Introduction.
Educational questions (main part):
1. General information about electronic keys.
2. Diode keys.
3. Transistor keys
Conclusion
Literature:
L.15 Bystrov Yu.A., Mironenko I.V. Electronic circuits and devices, -M: graduate School. 1989 - 287s. With. 138-152,
L.19 Brammer Yu.A., Pashchuk A.V. Pulse and digital devices. - M.: Higher school, 1999, 351 p. With. 68-81
L21. F. Opadchy, O.P. Gludkin, A.I. Gurov "Analog and digital electronics", M. - Hot line - Telecom, 2000 p. 370-414
Educational and material support:
Lecture text Introduction
It is known that to ensure the operation of pulsed devices and obtain pulsed oscillations, it is necessary to switch a nonlinear element (close, open).
Such a mode of operation of a non-linear element is called a key, and the device, which includes this non-linear element, is called an electronic key.
1. General information about electronic keys.
Electronic key called a device that, under the influence of control signals, switches electrical circuits contactless way.
Assignment of electronic keys.
The definition itself contains the purpose of “Turning on - off”, “Closing - opening” of passive and active elements, power supplies, etc.
Classification of electronic keys.
Electronic keys are classified according to the following main features:
By type of switching element:
transistor;
trinistor, dinistor;
electrovacuum;
gas-filled (thyratron, tigatron);
optocouplers.
According to the method of switching on the switching element in relation to the load.
serial keys;
Rice. 1
parallel keys.
Rice. 2
By way of management.
with an external control signal (external in relation to the switched signal);
without an external control signal (the switched signal itself is the control signal).
By the type of the switched signal.
voltage keys;
current keys.
By the nature of the input and output voltage drops.
repeating;
Rice. 3
inverting.
Rice. 4
By the state of the electronic key in the open position.
saturated (electronic key is open until saturation);
unsaturated (electronic key is in open mode).
By the number of inputs.
single input;
Rice. 5
multi-input.
Rice. 6
Device of electronic keys.
The electronic key usually includes the following main elements:
directly non-linear element (switching element);
The principle of operation of the electronic key.
Rice. 7
Let's consider the principle of operation using the example of an ideal key.
On the image:
U in - voltage that controls the operation of the key;
R is the resistance in the power circuit;
E - supply voltage (switched voltage).
In the on state (the SA key is closed), the output voltage U out =0 (the resistance R of a closed ideal key is equal to zero).
In the off state (the key SA is open), the voltage at the output U o = E (the resistance R of an open ideal key is equal to infinity).
Such an ideal switch produces a complete opening and closing of the circuit, so that the voltage drop at the output is equal to E.
However, the real electronic key is far from ideal.
Rice. 8
It has a finite resistance in the closed state -R on deputy, and in the open state - R off at once. Those. R on lock >0, R off at once<. Следовательно, в замкнутом состоянии U вых =U ост >0 (the rest of the voltage drops on the key).
In the open state U out Thus, for the electronic key to work, it is necessary to fulfill the condition R off at once >> R incl. deputy .
Main characteristics of electronic keys.
transfer characteristic. This is the dependence of the output voltage U out on the input U in: U out \u003d f (U in). If there is no external control signal, then U o =f(E). Such characteristics show how close the electronic key is to the ideal one. The speed of the electronic key - the switching time of the electronic key. Open resistance R off at once and closed resistance R on vice. Residual voltage U rest. Threshold voltage, i.e. voltage when the resistance of the electronic key changes dramatically. Sensitivity - the minimum signal drop, which results in uninterrupted switching of the electronic key. Noise immunity - the sensitivity of the electronic key to the effects of interference pulses. Voltage drop on the electronic key in the open state. Leakage current in closed state. Application of electronic keys.
Electronic keys are used: In the simplest schemes of pulse formation. To build the main types of logic elements and basic pulse devices. Thus, electronic keys are devices that carry out switching in a non-contact way. algorithms), real time clock. Hardware dongles come in a variety of form factors, but are most commonly connected to a computer via USB. Also found with LPT - or PCMCIA -interfaces. The principle of operation of electronic keys. The key is attached to a specific computer interface. Further, the protected program sends information to it through a special driver, which is processed in accordance with the specified algorithm and returned back. If the answer of the key is correct, then the program continues its work. Otherwise, it can perform developer-defined actions, such as switching to demo mode, blocking access to certain functions. There are special keys capable of licensing (limiting the number of copies of the program running on the network) a protected application over the network. In this case, one key is sufficient for the entire local network. The key is installed on any workstation or network server. Protected applications access the dongle over the local network. The advantage is that in order to work with the application within the local network, they do not need to carry a dongle with them. 1
/
4 Arduino NFC EEPROM Dongle RC522 Card Read Module RFID OLED LCD Display Arduino NFC Ticket Metro Electronic Key RC522 Card Read Module RFID Servo A. Purnov. Why do I need an electronic key from the terminal? (trading, stock trading, stock trading) How to pay and activate an electronic key in PRAV.TV Protecting software from unlicensed use increases the developer's profit. To date, there are several approaches to solving this problem. The vast majority of software developers use various software modules that control user access using activation keys, serial numbers, etc. Such protection is a cheap solution and cannot claim to be reliable. The Internet is replete with programs that allow you to illegally generate an activation key (key generators) or block a request for a serial number / activation key (patches, cracks). In addition, do not neglect the fact that the legal user himself can make public his serial number. These obvious shortcomings led to the creation of hardware protection software in the form of an electronic key. It is known that the first electronic keys (that is, hardware devices for protecting software from illegal copying) appeared in the early 1980s, however, for obvious reasons, it is very difficult to establish primacy in the idea and direct creation of the device. Dongles are classified as hardware-based software protection methods, but modern dongles are often defined as multiplatform hardware-software tool systems for software protection. The fact is that in addition to the key itself, companies that issue electronic keys provide an SDK (Software Developer Kit - a software development kit). The SDK includes everything you need to start using the presented technology in your own software products - development tools, complete technical documentation, support for various operating systems, detailed examples, code fragments, automatic protection tools. The SDK may also include demo keys for building test projects. The technology of protection against unauthorized use of software is based on the implementation of requests from an executable file or a dynamic library to the key with subsequent receipt and, if necessary, analysis of the response. Here are some typical queries: It is worth noting that some modern keys (Guardant Code from Aktiv Company, LOCK from Astroma Ltd., Rockey6 Smart from Feitian, Senselock from Seculab) allow the developer to store their own algorithms or even separate parts of the application code (for example, developer-specific algorithms that receive big number parameters) and perform them in the key on his own microprocessor. In addition to protecting software from illegal use, this approach allows you to protect the algorithm used in the program from being studied, cloned and used in its applications by competitors. However, for a simple algorithm (and developers often make the mistake of choosing an insufficiently complex algorithm to load), cryptanalysis can be performed using the "black box" analysis method. As follows from the above, the "heart" of the electronic key is the conversion algorithm (cryptographic or other). In modern dongles, it is implemented in hardware - this practically excludes the creation of a complete dongle emulator, since the encryption key is never transmitted to the dongle output, which excludes the possibility of its interception. The encryption algorithm can be secret or public. Secret algorithms are developed by the manufacturer of protective equipment, including individually for each customer. The main disadvantage of using such algorithms is the impossibility of assessing cryptographic strength. It was only possible to say with certainty how reliable the algorithm was after the fact: whether it was hacked or not. A public algorithm, or “open source”, has incomparably greater cryptographic strength. Such algorithms are not tested by random people, but by a number of experts who specialize in the analysis of cryptography. Examples of such algorithms are the widely used GOST 28147-89, AES, RSA, Elgamal, etc. For most families of hardware dongles, automatic tools (included in the SDK) have been developed that allow you to protect the program "with a few mouse clicks". In this case, the application file is "wrapped" in the developer's own code. The functionality implemented by this code varies depending on the manufacturer, but most often the code checks for the existence of a key, controls the license policy (set by the software vendor), implements a mechanism to protect the executable file from debugging and decompilation (for example, compressing the executable file), etc. The important thing is that you do not need access to the source code of the application to use the automatic protection tool. For example, when localizing foreign products (when there is no possibility of interfering with the source code of the software), such a protection mechanism is indispensable, but it does not allow use the full potential of electronic keys and implement flexible and individual protection. In addition to using automatic protection, the software developer is given the opportunity to independently develop protection by integrating the protection system into the application at the source code level. To do this, the SDK includes libraries for various programming languages that contain a description of the API functionality for this key. The API is a set of functions designed to exchange data between the application, the system driver (and the server in the case of network dongles), and the dongle itself. API functions provide various operations with the key: searching, reading and writing memory, encrypting and decrypting data using hardware algorithms, licensing network software, etc. skillful application this method provides a high level of application security. It is rather difficult to neutralize the protection built into the application due to its uniqueness and “fuzziness” in the body of the program. In itself, the need to study and modify the executable code of a protected application in order to bypass protection is a serious obstacle to breaking it. Therefore, the task of the security developer, first of all, is to protect against possible automated hacking methods by implementing their own protection using the API for working with keys. There was no information about the full emulation of modern Guardant dongles. Existing table emulators are only implemented for specific applications. The possibility of their creation was due to non-use (or illiterate use) of the main functionality of electronic keys by protection developers. There is also no information about full or at least partial emulation of LOCK keys, or about any other ways to bypass this protection. An attacker examines the logic of the program itself in order to, after analyzing the entire application code, isolate the protection block and deactivate it. Programs are hacked using debugging (or stepping), decompilation, and a core dump. These methods of analyzing the executable code of a program are most often used by attackers in combination. Debugging is carried out using a special program - a debugger, which allows you to execute any application step by step, emulating the operating environment for it. important function debugger is the ability to install stopping points (or conditions) code execution. Using them, it is easier for an attacker to track the places in the code where accesses to the key are implemented (for example, execution stops on a message like "Key is missing! Check for the presence of the key in the USB interface"). Disassembly- a way to convert the code of executable modules into a human-readable programming language - Assembler. In this case, the attacker gets a printout (listing) of what the application is doing. Decompilation- converting the application's executable module into program code in the language high level and getting a representation of the application close to the source code. It can only be done for some programming languages (in particular, for .NET applications created in C# and distributed in bytecode, a relatively high-level interpreted language). The essence of the attack memory dump is to read the contents of RAM at the moment when the application started to execute normally. As a result, the attacker receives the working code (or the part of interest to him) in "pure form" (if, for example, the application code was encrypted and is only partially decrypted during the execution of one or another section). The main thing for an attacker is to choose the right moment. Note that there are many ways to counteract debugging, and security developers use them: code non-linearity, (multithreading), non-deterministic execution sequence, code “littering” (useless functions that perform complex operations in order to confuse the attacker), the use of imperfect debuggers themselves, etc. (Software) and data from copying, illegal use and unauthorized distribution. Modern electronic keys The principle of operation of electronic keys. The key is attached to a specific computer interface. Further, the protected program sends information to it through a special driver, which is processed in accordance with the specified algorithm and returned back. If the answer of the key is correct, then the program continues its work. Otherwise, it can perform developer-defined actions, such as switching to demo mode, blocking access to certain functions. There are special keys capable of licensing (limiting the number of copies of the program running on the network) a protected application over the network. In this case, one key is enough for the entire local network. The key is installed on any workstation or network server. Protected applications access the dongle over the local network. The advantage is that in order to work with the application within the local network, they do not need to carry a dongle with them. On Russian market The following product lines are best known (in alphabetical order): CodeMeter from WIBU-SYSTEMS, Guardant from Aktiv, HASP from Aladdin, LOCK from Astroma Ltd., Rockey from Feitian, SenseLock from Seculab, etc. Protecting software from unlicensed use increases the developer's profit. To date, there are several approaches to solving this problem. The vast majority of software developers use various software modules that control user access using activation keys, serial numbers, etc. Such protection is a cheap solution and cannot claim to be reliable. The Internet is replete with programs that allow you to illegally generate an activation key (key generators) or block a request for a serial number / activation key (patches, cracks). In addition, do not neglect the fact that the legal user himself can make public his serial number. These obvious shortcomings led to the creation of hardware software protection in the form of an electronic key. It is known that the first electronic keys (that is, hardware devices for protecting software from illegal copying) appeared in the early 1980s, however, for obvious reasons, it is very difficult to establish primacy in the idea and direct creation of the device. Dongles are classified as hardware-based software protection methods, but modern dongles are often defined as multiplatform hardware-software tool systems for software protection. The fact is that in addition to the key itself, companies that issue electronic keys provide an SDK (Software Developer Kit - a software development kit). The SDK includes everything you need to start using the presented technology in your own software products - development tools, full technical documentation, support for various operating systems, detailed examples, code fragments, tools for automatic protection. The SDK may also include demo keys for building test projects. The technology of protection against unauthorized use of software is based on the implementation of requests from an executable file or a dynamic library to a key with subsequent receipt and, if necessary, analysis of the response. Here are some typical queries: It is worth noting that some modern keys (Guardant Code from Aktiv Company, LOCK from Astroma Ltd., Rockey6 Smart from Feitian, Senselock from Seculab) allow the developer to store their own algorithms or even separate parts of the application code (for example, developer-specific algorithms that receive a large number of parameters as input) and perform them in the key on his own microprocessor. In addition to protecting software from illegal use, this approach allows you to protect the algorithm used in the program from being studied, cloned and used in its applications by competitors. However, for a simple algorithm (and developers often make the mistake of choosing an insufficiently complex algorithm to load), cryptanalysis can be performed using the "black box" analysis method. As follows from the above, the "heart" of the electronic key is the conversion algorithm (cryptographic or other). In modern dongles, it is implemented in hardware - this practically excludes the creation of a full key emulator, since the encryption key is never transmitted to the dongle output, which excludes the possibility of its interception. The encryption algorithm can be secret or public. Secret algorithms are developed by the manufacturer of protective equipment, including individually for each customer. The main disadvantage of using such algorithms is the impossibility of assessing cryptographic strength. It was only possible to say with certainty how reliable the algorithm was after the fact: whether it was hacked or not. A public algorithm, or “open source”, has incomparably greater cryptographic strength. Such algorithms are not tested by random people, but by a number of experts who specialize in the analysis of cryptography. Examples of such algorithms are the widely used GOST 28147-89, AES, RSA, Elgamal, etc. For most families of hardware dongles, automatic tools (included in the SDK) have been developed that allow you to protect the program "with a few mouse clicks". In this case, the application file is "wrapped" in the developer's own code. The functionality implemented by this code varies depending on the manufacturer, but most often the code checks for the presence of a key, controls the license policy (set by the software vendor), implements a mechanism to protect the executable file from debugging and decompilation (for example, compressing the executable file), etc. The important thing is that you do not need access to the application's source code to use the automatic protection tool. For example, when localizing foreign products (when there is no possibility of interfering with the source code of the software), such a protection mechanism is indispensable, but it does not allow realize and use the full potential of electronic keys and implement flexible and individual protection. In addition to using automatic protection, the software developer is given the opportunity to independently develop protection by integrating the protection system into the application at the source code level. To do this, the SDK includes libraries for various programming languages that contain a description of the API functionality for this key. The API is a set of functions designed to exchange data between the application, the system driver (and the server in the case of network dongles), and the dongle itself. API functions provide various operations with the key: searching, reading and writing memory, encrypting and decrypting data using hardware algorithms, licensing network software, etc. Skillful application of this method provides a high level of application security. It is rather difficult to neutralize the protection built into the application due to its uniqueness and “fuzziness” in the body of the program. In itself, the need to study and modify the executable code of a protected application in order to bypass protection is a serious obstacle to breaking it. Therefore, the task of the security developer, first of all, is to protect against possible automated hacking methods by implementing their own protection using the key management API. There was no information about the full emulation of modern Guardant dongles. Existing table emulators are only implemented for specific applications. The possibility of their creation was due to non-use (or illiterate use) of the main functionality of electronic keys by protection developers. There is also no information about full or at least partial emulation of LOCK keys, or about any other ways to bypass this protection. An attacker examines the logic of the program itself in order to, after analyzing the entire application code, isolate the protection block and deactivate it. Programs are cracked by debugging (or stepping), decompiling, and dumping main memory. These methods of analyzing the executable code of a program are most often used by attackers in combination. Debugging is carried out using a special program - a debugger, which allows you to execute any application step by step, emulating the operating environment for it. An important function of the debugger is the ability to set stopping points (or conditions) code execution. Using them, it is easier for an attacker to track the places in the code where accesses to the key are implemented (for example, execution stops on a message like "Key is missing! Check for the presence of the key in the USB interface"). Disassembly- a way to convert the code of executable modules into a human-readable programming language - Assembler. In this case, the attacker gets a printout (listing) of what the application is doing. Decompilation- converting the executable module of the application into a program code in a high-level language and obtaining a representation of the application that is close to the source code. It can only be done for some programming languages (in particular, for .NET applications created in C# and distributed in bytecode, a relatively high-level interpreted language). The essence of the attack memory dump is to read the contents of RAM at the moment when the application started to execute normally. As a result, the attacker receives the working code (or the part of interest to him) in "pure form" (if, for example, the application code was encrypted and is only partially decrypted during the execution of one or another section). The main thing for an attacker is to choose the right moment. Note that there are many ways to counteract debugging, and security developers use them: code non-linearity, (multithreading), non-deterministic execution sequence, code “littering” (useless functions that perform complex operations in order to confuse the attacker), the use of imperfect debuggers themselves, etc. Many of those who constantly interact with electronic document management have probably come across such a concept as an electronic signature. Nevertheless, for most people this term remains unfamiliar, but those who managed to try this tool were not disappointed. If to speak plain language, an electronic signature is an analogue of a handwritten signature. Often this method is used when working with electronic documents, regardless of the field of activity. Let's take a closer look at what it is, what it is used for and how to get an electronic signature key. People who have not yet had time to get acquainted with this tool have logical questions about why, in general, an EDS is needed, when you can simply print a document on a printer, endorse it and put the usual seal? So, there are a number of reasons why an electronic signature is more valuable than a real one. Let's consider them in more detail: 1. Electronic document management. In the conditions of modern computerization, there is no need to save documents in paper form, as it has been done before. Now everything state organizations recognize legal force and convenience electronic documents for several reasons: In the case of inter-corporate circulation of documents, an electronic signature has no analogues at all, since it completely solves the issue of trips to sign documents in subsidiaries. Access from a computer to the documents of the merged companies is provided by ES, which is a guarantee of authenticity, and also facilitates communication between managers. 2. Reporting. Documentation, backed up by an electronic signature, has legal force, which means that you do not need to send a courier or take the documents yourself, you just need to open a document with a report, attach an EDS and send it to the addressee by e-mail. All actions will take only a few minutes. 3. public services. The main advantage is that you do not need to waste time on long queues. An individual can simply enter an electronic signature on a universal electronic card (UEC), which already has all the important data. 4. Online trading. In this situation, the EDS guarantees that a real person takes part in the auction, who bears a financial obligation for non-compliance with the terms of the contract. 5. Arbitration Court. Electronic documents supported by ES are recognized as full-fledged evidence. 6. Transfer of documentation. This option is especially useful for legal entities, because it gives the right to: Heads of organizations with an embedded system electronic document management forever get rid of questions about the processing and safety of folders with important papers. Thinking about how to get a certificate of an electronic signature key now? The answer to this and many other relevant questions can be found below. The qualified type of electronic key is the most common, since the principle of its operation is extremely simple - the EDS is registered in the Certification Center, where its electronic copy is stored. Don't know how to get a digital signature verification key certificate? A copy is sent to partners, and only the owner company has access to the original key certificate. Having received an electronic key, the owner installs a special program on the computer that generates a signature, which is a block with the following data: Partners after receiving the documentation, must receive qualified certificate an electronic signature verification key for the decryption process, that is, authentication control. Certificate digital signature valid for one year and contains the following information: It is practically impossible to forge a digital signature, for this reason it is unrealistic to insure it against falsification. All processes using keys are carried out exclusively within the program, whose original interface helps in the implementation of electronic document management. Having studied all the advantages of EDS, you have decided to get it. Wonderful! But then the question arises, how to get an electronic signature key? The answer to it is in the expanded step by step instructions below. The process of obtaining an electronic signature itself is very simple, however, in some situations, obtaining an electronic signature may be refused, for example, erroneous data is indicated in the application or an incomplete package of documents is provided. In such cases, the errors should be corrected and the application resubmitted. Don't know how to get an unqualified electronic signature key? First of all, you should understand the types of digital signatures, which, in accordance with federal law, are several: Most customers apply for a qualified signature, which is quite understandable, since scammers of various categories are hunting for an electronic signature, as well as for other keys that provide access to personal information and transactions related to finances. Don't know where to get an electronic signature key? In a certification authority, this is an institution that produces and issues electronic digital signatures. Now more than a hundred such centers operate in Russia. An online application will allow you to save personal time, in addition, it contains a minimum amount of information: initials, telephone number for contact and email address. After sending, within an hour, the phone will receive a call from an employee of the certification center to clarify the entered data. During the conversation, he will be able to answer all your questions and advise on the types of digital signatures. Don't know how to get an electronic signature key? First you need to pay the bill, this is done before receiving the EDS. Immediately after confirming the application and agreeing on the nuances with the client, an invoice is issued in his name. The cost of a digital signature varies, depending on the chosen organization, area of residence and type of signature. The cost includes: The cost of a digital signature starts from 1500 rubles, the average ranges from 5 to 7 thousand rubles. When ordering a large number signatures, for example, for the entire organization, the minimum cost may be lower. Do not know how to get an electronic signature key for IP? The list of documents for different categories of citizens varies significantly: individual, a legal entity or an individual entrepreneur, therefore, we will analyze the package of documents required to obtain an EDS separately for each group. In order to obtain an electronic signature key for tax, an individual entrepreneur must provide the following set of documents: If you have a power of attorney and a passport, a digital signature individual entrepreneur may be taken by his confidant. How to get an electronic signature key for a tax individual? First of all, the following documents should be prepared: And, finally, we come to the last question: where can I get an electronic signature key for public services and other services? This can be done at special pick-up points located throughout Russia. Detailed information about certification centers is located on the official website of the organization, in a special section. Basically, the period for obtaining a digital signature does not exceed three days. There may be delay on the part of the applicant, due to late payment of the invoice or errors in the documentation. Important! give great attention an extract from the unified state register of legal entities and individuals, since the process of preparing a document takes 5 working days! Now you know where and how to get an electronic signature key. The registration process is quite simple, and with proper preparation, it will take very little time.Encyclopedic YouTube
Subtitles
Story
Software protection with an electronic key
Software Development Kit
Protection technology
Protection with automatic means
Implementing Security with API Functions
Security bypass
Hacking a software module
Story
Software protection with an electronic key
Software Development Kit
Protection technology
Protection with automatic means
Implementing Security with API Functions
Security bypass
Hacking a software module
What is an electronic signature for?
How it works?
The procedure for obtaining an EDS. Step-by-step instruction
Step 1. Selecting the type of EDS
Step 2Certification Authority
Step 3. Making an application
Step 4. Payment
Step 5. Documentation preparation
Legal entities
Individual entrepreneurs
Individuals
Step 6. Obtaining a digital signature: the final stage
