#1
|
|||
|
|||
Cracking HASP HL / SafeNet SHK
Greetings,
I work for a company currently evaluating the HASP HL and SafeNet SHK dongles for protecting our intellectual property. We have very high profile customers around the world who have vast amount of resources and sophistication. If one of our customers is prepared to spend one million US dollars on breaking our protection, what is the likelihood that they can succeed if we choose to go with either dongles? Thanks in advance. |
#2
|
|||
|
|||
hm
They wont have a problem. See semiresearch or flylogic. Also, they probably wont even need to break the dongle itself to break your implementation.
|
#3
|
||||
|
||||
100% certainty. SHK will be harder than HASP HL because HL solution is free but you may have to pay $500 for SHK solution.
Absolute security is absolutely impossible. Git |
#4
|
|||
|
|||
Remember, if an RE's have dongles in hand its matter of hours.
Cheers, Sope! |
#5
|
|||
|
|||
HaspHl and SHK dongle both can provide good protection, if talented programmer will implement at least 30% of developer\s recommendations.
If you want to improve your protection, contact me in PM. |
#6
|
|||
|
|||
Jackula,
your question is somehow obsolete since both keys (HASP & SHK) are owned by the same company - Safenet. Soon there will be a single key with common drivers & SDK. Your research is meaningless unless you are working for safenet and now you are deciding which solution should be phased out I would throw away both solutions Or I would have looked for a firmware modification of the keys that makes them execute a hidden user defined code (I mean the part of the user software itself) in the dongles themselves. On my opinion HASP SRM is better (HL is firmware updated to SRM as you probably know so it would be wiser to compare HASP SRM to SHK) because: 1. HASP is more mature key and has been available (to hackers also) for almost 6 years. It's motorola/freescale MCU is more mature compared to that of the SHK. This MCU has no separate code protection fuses and its code protection flags are incorporated as an ordinary bits in the user flash memory, so erasing them optically would eventually ease the whole flash memory of the chip. HASP's AES encryption is a true 128-bit version of the standard. 2. SHK was released 2 years ago or so. Despite custom ordered PCB from microchip with MCU and eeprom packaged directly on the PCB there are some evidence that reverse engineers have found a comfortable pads on the pcb which are connected to the programming pins of the SHK's MCU PIC 18F2455 (RB6,RB7,-MCLR, VDD,VSS). It's fuses are separated aside from the main flash memory and are clearly visible on the die and also can be reset separately regardless the fact they are covered by a protective layer. The firmware should have been extracted just 1 year after releasing the key and generally you could ask IC specialists that it is suicidal to use microchip PICs for a security device. There are rumors that AES implementation of SHK does not conform to the standards and uses weak shorter keys and algorithms that in theory are extractable...During the years of sentinel's existence the approach of rainbow/safenet companies was and is more "security through obscurity" than that of aladdin. For instance AFAIK there is no demo kit for SHK unlike for HASP SRM/HL... To be exact all available software emulators(for HL(SRM) and SHK) are partial and use look-up tables to provide responses corresponding to the encryption algorithms. These emulators can easily be defeated in the consecutive versions of the protected software. Presently there are no third-party "dumpers" for both HASP HL/SRM & SHK that could retrieve the encryption keys from the dongles. All dumpers sniff communication between the dongles and the application to fill their tables with challenge-response pairs... Last edited by CyberGhost; 05-02-2009 at 03:16. |
The Following User Gave Reputation+1 to For This Useful Post: | ||
arnix (05-02-2009) |
#7
|
|||
|
|||
nice summary cyberghost.
|
#8
|
|||
|
|||
well that should have successfully answered the question.
|
#9
|
|||
|
|||
No, not so nice, since it is obvious that Jackula works for safenet...And this doomed company constantly sends threats to sites which offer emulators for their "security" devices (pathetic). They've spent US$180 million or so to suffocate some of the competition (acquiring aladdin). Now they are trying to establish interactive feedback from a forums like this one (for free). The future will show what will they come up with. I wouldn't bet on safenet
P.S. At least they've bought a better design for their clumsy SHK |
#10
|
|||
|
|||
hmm
The summary was nice, nothing to do with the posters intention. Also im positive the poster does not work for safenet. And it would be just ridiculous using this approach. Just imagine how bad this looks on seo when someone finds this post "can it survive blah" followed by a barrage of "emulate for 500" its like asking to beat the hell out of it publicly and leave it to die forever in the internet archives.
|
#11
|
|||
|
|||
the whole if it's crackable part of it aside...wouldn't you have to be protecting something worth cracking in order for a "customer" to spend a million dollars breaking the protection? i mean really, it would have to be magical software to warrent spending that much money. and secondly it would have to be the only one of it's kind otherwise i'm sure the "customer" would shop elsewhere for a cheaper option since the protection is going to come at a price.
|
#12
|
|||
|
|||
Either the HaspSRM(including HL) or SHK are both garbage.It only takes me less than 5 minute to crack these dongles if the dongles are available.
|
#13
|
|||||
|
|||||
Quote:
Quote:
Quote:
Quote:
Quote:
|
#14
|
|||
|
|||
Quote:
Which sort of holes? |
#15
|
|||
|
|||
A clone can be done within 24 hours (an access to the original dongle is a must) but the service is expensive There are other ways that you don't know of and have nothing to do with the debugging of the software and sniffing the communication to the dongle -- the methods you (and not only you) obviously use to fight protections and these methods are not very productive sometimes .
|
Tags |
hasp, property, safenet, sentinel, shk |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
SafeNet Sentinel HASP ImportScript & ShortTut | CodeCracker | Community Tools | 17 | 09-24-2023 20:26 |