Misplaced Pages

Software protection dongle: Difference between revisions

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.
Browse history interactivelyNext edit →Content deleted Content addedVisualWikitext
Revision as of 07:16, 27 October 2003 editGRAHAMUK (talk | contribs)7,949 edits created  Revision as of 15:05, 27 October 2003 edit undoTimwi (talk | contribs)Administrators32,139 editsm slightly more professional wordingNext edit →
Line 5: Line 5:
One major snag with dongles is that they tie up a port on the host machine. This has been ameliorated to some extent by the adoption of USB, but is still a major drawback. There is also the obvious problem of losing the dongle, rendering the protected software useless. Also, if there is more than one application protected in this manner, the number of dongles becomes physically problematic. One major snag with dongles is that they tie up a port on the host machine. This has been ameliorated to some extent by the adoption of USB, but is still a major drawback. There is also the obvious problem of losing the dongle, rendering the protected software useless. Also, if there is more than one application protected in this manner, the number of dongles becomes physically problematic.


There is also a potential weakness in the implementation of the ] between the dongle and the protected software - it requires considerable design cunning to implement this in a fashion that is not easily hacked around. For example, a naive implementation might simply define a ] that checks for the dongle, returning true or false accordingly. This reduces all of the protection, however sophisticated, to a single ] value at one point in the program - such an implementation is trivial to hack around. There is also a potential weakness in the implementation of the ] between the dongle and the protected software - it requires considerable design cunning to implement this in a fashion that is not easy to ]. For example, a naive implementation might simply define a ] that checks for the dongle, returning true or false accordingly. This reduces all of the protection, however sophisticated, to a single ] value at one point in the program, so cracking the protection requires only the identification and manipulation of that single bit.

Revision as of 15:05, 27 October 2003

A dongle is a small hardware device that connects to a computer, its purpose being to act as an authentication key for a particular piece of software running on that machine. The requirement for a dongle is a form of copy protection or digital rights management. The dongle approach works because it is much harder to copy the dongle than it is to copy the software it authenticates.

Dongle schemes became popular in the 1980s, and continued into the 1990s. Originally taking the form of simple passive devices that connected a parallel port in a predetermined manner, they rapidly evolved into active devices that contained a serial transceiver (UART), and even a microprocessor to handle transactions with the host. Later versions adopted the USB interface in preference to the serial interface. Modern dongles include built-in strong encryption, and special fabrication techniques designed to thwart reverse engineering. Typical dongles also now contain a reasonable amount of non-volatile memory, so that key parts of the software may be actually stored on the dongle.

One major snag with dongles is that they tie up a port on the host machine. This has been ameliorated to some extent by the adoption of USB, but is still a major drawback. There is also the obvious problem of losing the dongle, rendering the protected software useless. Also, if there is more than one application protected in this manner, the number of dongles becomes physically problematic.

There is also a potential weakness in the implementation of the protocol between the dongle and the protected software - it requires considerable design cunning to implement this in a fashion that is not easy to crack. For example, a naive implementation might simply define a function that checks for the dongle, returning true or false accordingly. This reduces all of the protection, however sophisticated, to a single bit value at one point in the program, so cracking the protection requires only the identification and manipulation of that single bit.

Software protection dongle: Difference between revisions Add topic