Technologies

The original technology of Guardant dongles developed by Aktiv Company has been designed to protect dongles against most of currently existing methods of cracking and to ensure maximum software protection and its compatibility with the hardware.

Microprocessor Technology

The main structural element of Guardant dongles is the microcontroller. This has opened up various new protection capabilities. Most features available in Guardant dongles owe their efficiency to the microcontroller.

Microcontroller is an exceptionally flexible device that can be "taught" to solve various protection tasks. On its basis, you can create dongles with any set of features.

Hardware Algorithms

When a Guardant dongle is manufactured, a microprogram is written into the memory of its microcontroller. In combination with descriptors the microprogram implements GSII64 encryption algorithms and one-way functions of Y=F(X) type and. These algirithms and functions will hereinafter be called hardware algorithms. A principal characteristic of the microcontrollers used in Guardant dongles is that their microprograms can neither be read nor modified. The microcontroller is like a "black box" that conceals all processes which take place inside.

By implementing hardware algorithms developer can encode any information vital for the protected application. If protection is organized properly, usage of a hardware algorithm makes it pointless to remove API function calls from the application; since in this case it will be impossible to decode data required for the application. Besides, mere presence of hardware algorithms makes the functioning logic of dongles so complicated that their emulation turns into an extremely difficult task.

Multiple Algorithms in One Dongle.
If required, up to 18 different hardware algorithms can be arranged in one Guardant dongle. Of course, you may use all algorithms created in the dongle for protection of the same application: for example, one part of data can be encoded using the first algorithm, another part - using the second one, etc. Other things being equal, this will make protection even harder to crack.

Types of Hardware Algorithms.
Each hardware algorithm created in a Guardant dongle is described by its descriptor. Descriptors are stored in the non-volatile memory of a Guardant dongle and are protected against reading and modification. One part of the descriptor specifies the properties of the algorithm (these will be described below). Another part of the descriptor forms the determinant of the hardware algorithm. The latter is essential for implementation of any particular algorithm. A determinant is a numeric sequence that together with the microprogram is involved in the creation of the dongle's hardware algorithm.

GSII64 encryption algorithm.
GSII64 is the new algorithm developed for Guardant dongles. GSII64 is a block algorithm resistant to cryptanalysis and specially devised for Guardant Stealth II. Key length is 16 or 32 bytes (128 or 256 bits). GSII64 encodes data in 8-byte (64-bit) blocks. It also supports encoding of data sequences of length divisible by 8 and random length. The algorithm is symmetric, hence it can be used for both data encoding and decoding with the same key. GSII64 algorithm supports the following functions:

• block data encoding (64-bit blocks);
• stream data encoding (data of random length);
• pseudorandom numbers generation;
• hash calculation.

One-way Y=F(X) functions.
One-way Y=F(X) functions of Guardant dongles support the following protective features:

• Inverse function X=F-1(F(X)) does not exist.
• The length of the determinant can be up to 200 bytes, or 1600 bits. Therefore, to be able to single out such an algorithm the hacker will have to try up to 21600 various combinations;
• Data are converted in the dongle which makes it impossible to study the algorithms with a debugger and useless to remove protection modules from the application;
• Data can be converted by long data blocks (up to 255 bytes). This makes 'manual' decoding very difficult and creation of dongle's emulators practically impossible;
• All bytes of data to be converted by this algorithm are significant (i.e., the code chain has the same length as the sequence to be converted);
• The user of Guardant Stealth and Guardant Net knows only the descriptor of the algorithm, while the designers of dongles know only the microprogram, which processes this descriptor. Thus, a particular representation of the hardware algorithm created by the user cannot be known to anyone;
• The same protected application can use several unique hardware algorithms (up to 18) to convert various information. This would force a hacker to reach the representation of each algorithm;
• You can easily create hardware algorithms whose representation would depend on a variable. Therefore, such algorithms will always convert information in a different way.

Unicity of Hardware Algorithms for Each User of Protection.
Each user of protection gets dongles with unique access codes that are never repeated, and with several default hardware algorithms whose determinant is unique as well. Thus, hardware algorithms stored in the dongles of one user of protection will be transforming the same data in a different way than those of another user working with the same protection system. This guarantees that hackers will be unable to create a universal emulator for all Guardant dongles.

Ability to Create Independent Hardware Algorithms.
Users of protection based on Guardant dongles have the opportunity to design their own hardware algorithm descriptors. Using a special utility they can specify the properties of their hardware algorithm, define the determinant, etc. As a result, the dongle will encode data applying an algorithm whose representation and properties will be known only to the user of protection. Thus, the opportunities for increasing protection strength become truly unlimited. If your company produces a number of software products, you can protect each of those using a unique hardware algorithm. Or, you can create your own unique algorithm in each dongle, in which case each copy of your software will be protected in a unique manner. Thus, using your own unique hardware algorithms you will prevent creation of universal emulators for your software products (or for different versions of your software product).

Using the Properties of the Hardware Algorithm.
Apart from microprogram and determinant, a combinaton of algorithm's properties is also involved in the creation of the hardware algorithm of the Guardant dongle. The properties are specified by a combination of special flags, which comprise the descriptor of the algorithm. By specifying a combination of properties of a hardware algorithm you may achieve the required "behaviour" on its part and greatly influence its representation.

Properties of Hardware Algorithms of Guardant Dongles:

• Dependence of the hardware algorithm on the dongle's ID number. When this property is enabled, a corresponding hardware algorithm will be transforming the data in a unique manner in each of your dongles, even if the determinants of such algorithms are identical in all of your dongles. Besides, the representation of such an algorithm will depend on the identification number (ID) of the Guardant dongle, which is a unique 8-byte value embedded in each dongle at the site of manufacturing;
• Dependence of the hardware algorithm on its counter value. By enabling this property you can cause data conversion to depend on the value assigned to the algorithm's counter (which is entered in a special 4-byte field included in the descriptor). Therefore, if the counters of such algorithms have different values, then, with other things being equal, they will be converting data differently;
• Limiting the number of executions of a hardware algorithm. When this property is enabled the hardware algoritm can be executed only a specified number of times. The value of the algorithm's counter is entered in a special 4-byte field (32 bits) which forms a part of the descriptor. Each time such algorithm is executed the value in its counter is decremented by 1, and as soon as the value reaches 0, the hardware algorithm will cease to execute. Algorithms with this property can be effectively used to create protected applications with limited life cycle (for example, demo-versions).

Properties of hardware algorithms can be combined. For example, if you combine the 2nd and 3rd properties you will get a "changeable" algorithm which will be converting data differently each time it is run. Deriving from the size of the algorithm's counter, the total number of different transformations for this particular algorithm is 232. Usage of the hardware algorithm with this set of properties ensures a maximum level of security against dongle emulation. This algorithm can be used as a generator of pseudorandom numbers that are up to 255 bytes long (in such a case the responses of a "changeable" algorithm are treated as random numbers).

Availability of Fast Conversion Algorithms. Hardware algorithms of Guardant dongles have another distinction: they encode information rather slowly. Thus, to encode 255 bytes of data a hardware algorithm will require several tens of seconds. At first glance this may seem to be a disadvantage. But, as a matter of fact, all really sophisticated and efficient algorithms work rather slowly - this is an axiom. Therefore, relatively slow work of hardware algorithms of Guardant dongles is but the result of their high quality.

However, users often need to encode large amounts of information, from tens of kilobytes to hundreds of megabytes. Usually these are various databases, text and graphic files, which are processed by protected applications. It is clear that encoding of such an amount of information with the help of hardware algorithms is not acceptable, since this will require too much time. Therefore, a special software module has been developed, which implements an algorithm of fast data conversion.

This algorithm works as follows: the user of protection specifies an encoding password. The hardware algorithm of a Guardant dongle transforms the password into its internal form. The length of the password is 32 bytes, therefore conversion of this password does not require a lot of time. It is the internal form of the password, which is used to encode data. The encoding algorithm is implemented by software means.

The fast data conversion algorithm allows you to build quite reliable protection for large volumes of information that do not contain vital data.

Dongle Access Codes

To execute any operation with the Guardant dongle an access code for this dongle must be specified. Access codes are "embedded" in Guardant dongles and each user of protection is supplied with unique codes.

There are two types of access codes: Public Code and Private Codes. Public Code is not confidential and is used to identify the dongles of any particular user of protection. Private Access Codes are confidential and are used to access the dongle when executing various operations with the device. The length of each access code is 4 bytes (32 bits). Each private code allows you to execute only certain operations with the dongle.

Private Codes Comprise Three Codes:

There is an additional advantage in using several codes. It is unlikely that all private codes will be stored in the protected application at one time. For example, if the protected application only reads from the Guardant dongle and uses its hardware algorithms, it would be enough to store only Private Read code in this application. The other two private codes will not be needed, so they will not be available in the application, and thus the hacker will not have a chance to oversee them. Therefire, he will have to look for these missing codes. To single out each of the codes he will have to process 232 combinations.

Hardware Locks

Guardant dongles contain non-volatile memory where descriptor of hardware algorithms and different kind of data required for protection are stored. Part of this memory is both read and write protected, while for the other part only read access is permitted. The rest of the memory is fully available for the user of protection.

It is natural that hackers show tender interest in the memory contents of any dongle. After all, as soon as the information is read from the dongle it can be used to create an emulator of the device or its perfect hardware copy. Though it may seem strange, the majority of dongles available in the market can do nothing to prevent such intrusion. Sometimes it is possible to read the entire memory contents utilizing plain software tools.

Guardant technology has helped to solve the problem of unsanctioned reading of the dongles' memory - this cannot be done with software tools. The non-volatile memory used in Guardant dongles gives an opportunity to implement hardware locks to prevent reading and writing of the memory contents. There is no way to read the contents of the locked memory area using software tools since there are no and there cannot be such tools that could solve this task. A Guardant dongle simply does not respond to the software request for reading from/writing to the protected memory area.

Hardware locks, as can be inferred from their name, are implemented on the lower, i.e. the hardware level; this prevents unlocking the dongles with software tools.

Memory of the Guardant dongles can be locked by the user of protection himself. He may implement hardware locks on any memory area to which he has access, or release locks as well as increase or decrease the boundaries of the protected memory. Hardware read and write locks are automatically set on the descriptors of hardware algorithms to ensure protection of hardware algorithms of Guardant dongles from illegal reading or duplication.

A question arises: if a user of protection can release a previously implemented lock using available software tools, why cannot the hackers do the same? The matter is that the hardware lock can be released only if a special operation is executed which leads to the total erasing of data from the memory. Since you always know what has been written in your dongle, you can easily recover the contents after releasing the hardware lock. The hacker does not know what has been written in your dongle, or else there would have been no reason for him trying to release the locks.

Encoding Data in the Memory of Guardant Dongle

As technologies advanced, hackers got access to new hardware tools for copying memory chips, which have become a dangerous weapon in their hands. Even though by utilizing hardware locks you can stop hackers attempts to read the memory using software tools, these locks become helpless when hackers use hardware tools.

However, the Guardant technology has succeeded in solving this problem too. Actually, all data are stored in the memory of Guardant dongles in an encoded form. Before data are sent to the protected application, they are decoded, and straight before being written into the dongle's memory the data are encoded. Encoding/decoding is executed by the dongle's microcontroller; this makes the reading of the encoding algorithm next to impossible (if you remember, the microcontroller is like a "black box" that permits no access from the outside). Most importantly, each microcontroller encodes the data of its dongle in a unique manner. So, even if someone manages to read the memory contents of the Guardant dongle with hardware tools, there will be no point in writing these data to a copied dongle. The microcontroller of another dongle will interpret these data incorrectly because it will decode them in a different way. Accordingly, the hardware copy of a Guardant dongle will function incorrectly. As far as decoding of the read data is concerned, this cannot be done manually since neither the algorithm that was used for encoding, nor the form of the data after decoding is known.

Hardware-Based Obstruction to Debuggers

Hackers attempts to learn the functioning logic of a Guardant dongle using debuggers will find a strong opposition on the part of the dongle. By analyzing the time intervals at which data are input, Guardant dongle automatically diagnoses the environment in which the querying application works. If the dongle detects that the communication protocol is executed in the debugger environment (in which case all time intervals are inevitably increased) it immediately switches to a 'sleep' mode and ignores any queries. Of course, the dongle can be 'woken up', yet the whole process will have to be started anew. Anyway, the Guardant dongle cuts the ground from under the hacker's feet. To study a Guardant dongle the hacker will always have to rely on uncommon, unfamiliar and inconvenient methods.

Specifics of the Communication Protocol with Guardant Dongle

The dongle communication protocol (i.e. a combination of commands and rules according to which data are transmitted between the dongle and a protected application) is the most sensitive point about software-hardware protection, since the study of it plays an essential part in creating dongle emulators. On the other hand, if the hacker fails to understand the details of the protocol, he will be unable to create any emulators. Data flow between the application and the dongle in accordance with certain rules, and if an emulator fails to keep to these rules, it will not be 'understood' by the protected program.

No wonder that developers of dongles pour a lot of effort into improvement of communication protocols. Protocol of communication with Guardant dongles has a number of specific features that impact their security level, as well as transparency and compatibility.

Protocol of communication with a Guardant dongle is:

"Changeable"
Specially generated "garbage" (i.e. meaningless information) mixed up with the meaningful data is transmitted between the protected application and the dongle. The nature of the transmitted garbage, as well as the order in which the meaningful data are interwoven with it, are changed in the course of time. As a result, the hacker encounters problems with understanding the logic of the communication protocol.

Encoded
All data transmitted between the program and the dongle are constantly being encoded, while data encoding method is regularly altered on a random basis. This further complicates the task of the communication protocol analysis.

"Adaptive"
During the execution of the protocol, its parameters are optimally adjusted to the specific hardware and software environments. This enables reliable functioning of the Guardant dongle on any computers regardless of the quality of the parallel port.

With automatic verification and retries
Every writing operation to the memory of a Guardant dongle is automatically verified, i.e. the adequacy of written data is always checked. If a failure occurs during communication with the dongle due to the interference of other devices, the operation is automatically retried. All this helps to considerably increase the reliability of communication with the Guardant dongle.

Power Saving and Full "Transparency" of the Guardant Dongle

A flexible power consumption scheme is used in Guardant dongles, which determines the level of their "transparency". In addition to two standard modes - waiting, or "sleep" mode (when no data are transmitted through the dongle) and active mode (when the dongle processes its proper data) - a Guardant dongle also has a transient mode when a minimum of energy is consumed. This new mode has become available thanks to the Guardant dongle's microcontroller. When the dongle receives data intended for a peripheral device, the microcontroller switches to a very low speed letting the data flow directly through the dongle. Meanwhile the dongle consumes almost no power. This mode is called a transient mode of the Guardant dongle. However, when the dongle receives data intended for itself, the microcontroller switches to its 'turbomode' bringing the dongle to the active state.

Why is this so important? The data array intended for a peripheral device transits through the dongle. In this case those dongles that do not have a transient mode consume the same amount of electric power as when processing their own data. Moreover, the higher the speed of a peripheral device (i.e. the faster the transit of data through the dongle is), the more electric power these dongles consume. As a result, the dongle starts to "interfere with the functioning" of the parallel port taking away a considerable amount of precious electric power. This may cause partial loss of transmitted data, i.e. loss in the dongle's transparency.

Flexible electric power consumption and availability of transient mode provide the dongle with a highest level of "transparency". Guardant dongles are absolutely "transparent" to any peripheral devices and any communication protocols. By the way, it is this capability of dongles that has been reflected in the name of the technology itself (the Guardant technology).

These specific features of Guardant dongles allow multiple dongles to be cascaded in one parallel port. The number of cascaded dongles depends only on the parallel port capacity. The average number of dongles that can be cascaded is 10, while some good brands allow even more Guardant dongles to be attached.