LabVIEW

It's been a while since I used one of these, http://www.safenet-inc.com/products/sentinel/hardware_keys.asp (there are other vendors)
I remember that you used to be able to apply the security to an EXE file, no source code access required.



In the old days (parallel ports and so on) we did manage to bypass the security (it would have been easier to re write the application). But the newer devices are much better than the old parallel port versions as the on board processing is significantly higher than the fixed response types we were attacking.

In LabVIEW I form a machine finger print based on various parameters and then use various encryption techniqes to tie a key to a unique machine. It seems to work, just search the forum for articles on encryption and mac address.

Thanks for the link and suggestions.

We've taken a software license route (think of the Microsoft licensing scheme) which seems to work reasonably well for us.  It has some issues that have made us consider the hardware dongle as a possibly better solution.  The main issue we have is when (not if, when) a computer goes down the replacement system must work immediately.  (Our systems go into manufacturing environments.)  This means we have to provide a "grace period" where the software is "unlicensed".  The software license scheme also has the issue of hardware replacement can cause the license to become invalid.

Unfortunately, I can't describe the sceme we used more than that.  Unless you're familiar with low-level system queries (or are willing to learn), I'd use the dongle.

Hi,

most Hardware Dongle solutions, that use an Exe-encryption (envelope function) don't work with every Labview-Exe. A more reliable solution is a VI  based  connection between Labview-Exe and Dongle, that calls the API of the Dongle.  The USB-Dongle SG-Lock® can do that. More info under: www.sg-lock.com/us.

best regards,
Sven

I can imagine that a direct API implementation might be better.

My personal experience of such implemtnations has been that under these circumstances it is critical that: -

  The implementation is solid.

  Trust and security are correctly established.

It has been my experience that the above are quite difficult to assure. Where it works the EXE approach is probably better although the exposure to an attack by a sotware kit might be greater.

The above are why I indicated my alternate technique, not using a donlge but my own system. It is almost certainly weaker than a commercial implementation in some possibly many ways. But has the advantage that I change the implementation and techniques and whoever wants to access it has to start from zero. There are no kits because there aren't a million copies available.

I guess the right thing to do is to issue a challenge............perhaps with a reward........

But my experience of encryption is that it can always be broken by someone somwhere. The real questions are by who and when.

 

Message Edited by Conseils on 11-03-2007 12:07 PM