Introduction
Although the availability of legal protection for software has increased rapidly around the world over the past years, the software piracy is till on high whatsoever, the combat to illegal use is still intense. The only way to stop software piracy before it happens is to implement a strong software system solution to protect your software from unauthorized use. Effective software protection and licensing solutions not only protect software from piracy, but decrease operational costs and allow for an increase in revenue through effective protection method and flexible licensing models..
To protect your software with UniKey hardware keys, you need to combine the two technologies and use tools,
• UniKey access mechanisms
• UniKey Envelope
• UniKey API
• UniKey memory programming and license generation
UniKey Protection Methods
UniKey is a hardware-based software protection system designed, manufactured and distributed by SecuTech Solution Inc. The system is composed of an encryption based hardware protection key. A UniKey-protected application can load and run only if the hardware k key is connected to the computer. UniKey hardware key is the strongest and securest hardware on the market
There are two protection methods you can incorporate when securing your application with UniKey, both applied by UniKey software tools: the UniKey API, and the UniKey Envelope.
Software application will receive the strongest security when both API and Envelope methods are used. UniKey API is a set of libraries you link to your application. Protection using API requires changes to your source code and lets you customize calls to the hardware key throughout your application.
UniKey Envelope is an automatic protection tool, deployed on the executable, DLL, OCX or other PE-format files of your application. The following sections will give you an insight to the security features and capabilities of the Envelope.
The UniKey Envelope
UniKey Enveloper is the fastest way to protect your executable files. UniKey Enveloper is an automatic software protection solution. You need not the source and additional coding work, by simply clicking the mouse; you can implement different software protection schemes. You can protect application either by local UniKey or a remote UniKey in a network
When the application is launched, the Envelope sends a query to theUniKey hardware key to validate that it is connected. If the correct UniKey is connected to the computer the Envelope uses the UniKey encryption engine to decrypt the application file (previously encrypted by the developer). If the hardware key is not connected, the application cannot execute.
Automatic Solution
The total procedure of UniKey enveloping encryption only takes seconds under the default protection scheme mold. This is easy to use for the software vendors who want to save time or no access to the application’
Since API has to be done at the earlier stage of the software development, Envelope no doubt is an easy and speedy solution to protect the software
Once development is finalized, and the application executables are ready, the UniKey Envelope can be used fast to apply another important and extremely strong layer of protection.
Defend against Reverse Engineering
Code obfuscation is the simplest (and cheapest) method to deter reverse engineers. A code obfuscation change function names, alters the sequence of code, and adds noise, without changing the functionality of the code itself.
The approach is simple – encrypt the binary, attach it to a decryption engine and store the encryption key in a hardware key. The decryption engine loads the binary to memory, decrypts it with the key from the key and then runs the binary. Since the hardware key is required to decrypt the binary, this is also an effective mechanism for license control.
License Management
Innovative selling models are implemented by storing license parameters in the UniKey memory such as counters, expiry dates and number of concurrent users. Once the protected application reaches the end-user the UniKey Envelope takes control and acts as a License Manager responsible for executing the application in accordance with the predetermined licensing terms. And, it truly is automatic: you only need to trigger the licensing mechanism by checking a flag when protecting your application with the Envelope.
Feature Based --Allows end users to use partial function of the software to save money than to use the whole package.
Rental – software can be rented and charged periodically by software applications, module or features.
Subscription -- Allows the user to use the software for a specific time period. At the end of the term the user has several options: (1) renew the subscription;
Floating – Charged by numbers of users that are using software simultaneously in the network environment.
Trial before you buy: Allows software publishers to release the software for a period time like a month as marketing tool. The end user can only use this software for only one month.
Per-per-Use -- charging users for the number of times they use the software or charge for certain features.
Pay-per-Time:
Envelope Protection Scheme
Envelope protection is the simplest to implement and is very powerful too. You can protect your software within an envelope without making any change to your code. Pass your software through a special utility, and it comes out encrypted, with the envelope protecting it. In addition to encryption, here’re some of the protection mechanisms the envelope provides:
a.The envelope implements anti-debugger strategies to prevent an attacker from attaching a debugger to the program
b.The envelope periodically polls the USB port to see if the right dongle is still present
c.he envelope implements several code obfuscation strategies, in addition to encryption
d.The envelope dynamically encrypts and decrypts configuration files
e.The envelope offers different grades of encryption to the binary: the stronger the encryption, the slower the initial loading
Basic Protection Workflow
This section provides a workflow that describes the elements of protecting applications using UniKey Envelope.
1. Launch UniKey Envelope
2. Command‐line Utility UniKey envelope
3. Add the executable, library, or .NET assembly you want to protect to the project.
3. Define protection parameters for the protected program.
4. Protect the program.
5. Distribute the protected software together with your encrypted hardware keys.
Support Cross-platforms
Protect Win32, Windows x64, and .NET executables and DLL files, and Java executables
Enhance the protection of .NET assemblies by defining
Method‐level protection
Protect Mac Mach‐o binaries
Protect Linux executables and shared objects
Define a variety of global protection parameters for your program
Specify a Vendor Code to authenticate the presence of a specific UniKey protection key.
Customize the run‐time messages that will be displayed to end users running protected programs
In addition to linking protected programs to a specific UniKey protection key, UniKey Envelope wraps the application file with numerous protection layers that are randomly assembled.
About SecuTech
SecuTech is dedicated to being the leading provider of software rights management and authentication solutions, enables secure business, and maximizes the benefits from creating, selling, distributing and using digital content. It is building reputation upon a comprehensive line of products satisfying the security needs of organizations.
