Versions Compared

Old Version 4

changes.mady.by.user Timofey Matrenitskiy

Saved on

compared with

New Version Current

changes.mady.by.user Guardant Support

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleImportant information
  1. The automatic protection can be set on the application only upon with the presence of the required dongle in the port!
  2. Despite its rich capabilities, autoprotection cannot guarantee the highest software security. For this reason we strongly recommend increasing protection using Guardant API! 

Guardant’s autoprotection tools consist of several console utilities (a utility for protecting Nativeapplications and two separate utilities for the obfuscation and protection of .NET code assemblies) as well as GUI utilities:

Autoprotection UtilitiesFunction
FilenameType
NwKey32.exeConsoleNative executables protection
CodeObfuscator.exe.NET obfuscation and string encryption
CodeProtect.exe.NET obfuscation and string encryption
LicenseWizard.exeGUIAutoprotection and licensing wizard (Native & .NET)
NativeProfilerGUI.exeNative profiler
NativeProfilerGUI.exe.NET profiler

Protection mechanisms for Native applications and .NET assemblies have significant differences; therefore we will consider them separately:

  • Native Executables Automatic Protection
  • .NET Assemblies Automatic protection


 Guardant automatic protection has a wide range of features:

Autoprotection FeaturesWin32 apps
Native executables (*.exe).NET assemblies (*.exe, *.dll)
Local dongles support++
Network dongles support++
GSII64 and AES hardware algorithm support++
Protection without binding to a dongle++
Dongle ID verification++
Application serial number and version verification++
Binding many applications to the same dongle++
Multi-module applications protection++
Limiting the application's operating time+-
Limiting the number of application launches+-
Verifying the dongle presence periodically  +-
Controlling USB Dongle’s Presence+-
Protecting imported functions+-
Encryption and packing application fragments+-
.NET string encryption-+
.NET obfuscation-+
.NET MSIL code encryption-+

Guardant dongle is a highly effective mean of software/hardware protection. It allows building protection of virtually any level of complexity and tamperproofness.

Native-application (Win32)

Use automatic protection utilities for protecting ready-to-use applications against the attempts to learn their operating logic. To ensure proper protection it is recommended to use the following options:

  • Protection against viruses. This option is used to protect an application against illegal modification of the application file (incorporating program modules, alteration of copyright information, etc.).
  • Encryption of the loadable part and internal overlays of the application. This option protects the application against attempts to use another method of code research – disassembling.
  • Use the time-dependant dongles checks options. In this case even full dump of the application memory will be just a waste of time for a hacker.
  • Use import and code extraction protection options. These options allow the autoprotection to extract a range of instructions from the body of the protected application and transfer it into the virtual machine’s body. This allows withstanding the automatic deactivation of hinged protections which significantly increases the difficulty and cost of attack.
Info
titleImportant information

If the use of /RIP_CODE and /IMPORT_HOOK options significantly slows down the work of the application, it is recommended to use /RIP_CODE_LIST and /IMPORT_HOOK_LIST options for optimizing the speed of the protected application.

In the event when the tie is done to Sign or Time dongle use ECC160 asymmetric algorithm operating option. Whereas, random data will be generated and signed by a digital signature on elliptic curves directly in the dongle in the course of operating the protected application. Later the signature will be verified by Guardant API function, protected by pseudo code, traffic encryption and other protection mechanisms.

 

.NET applications (Framework 2.0 – 4.0)

Use the symbol obfuscator and MSIL-code protection utility. It is also reasonable to use the following options:

  • Symbol obfuscation. It allows obfuscating the application code, which when coupled with other measures significantly increases the level of application protection. Use the obfuscation for all *.exe and *.dll assemblies in the application, except for the third-party applications and applications signed by digital signature. 
  • String encryption. Ties the obfuscated application to the Guardant dongle and encrypts the string constants in the protected assemblies. It is recommended to use this option if there are no logical elements, significantly depending on the speed of string constants.
  • When the public interface obfuscation optionis used a complete obfuscation of all the assembly occurs. However be careful, the use of this option is possible only with the looped system (all assemblies are obfuscated in one session and no methods of obfuscated assemblies from other applications are not used). In most of the cases it is safe to conduct the obfuscation of public interfaces for exe-assemblies (except for the cases of using the Reflection technology on the assembly itself or exporting types for other applications).
  • Use the exclusions file. Use ExclusionUtility.exe utility in the Developers’ Kit to generate this file. Generally, the developer needs to have a clear understanding of types, methods and properties that need to be included as exclusions for the symbol obfuscator. As a rule, these are all the language elements that can be used from within. You should pay attention to the use of Serialization, Reflection, Data Binding technologies.

 

You have to remember the following when using the MSIL-code automatic protection utility: 

...