...
- Automatic protection of executables
- Protection using Guardant API
Protection Principle
Software/hardware Guardant dongle serve for protecting software against computer piracy: illegal copying, distribution and use of applications.
The protection system is based on using a dongle. Dongle is a small electronic device, which connects to a computer. Protected applications are ‘bound’ to the information contained in a dongle.
In general terms the system’s principle of operation looks as follows:
- The protected application accesses the dongle, which should be connected to the computer
- The dongle returns some information to the application
- The application identifies the dongle using this information. If the dongle contains valid parameters, the application continues to operate. If the dongle’s parameters are invalid (not the right dongle) or the dongle is missing, the protected software application halts
Automatic protection
This method is based on the processing of executable files (Win PE) by the Guardant automatic protection utility. As a result, the application gets tied to the dongle and gains protection against debuggers and disassemblers. The automatic protection has a range of options (modes), which serve for adjusting an application for the dongle parameters (tie it to the ID, serial number, etc.), limiting the number of launches or running time of the application, encrypting it. The option of time-to-time dongle verification is also supported.
The main advantage of this method is the short timeframe that it requires for setting up the protection. This process takes just a few minutes. Besides, this does not require any special skills. This method is useful even when the source code of the application is missing and the development of a protection system based on Guardant API is impossible.
The main disadvantage of this method is that it cannot provide a sufficient level of protection to the application. The essence of the method indicates that the protection is not completely integrated into the application. It ‘wraps’ an executable file, as though it is ‘glued’ to it, therefore, there is a chance that it can be broken by a hacker. Besides, this method cannot provide for any dedicated logic of the protection system operation, which is very important in increasing the protection system tamperproofness.
Automatic protection operation scheme:
- The automatic protection utility embeds an executable module into the body of protected application – internal vaccine.
- At the moment of launching the application the internal vaccine calls the external vaccine from a separate file.
The external vaccine runs the required checks and encryptions and launches the protected application.
Guardant API
This method is based on the use of special Guardant API functions located in object modules. API functions provide for performing any operations with a dongle: search, reading and writing into is memory, setting of hardware locks, encryption of data using the hardware algorithms, etc. To setup protection using this method you need to embed calls of API functions into the source code of the application and compile them with the object modules.
The main advantage of this method is that it provides an immeasurably higher level of protection. The protection (if implemented correctly) becomes integrated into the application, which makes it hard to remove by a hacker. Guardant API functions serve for performing any operation with a dongle, they can process any accessible area of its memory – in other words, the possibilities of developing protection are limited only by the developer’s fantasy and abilities. You can build any, even highly dedicated logic of protection in order to significantly complicate the hacker’s task in breaking it. Finally, only Guardant API functions provide a complete freedom of actions while working with dongle hardware algorithms.
The creating of protection build on Guardant API is a task assuming a range of various solutions. Therefore, it is impossible to offer a universal and detailed step-by-step process description for such protection. Below you will find a generic action plan that you should be guided by in any case:
- Study the test examples of programs written in respective program-ming language (see Folder “C:\Program Files\Guardant\SDK7\Samples”). The tests contain examples of using the main API functions
- Develop you own protection system using the acquired knowledge and recommendations described in Appendix on Increasing Tamperproofness of Protection