PROJECTS: CodeShelter - programmable hardware key |
We don't support this project anymore. If you're interested in using the following technology for the protection of your software - please check SenseLock hardware keys description.
Description
The CodeShelter security key is the most advanced software protection system available. CodeShelter is designed with only the best design standards and protection techniques available. By implementing CodeShelter, any developer can be empowered with simple to manage control of their products. CodeShelter gives developers the ability to customize the distribution and licensing aspects of their products with the utmost security, headache free of reverse engineers and crackers. The Seculab team has taken careful consideration in designing the appropriate copy protection methods to achieve a point, at which it would be more cost effective for a pirate to buy an application, then for a pirate to attempt to reverse engineer or crack any application secured by CodeShelter. By combining the use of innovative copy protection methods, certified encryption algorithms, and secured hardware the CodeShelter key becomes a crackers worst fear.
Generally, exclusive protection methods that thwart crackers away from a given application require far too many resources and design cost for developers, or simply are to complex for programmers to create. Fortunately, the Seculab team has spent years developing a low cost and easy to manage approach for high quality security, so you don't have to.
Unlike other manufacturers of security hardware or software, which do not live up to their claims, and are consistently cracked! Seculab can present to you in writing why CodeShelter sets itself apart from all other competition.
| Features at a glance | CodeShelter Pro | CodeShelter Lite |
|---|---|---|
| Rinjdael AES 128/128 10 rounds | Yes | Yes |
| Complete licensing system | Yes | Yes |
| Non-volatile memory storage | 16 kb | 8 kb |
| Secure remote updates | Yes | Yes |
| Random number generator (RNG) | Yes | Yes |
| Executable code ghosting | Yes | No |
| Redefinition of algorithmic functions | Yes | No |
| HID-mode | No | Yes |
Rijndael AES encryption
AES (Advanced Encryption Standard) encryption speed (Rinjdael AES, 10 rounds, 128 bit key): 64 kbits per second for Lite version (including limitations in HID mode) and 512 kbits per second for Pro version. Algorithm based strictly on processor core level of the CodeShelter virtual CPU system.
Remote configuration updates
Enables any developer to change locally or remotely all dynamic data such as licensing options, security keys, and memory contents. All remote configuration updates transactions are secured through a high level encryption channel, and prevent unauthorized changes.
Random number generator (RNG)
The RNG utilizes an advanced mix of external noise generation and secured random values to produce useful RNG data for custom cryptographic and copy protection routines.
Non-volatile memory
The CodeShelter key can be used to store digital contents, such as, Licence data and Encryption keys. The memory is protected through a multi-level user access file system to provide read and write security features. The following attributes can be applied to the memory section of the device:
- AA - Universal read access without any authorization (convenient for customers non-confidential information or testing purposes);
- AR - Accessible for reading after authorization;
- AW - Accessible for writing after authorization;
- ARP - Accessible for reading using password;
- AWP - Accessible for writing using password;
Permission attributes ARP or AWP supersede AA, AP, AW.
HID-mode
The CodeShelter hardware key is a HID compliant device. The benefit of this feature is that no additional drivers or installation process is necessary by the end user or developer to deploy and begin usage.
HID-mode is currently supported by any MS Windows operational system starting from MS Windows 98 and Linux.
Hardware specifications
Non-volatile memory is impervious to attacks from any area, due to its unique implementation of certified encryption algorithms.
A generous memory capacity of 8 kb comes standard in the Lite version, 16 kb is available in Pro versions. Larger capacity memory is available and can be customized by request.
The CodeShelter Virtual CPU system runs smoothly on our blazing fast and secure processor performing at rates above 55 MIPS (million instructions per second).
Support for both USB versions 1.1 and 2.0.
Small unique design with durable clear plastic cover. Dimensions: 54mm x 18mm x 8.5mm.
Code ghosting
The CodeShelter is the most dynamic and secured dongle available on the market today. It can be manipulated and used in ways that software protectionists never imagined possible. Explained below is how the CodeShelter has the ability to run any executable code within its private Virtual CPU system environment.
One of our signature protection methods is called, Code Ghosting. Code Ghosting, is a process in which any executable section of code defined by a programmer, such as a function, is first securely ghosted (copied) into an encrypted image file. By doing so, the image file is invisible to both end users and crackers. Consequently, this removes the ability for any intellectual property to be analyzed by unauthorized users. However, when it is time for the secured section of code to be processed by the application, the image file is safely decrypted within the Virtual CPU system inside the CodeShelter key. This is a place that no cracker can debug or see. The application flow remains as though the function is within the physical application executable, but it is actually inside the CodeShelter safely taking arguments and returning proper answers to the application never revealing any source code to crackers.
A technical look at this process shows the application to be protected will contain segments of Java code. These segments of code will be encrypted by the CodeShelter master key. After being encrypted the code can either be integrated into the application executable itself or loaded from an external file. Additionally, the encryption method used to secure the developers code will provide a digital signature for each code segment which insures that no code can be forged and used with the CodeShelter key.
Basic features
The CodeShelter key is capable of providing the following features to strengthen your applications security:
- Memory management;
- Encryption/Decryption;
- Licensing
These features can be implemented in any part of an application via CodeShelter API.
Advanced basic features
Any ghosted code can be used to execute the basic API functions available within the CodeShelter key. These include features such as, memory functions, encryption routines, and licensing options. This substantially raises security levels in any developer's application, by not allowing any reverse engineer to see the actual API being used. Furthermore, it provides numerous new possibilities for copy protection methods.
Licensing system
The CodeShelter licensing system gives the power to control any given programs execution. The unique feature about the our licensing system is, there is no need to make additional changes into the application code, all duties concerning application licensing and usage become designated to sales managers, relieving application programmers of excessive work.
One of the most common vulnerabilities of licensing systems is possibility of data manipulation inside of the application. What makes the CodeShelter system so powerful is it contains algorithms built within the hardware to prevent any software based changes of the licensing system. If any changes are attempted to be made on the software side of the licensing system, the hardware application will realize its state, and cease to function properly.
CodeShelter Licensing
- Simple and Secure Licenses
- Limit quantity of launches or create date of licence expiry.
- Secure Remote Updates of license information.
- Network Licensing for multiple nodes and dealer licensing schemas.
- Tamperproof Licenses prevent unauthorized license changes.
- Set License options for multi feature based applications. - Integrated with CodeShelter Key.
How to protect with CodeShelter
Automatic protection system usage
Automatic protection system allows to attach to the key an already compiled application, in case if the source code is not available. Unlike existing instruments for automatic protection, which perform only application's code decryption without protecting it from unpacking, the CodeShelter automatic protection system permits permanently checking protection integrity by transferring part of code into secured area of virtual CPU system, which is executed in the key.
In the automatic protection system a handy option of association between protected parts of code and licensing information is implemented, which enables easily and reliably protect different application modules without spending extra time.
Automatic protection system can work in the following ways:
- Automatic protection of the whole application code without consequent key addressing;
- Automatic protection of the whole application code with consequent key addressing;
- Semi-automatic protection of the selected parts of code and procedures marked by programmer depending on licensing information.
