hackers become known internal algorithms).
Building a full emulator of a modern electronic key is a time consuming process that requires a lot of time and significant investments. Previously, it was possible for attackers. For example, the company Aladdin acknowledges that in 1999 attackers managed to develop a properly working emulator for HASP3 and HASP4 key. This was made possible due to the fact that the key they used was a proprietary encryption algorithm, which has been hacked. Now, most use public key crypto algorithms, so hackers attack particular protected products, instead of protective mechanisms in general (Bahaa-Eldin & Sobh, 2014). Advanced protection systems and Guardant HASP emulators are freely available. The situation is the same with public key cryptosystem.
Information about the complete emulation of modern keys is not met by Guardant to the fullest extent. Existing table emulators implemented specific applications only. The possibility of their creation was non-use (or illiterate use) of basic functional electronic key security software developers. There is no information on the full or at least partial emulation LOCK key or any other ways to bypass this protection.
Conclusion
One of the fundamental problems of technical means of protection is that it will inevitably create inconveniences for the user. Therefore, from the point of view of the user, the program hacked is in some sense better than the original. To improve the protection of software, it is necessary to solve a number of problems. For instance, unprotected programs works, in general, faster than the protected ones. “Cracked” programs do not need the original media, if you do not use the CD-ROM drive, so a laptop’s running time increases significantly. In addition, some models of laptops may not have CD-ROM drives altogether. When using USB-keys, they may not have enough ports to all necessary equipment or no such things at all. Electronic keys may cause physical discomfort when dealing with protected software on the laptop. J2ME-programs will disappear after flashing the phone, and it is impossible to make them back up. For these reasons, even the owners of licensed copies sometimes get hacked software on a par with the license.