This document describes a microcontroller-based circuit designed for software protection. The circuit exchanges an encrypted key between a protected software program and a hardware "hard key". The key exchange process and encryption algorithm are described. The circuit hardware components including a microcontroller, crystal oscillator, and MAX232 chip are listed. Software was written in C to control the microcontroller. Testing showed the protected software runs fully with a valid hard key, but with limitations without a valid key, demonstrating the circuit can reliably protect software from unauthorized use and piracy.
Der Vortrag zeigt anhand von Beispielen für Angriffe auf eingebettete Systeme, wie sie in vernetzten Systemen heute schon praktiziert werden, wie wichtig Security hier ist.
Aus den Angriffen und einer Prognose über die Weiterentwicklung der System-funktionen werden Sicherheitsanforderungen für eingebettete Systeme der Zukunft abgeleitet. Daraus ergibt sich dann eine Sicherheitsarchitektur für die Systeme mit wichtigen Standardkomponenten als Vertrauensanker. Dazu zählen sogenannte Secure Elements, sichere Identitäten und separierende Betriebssysteme.
Hierzu werden aktuelle Forschungsarbeiten zum Einsatz von Secure Elements im Automobil, Smart Grid und mobilen Endgeräten vorgestellt. Es wird gezeigt, wie sichere Identitäten aus Materialeigenschaften mit Physical Unclonable Functions abgeleitet werden können und wie Betriebssysteme, die Secure Elements und Separierung nutzen, die Sicherheit erhöhen.
Kolloquiumsvortrag von Prof. Georg Sigl, Technische Universität München
Dienstag, 17.12.2013, 16:00 Uhr, Hörsaal 47.03 (Elektrotechnikgebäude, Pfaffenwaldring 47)
Informatik-Forum Stuttgart e.V.
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAijp2p
The objective of the proposed system is to integrate the high volume of data along with the important
considerations like monitoring a wide array of heterogeneous security. When a real time cyber attack
occurred, the Intrusion Detection System automatically store the log in distributed environment and
monitor the log with existing intrusion dictionary. At the same time the system will check and categorize the
severity of the log to high, medium, and low respectively. After the categorization, the system will
automatically take necessary action against the user-unit with respect to the severity of the log. The
advantage of the system is that it utilize anomaly detection, evaluates data and issue alert message or
reports based on abnormal behaviour.
Der Vortrag zeigt anhand von Beispielen für Angriffe auf eingebettete Systeme, wie sie in vernetzten Systemen heute schon praktiziert werden, wie wichtig Security hier ist.
Aus den Angriffen und einer Prognose über die Weiterentwicklung der System-funktionen werden Sicherheitsanforderungen für eingebettete Systeme der Zukunft abgeleitet. Daraus ergibt sich dann eine Sicherheitsarchitektur für die Systeme mit wichtigen Standardkomponenten als Vertrauensanker. Dazu zählen sogenannte Secure Elements, sichere Identitäten und separierende Betriebssysteme.
Hierzu werden aktuelle Forschungsarbeiten zum Einsatz von Secure Elements im Automobil, Smart Grid und mobilen Endgeräten vorgestellt. Es wird gezeigt, wie sichere Identitäten aus Materialeigenschaften mit Physical Unclonable Functions abgeleitet werden können und wie Betriebssysteme, die Secure Elements und Separierung nutzen, die Sicherheit erhöhen.
Kolloquiumsvortrag von Prof. Georg Sigl, Technische Universität München
Dienstag, 17.12.2013, 16:00 Uhr, Hörsaal 47.03 (Elektrotechnikgebäude, Pfaffenwaldring 47)
Informatik-Forum Stuttgart e.V.
REAL-TIME INTRUSION DETECTION SYSTEM FOR BIG DATAijp2p
The objective of the proposed system is to integrate the high volume of data along with the important
considerations like monitoring a wide array of heterogeneous security. When a real time cyber attack
occurred, the Intrusion Detection System automatically store the log in distributed environment and
monitor the log with existing intrusion dictionary. At the same time the system will check and categorize the
severity of the log to high, medium, and low respectively. After the categorization, the system will
automatically take necessary action against the user-unit with respect to the severity of the log. The
advantage of the system is that it utilize anomaly detection, evaluates data and issue alert message or
reports based on abnormal behaviour.
In this research work an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) will be implemented to detect and prevent critical networks infrastructure from cyber-attacks. To strengthen network security and improve the network's active defense intrusion detection capabilities, this project will consist of intrusion detection system using honey token based encrypted pointers and intrusion prevention system which based on the mixed interactive honeypot. The Intrusion Detection System (IDS) is based on the novel approach of Honey Token based Encrypted Pointers. This honey token inside the frame will serve as a trap for the attacker. All nodes operating within the working domain of critical infrastructure network are divided into four different pools. This division is based per their computational power and level of vulnerability. These pools are provided with different levels of security measures within the network. IDS use different number of Honey Tokens (HT) per frame for every different pool e.g. Pool-A contains 4 HT/frame, Pool-B contains 3 HT/frame, Pool-C contains 2 HT/frame and Pool-D contain 1 HT/frame. Moreover, every pool uses different types of encryption schemes (AES-128,192,256). Our critical infrastructure network of 64 nodes is under the umbrella of unified security provided by this single Network Intrusion Detection System (NIDS). After the design phase of IDS, we analyze the performance of IDS in terms of True Positives (TP) and False Negatives (FN). Finally, we test these IDS through Network Penetration Testing (NPT) phase. The detection rate depends on the number of honey tokens per frame. Our proposed IDS are a scalable solution and it can be implemented for any number of nodes in critical infrastructure network. However, in case of Intrusion Prevention System (IPS) we use Virtual honeypot technology which is the best active prevention technology among all honeypot technologies. By using the original operating system and virtual technology, the honeypot lures attackers in a pre-arranged manner, analyzes and audits various attacking behavior, tracks the attack source, obtains evidence, and finds effective solutions.
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
How to do Cryptography right in Android Part TwoArash Ramez
Cryptography is an indispensable tool used to protect information in computing systems. It is used everywhere and by billions of people worldwide on a daily basis. It is used to protect data at rest and data in motion. While extremely useful, cryptography is also highly brittle. The most secure cryptographic system can be rendered completely insecure by a single specification or programming error.to argue that a cryptosystem is secure, we rely on mathematical modeling and proofs to show that a particular system satisfies the security properties attributed to it.
We often need to introduce certain plausible assumptions to push our security arguments through.
This presentation is about exactly that: constructing practical cryptosystems in android platform for which we can argue security under plausible assumptions.part one just covers fundamentals topics in cryptography world.
see videos :
https://www.youtube.com/playlist?list=PLT2xIm2X7W7j-arpnN90cuwBcNN_5L3AU
https://www.aparat.com/v/gtlHP
This 2-part presentation, "Mission Critical Security in a Post-Stuxnet World," contains slides from the Hirschmann 2011 Mission Critical Network Design Seminar. It summarizes a lot of information about the Stuxnet malware and discusses what it means for the future of SCADA and ICS security.
The presentation is ideal for anyone needing a crash course on Stuxnet, or as a tool for informing management about the implications of it.
Final Year Engineering Internship Report for Internship at Siemens Information Systems Ltd. Project : Network Intrusion Detection And Prevention Using Snort And Iptables
Research talk I gave at Semiconductor Research Corporation workshop in September 2017. Here I set research goals to create a new type of security technology to protect autonomous systems.
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
Android Gated-Authentication Architecture and User Authentication using finger-print has been reviewed in this part.
youtube playlist:
https://www.youtube.com/playlist?list=PLT2xIm2X7W7jyqMXjSpNeRRzgoW_1iJg5
aparat:
https://www.aparat.com/v/LvVtZ
In this research work an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) will be implemented to detect and prevent critical networks infrastructure from cyber-attacks. To strengthen network security and improve the network's active defense intrusion detection capabilities, this project will consist of intrusion detection system using honey token based encrypted pointers and intrusion prevention system which based on the mixed interactive honeypot. The Intrusion Detection System (IDS) is based on the novel approach of Honey Token based Encrypted Pointers. This honey token inside the frame will serve as a trap for the attacker. All nodes operating within the working domain of critical infrastructure network are divided into four different pools. This division is based per their computational power and level of vulnerability. These pools are provided with different levels of security measures within the network. IDS use different number of Honey Tokens (HT) per frame for every different pool e.g. Pool-A contains 4 HT/frame, Pool-B contains 3 HT/frame, Pool-C contains 2 HT/frame and Pool-D contain 1 HT/frame. Moreover, every pool uses different types of encryption schemes (AES-128,192,256). Our critical infrastructure network of 64 nodes is under the umbrella of unified security provided by this single Network Intrusion Detection System (NIDS). After the design phase of IDS, we analyze the performance of IDS in terms of True Positives (TP) and False Negatives (FN). Finally, we test these IDS through Network Penetration Testing (NPT) phase. The detection rate depends on the number of honey tokens per frame. Our proposed IDS are a scalable solution and it can be implemented for any number of nodes in critical infrastructure network. However, in case of Intrusion Prevention System (IPS) we use Virtual honeypot technology which is the best active prevention technology among all honeypot technologies. By using the original operating system and virtual technology, the honeypot lures attackers in a pre-arranged manner, analyzes and audits various attacking behavior, tracks the attack source, obtains evidence, and finds effective solutions.
This talk is about how to get into ICS security, whether you’re a control system engineer or an IT security analyst. It will cover the basic paths you can take to get involved, including some helpful resources and standards to help get you started. The ICS Security industry needs more people to help protect Critical Infrastructure!
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
How to do Cryptography right in Android Part TwoArash Ramez
Cryptography is an indispensable tool used to protect information in computing systems. It is used everywhere and by billions of people worldwide on a daily basis. It is used to protect data at rest and data in motion. While extremely useful, cryptography is also highly brittle. The most secure cryptographic system can be rendered completely insecure by a single specification or programming error.to argue that a cryptosystem is secure, we rely on mathematical modeling and proofs to show that a particular system satisfies the security properties attributed to it.
We often need to introduce certain plausible assumptions to push our security arguments through.
This presentation is about exactly that: constructing practical cryptosystems in android platform for which we can argue security under plausible assumptions.part one just covers fundamentals topics in cryptography world.
see videos :
https://www.youtube.com/playlist?list=PLT2xIm2X7W7j-arpnN90cuwBcNN_5L3AU
https://www.aparat.com/v/gtlHP
This 2-part presentation, "Mission Critical Security in a Post-Stuxnet World," contains slides from the Hirschmann 2011 Mission Critical Network Design Seminar. It summarizes a lot of information about the Stuxnet malware and discusses what it means for the future of SCADA and ICS security.
The presentation is ideal for anyone needing a crash course on Stuxnet, or as a tool for informing management about the implications of it.
Final Year Engineering Internship Report for Internship at Siemens Information Systems Ltd. Project : Network Intrusion Detection And Prevention Using Snort And Iptables
Research talk I gave at Semiconductor Research Corporation workshop in September 2017. Here I set research goals to create a new type of security technology to protect autonomous systems.
How to do right cryptography in android part 3 / Gated Authentication reviewedArash Ramez
Android Gated-Authentication Architecture and User Authentication using finger-print has been reviewed in this part.
youtube playlist:
https://www.youtube.com/playlist?list=PLT2xIm2X7W7jyqMXjSpNeRRzgoW_1iJg5
aparat:
https://www.aparat.com/v/LvVtZ
Intel® Software Guard Extensions (Intel® SGX) is Intel’s Trusted Execution Environment for client and data center. It provides the foundation for many secure use cases.
The project entitled with “Network Security System” is related to hacking attacks in computer systems over internet. In today’s world many of the computer systems and servers are not secure because of increasing the hacking attacks or hackers with growing information, so information security specialist’s requirement has gone high.
Comprehensive program for Agricultural Finance, the Automotive Sector, and Empowerment . We will define the full scope and provide a detailed two-week plan for identifying strategic partners in each area within Limpopo, including target areas.:
1. Agricultural : Supporting Primary and Secondary Agriculture
• Scope: Provide support solutions to enhance agricultural productivity and sustainability.
• Target Areas: Polokwane, Tzaneen, Thohoyandou, Makhado, and Giyani.
2. Automotive Sector: Partnerships with Mechanics and Panel Beater Shops
• Scope: Develop collaborations with automotive service providers to improve service quality and business operations.
• Target Areas: Polokwane, Lephalale, Mokopane, Phalaborwa, and Bela-Bela.
3. Empowerment : Focusing on Women Empowerment
• Scope: Provide business support support and training to women-owned businesses, promoting economic inclusion.
• Target Areas: Polokwane, Thohoyandou, Musina, Burgersfort, and Louis Trichardt.
We will also prioritize Industrial Economic Zone areas and their priorities.
Sign up on https://profilesmes.online/welcome/
To be eligible:
1. You must have a registered business and operate in Limpopo
2. Generate revenue
3. Sectors : Agriculture ( primary and secondary) and Automative
Women and Youth are encouraged to apply even if you don't fall in those sectors.
What Exactly Is The Common Rail Direct Injection System & How Does It WorkMotor Cars International
Learn about Common Rail Direct Injection (CRDi) - the revolutionary technology that has made diesel engines more efficient. Explore its workings, advantages like enhanced fuel efficiency and increased power output, along with drawbacks such as complexity and higher initial cost. Compare CRDi with traditional diesel engines and discover why it's the preferred choice for modern engines.
5 Warning Signs Your BMW's Intelligent Battery Sensor Needs AttentionBertini's German Motors
IBS monitors and manages your BMW’s battery performance. If it malfunctions, you will have to deal with an array of electrical issues in your vehicle. Recognize warning signs like dimming headlights, frequent battery replacements, and electrical malfunctions to address potential IBS issues promptly.
Core technology of Hyundai Motor Group's EV platform 'E-GMP'Hyundai Motor Group
What’s the force behind Hyundai Motor Group's EV performance and quality?
Maximized driving performance and quick charging time through high-density battery pack and fast charging technology and applicable to various vehicle types!
Discover more about Hyundai Motor Group’s EV platform ‘E-GMP’!
Why Is Your BMW X3 Hood Not Responding To Release CommandsDart Auto
Experiencing difficulty opening your BMW X3's hood? This guide explores potential issues like mechanical obstruction, hood release mechanism failure, electrical problems, and emergency release malfunctions. Troubleshooting tips include basic checks, clearing obstructions, applying pressure, and using the emergency release.
What Does the Active Steering Malfunction Warning Mean for Your BMWTanner Motors
Discover the reasons why your BMW’s Active Steering malfunction warning might come on. From electrical glitches to mechanical failures and software anomalies, addressing these promptly with professional inspection and maintenance ensures continued safety and performance on the road, maintaining the integrity of your driving experience.
Symptoms like intermittent starting and key recognition errors signal potential problems with your Mercedes’ EIS. Use diagnostic steps like error code checks and spare key tests. Professional diagnosis and solutions like EIS replacement ensure safe driving. Consult a qualified technician for accurate diagnosis and repair.
What Does the PARKTRONIC Inoperative, See Owner's Manual Message Mean for You...Autohaus Service and Sales
Learn what "PARKTRONIC Inoperative, See Owner's Manual" means for your Mercedes-Benz. This message indicates a malfunction in the parking assistance system, potentially due to sensor issues or electrical faults. Prompt attention is crucial to ensure safety and functionality. Follow steps outlined for diagnosis and repair in the owner's manual.
𝘼𝙣𝙩𝙞𝙦𝙪𝙚 𝙋𝙡𝙖𝙨𝙩𝙞𝙘 𝙏𝙧𝙖𝙙𝙚𝙧𝙨 𝙞𝙨 𝙫𝙚𝙧𝙮 𝙛𝙖𝙢𝙤𝙪𝙨 𝙛𝙤𝙧 𝙢𝙖𝙣𝙪𝙛𝙖𝙘𝙩𝙪𝙧𝙞𝙣𝙜 𝙩𝙝𝙚𝙞𝙧 𝙥𝙧𝙤𝙙𝙪𝙘𝙩𝙨. 𝙒𝙚 𝙝𝙖𝙫𝙚 𝙖𝙡𝙡 𝙩𝙝𝙚 𝙥𝙡𝙖𝙨𝙩𝙞𝙘 𝙜𝙧𝙖𝙣𝙪𝙡𝙚𝙨 𝙪𝙨𝙚𝙙 𝙞𝙣 𝙖𝙪𝙩𝙤𝙢𝙤𝙩𝙞𝙫𝙚 𝙖𝙣𝙙 𝙖𝙪𝙩𝙤 𝙥𝙖𝙧𝙩𝙨 𝙖𝙣𝙙 𝙖𝙡𝙡 𝙩𝙝𝙚 𝙛𝙖𝙢𝙤𝙪𝙨 𝙘𝙤𝙢𝙥𝙖𝙣𝙞𝙚𝙨 𝙗𝙪𝙮 𝙩𝙝𝙚 𝙜𝙧𝙖𝙣𝙪𝙡𝙚𝙨 𝙛𝙧𝙤𝙢 𝙪𝙨.
Over the 10 years, we have gained a strong foothold in the market due to our range's high quality, competitive prices, and time-lined delivery schedules.
Things to remember while upgrading the brakes of your carjennifermiller8137
Upgrading the brakes of your car? Keep these things in mind before doing so. Additionally, start using an OBD 2 GPS tracker so that you never miss a vehicle maintenance appointment. On top of this, a car GPS tracker will also let you master good driving habits that will let you increase the operational life of your car’s brakes.
In this presentation, we have discussed a very important feature of BMW X5 cars… the Comfort Access. Things that can significantly limit its functionality. And things that you can try to restore the functionality of such a convenient feature of your vehicle.
"Trans Failsafe Prog" on your BMW X5 indicates potential transmission issues requiring immediate action. This safety feature activates in response to abnormalities like low fluid levels, leaks, faulty sensors, electrical or mechanical failures, and overheating.
What Causes 'Trans Failsafe Prog' to Trigger in BMW X5
[Codientu.org] design of a microcontroller based circuit for software protection
1. IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), ISSN: 2249-9555
Vol. 3, No.1, February 2013
149
Design of a Microcontroller-based Circuit
for Software Protection
Eshtiag Jah Alrasool Alsideg Mohammed Ahmed.
Faculty of Science And Art - King AbdAlaziz University
KAU
Jeddah, Saudi Arabia.
El-nzeer El-ameen Mohammed Ali
Gezira Collage of Technology
GCT
medani, Sudan.
Abstract—In light of technological development, exploit the
potential of computer and benefit from its services has become
very important, so the computer software has played a major role
in various fields in our life. Facing the use of these software and
their manufacturing many of risks such as piracy and
unauthorized usage. The object of this research is to contribute in
getting rid of those problems by develop a microcontroller-based
circuit for software protection. In which a key is completely
encrypted in the hardware and that is an easy to use license
manager that creates professional and secure license keys to
protect your software against piracy and unauthorized usage. The
designed circuit has been successfully tested. It shows a reliable
software protection.
Keywords - hard key, software protection, serial port
microcontroller-based circuit, piracy, encryption algorithm.
I. INTRODUCTION
computer programs have become more important and with
the number of personal computers and Internet users grow, the
incidence of software piracy, reverse engineering,
modification, break-once run everywhere (BORE) – attacks,
copy and illegal usage are some problem faced the software
development and distribution, that denies software companies
and vendors their rightful return on investment. Due to the
large loss revenues of software companies, the software
vendors have to pay more attention to develop new protection
technique against unauthorized and illegal usage. Although
legal protection tools like trade secrets, copyright, patents and
trademarks have been put into use, they are not adequate for the
software protection. Other methods.such as using serial
numbers or user name/password offer only weak protection,
since programs are digital products they can be copied bit by
bit entirely. Without any help from hardware side, protected
software eventually can be cracked by professional crackers.[1]
Authors of computer software always feel aggrieved that their
works are copied and stalling by unauthorized pirates.
Consequently program vendors have been researching
extensively to invent a foolproof device to prevent their
software, and then they could sell their protected programs at a
low price to achieve a large market. [2] For that they develop
some techniques for software copy and license protection that
prevents the applications from being run on different machines,
Volume ID(This method restricts the user to run the application
only on the specified drive volume), MAC Address (The MAC
Address (Media Access Control) is the hardware addressof
anetwork adapter, Hostname(The windows PC name is unique
within a network and can be used for copy protection),
NetBIOS Computer Name (The NetBIOS computer name is
available on every PC. It can be used for software copy
protection only on a single user installation (available only with
the Professional Edition)) , Volume ID + UNC Pathname (This
Installation Code combines the Volume ID with the absolute
path of the license file. Assume a situation where an
application is installed several times on the same machine, but
in different directories: The Volume ID is identical on all
installations and therefore the installation may be used by many
users (3 installations with 20 licenses allow 60 users to work
with your software, but you only sold 20 licenses). With this
installation code type the problem of several installations is
eliminated), MAC Address + UNC Pathname (This Installation
Code combines the MAC address with the absolute path of the
license file (for details why using the pathname see Volume ID
+ UNC pathname ), Combination Volume ID + MAC Address
+ Hostname + UNC Pathname (This Installation Code offers
the most restrictive protection as all criteria have to match),
Combination Volume ID + MAC Address + Hostname
(Restrictive protection for single user applications), IP Address
(Uses the IP address of the licensed hardware. Only possible if
a static IP address is available. [3], and tools which creates
professional and secure license keys to protect software against
piracy , Quick License Manager (QLM) (QLM is an easy to
use license manager that creates professional and secure license
keys to protect your software against piracy. You can create
permanent or evaluation (trial) license keys in a snap. Integrate
QLM with your application ). [4], Smart Dongle (The primary
function of Smart dongle is to protect software from piracy.
This robust unit can be used to carry passwords, signatures,
executable code, or other sensitive data, making it as difficult
as possible to steal your software. The affordable price makes it
a valuable asset for developers who are looking for an easy,
cost-effective security solution for their software while
providing portability and convenience to end-users), Matrix-
Dongle (Matrix is a reliable safety system for the protection of
your software from unauthorized usage and reproduction.
Whole purpose is to protect software licenses against software
piracy. [5], Cryp Key DAL (Distributor Authorizing License)
(Cryp Key DAL is gives vendors the ability to grant others
permission to authorize software. With Cryp Key DAL, the
vendor achieves control over the number of licenses a
distributor can issue by providing a distributor with a pre-
configured copy of Cryp Key's SKG (Site Key Generator). The
vendor uses its Master SKG to authorize the distributor's SKG
2. IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), ISSN: 2249-9555
Vol. 3, No.1, February 2013
150
for a limited number of runs. Cryp Key Instant is a software-
based solution that embeds its licensing protection directly into
your application executable. It protects applications by
wrapping and encrypting your executable (EXE) or dynamic
link library (DLL) files with Cryp Key’s proven protection
technologies). [6], HardKey License Manager: (allows to
generate cryptographically strong serial numbers based on
asymmetric crypto algorithm.[7].
Design of a microcontroller-based circuit for software
protection (hard key) is an extension to that tools and it is
protects software from piracy and unauthorized usage by
exchange encrypted key with protected software.
II. SYSTEM DESIGN
Reverse engineering, modification, and break-once run
everywhere (BORE)– attacks, copy and illegal usage are some
problems faced the software development and distribution.
Design of a microcontroller-based circuit for software
protection (hard key) protects software from all above. Hard
key still costive and not more available. For these reasons there
should be a method of designing of a microcontroller based
circuit for software protection (hard key) that is far less cheap.
The following sections describe the design steps of the
proposed system
A. Hardware Design
The system is composed of three main parts namely; serial
port, max 232 and microcontroller. The serial port is a
computer port which is opens by the protected software that
sends its key to the max232 which converts signals from an
RS-232 serial port to signals suitable for use in TTL compatible
digital logic circuits. The microcontroller which receive that
key and sends it encrypted to the protected software via
max232 works under software control.
Figure 1. System Block Diagram
Figure 1: System Circuit Diagram explain the need of
MAX232 which is compatible with RS-232 standard, and
consists of dual transceiver. Each receiver converts TIA/EIA-
232-E levels into 5V TTL/CMOS levels. Each driver converts
TTL/COMS levels into TIA/EIA-232-E levels.
Figure 2. System Circuit Diagram
3. IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), ISSN: 2249-9555
Vol. 3, No.1, February 2013
151
Figure 2: the circuit diagram of the system, consist of
AT16L microcontroller, max 232 and serial port. It shows the
max 232 circuit and it's connection with of AT16L
microcontroller rand the serial port
B. Software Development
The functionality of the system describes a simple
technique to exchange a key between the circuit and protected
software which is waiting for specific response to run in a full
user permission or run in a limit user permission area.
.B.1 Method of key exchange
The protected software checking specific port (serial port)
searching for its hard key when any user run it.
then make decision in a fallowing :
1. If it’s not find the hard key then run in a limit user
permission area.
2. If it finds the hard key then sends a key to it, after
that still waiting for response to make decision:
3. With availed key run in full user permission.
4. With invalid hard key run in a limit user permission
5. If it runs in a limit user permission or in a full user
permission area, The protected software still checking
the hard key.
Figure 3. Method of key checking
Figure 3 represents the steps of exchanging key
B.2 Encryption Algorithm
Encryption is the act of encoding text so that others not
privy to the decryption mechanism (the key) cannot understand
the content of the text.
Algorithm is any set of detailed instructions which results in a
predictable end-state from a known beginning.
Here is an algorithm that the researcher use to exchange an
encrypted key between the hard key and the protected program
,algorithm Instructions go through the following:
1. The protected program chose k0 is a number
randomly, calculate (k1= 3 k0+37) and then sends a
key (k1) to the hard key.
2. A hard key receives that key and make three things:
First: find the key (k =( k1-37)/3)
Second: multiplex the key by three then add (17) to it
(k2 =3k+17)
Third: send the key (k2) to protected program.
3. The protected program receives that key and make
three things:
First: find (k1) from the receive key (k1= k2+20).
Second: find (k) using (k =( k1-37)/3)
Third: make comparison between two keys (k0 , k).
4. Protected program run in a full version when the tow
keys are equivalent (k0 = K), or run in a limited
version if they are not(k0 ≠ K).
III. IMPLEMENTATION AND EXPERIMENTAL RESULT
A. Hardware Implementation
An electronic circuit is composed of individual electronic
components , such as resistors, transistors, capacitors, inductors
and diodes, connected by conductive wires or traces through
which electric current can flow.The components used for the
circuit design shown in the followingtable .
TABLE 1. CIRCUIT COMPONENTS
Component Specifications No
Microcontroller AT16L 1
Crystal 16.9344MHz 1
Capacitor 27Pf 2
Capacitor 1Pf 4
Switches Push Button 1
Normal diode N11.4 1
Max 232 Lm78L05817 1
The microcontroller Reset (RS), Vcc, Gnd, SCL,
XTAL1and XTAL2 pins, are connected to 16.9344MHz
Crystal which is used to generating clock signal for the
microcontroller, transmit (Tx) and receive (Rx) pins of
microcontroller are connected to receive (Rx) and transmit
(Tx), respectively in TTL MAX level. Transmit (Tx) and
4. IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), ISSN: 2249-9555
Vol. 3, No.1, February 2013
152
receive (Rx), in serial port are connected to input and output in
MAX232 level, as shown in figure 4.
Figure 4. Proposed Circuit
Figure 4: explain Proposed Circuit
In circuit design the researcher use, A microcontroller that
is a small computer on a single integrated circuit consisting of a
relatively simple CPU combined with support functions such as
a crystal oscillator, timers, and watchdog. Neither program
memory in the form of NOR flash or One Time Programmable
Read Only Memory (OTPROM) is also often included on a
chip, as well as a typically small read/write memory.
Microcontrollers are designed for dedicated applications. Thus,
in contrast to the microprocessors used in the personal
computers and other high – performance applications,
simplicity is emphasized. Microcontrollers are used to
automatically control products and devices, such as automobile
machine control systems, remote controls, office machines,
appliances, power tools, and toys, Crystal oscillator,that is an
electronic circuit that uses the mechanical resonance of a
vibrating crystal of piezoelectric material to create an electrical
signal with a very precise frequency. This frequency is
commonly used to keep track of time (as in quartz
wristwatches), to provide a stable clock signal for digital
integrated circuits, and to stabilize frequencies for radio
transmitters and receivers and MAX232, that converts signals
from an RS-232 serial port to signals suitable for use in TTL
compatible digital logic circuits, it’s a dual driver/receiver that
includes a capacitive voltage generator to supply EIA-232
voltage levels from a single 5-V supply. Each receiver converts
EIA-232 inputs to 5-V TTL/CMOS levels into EIA-232 levels
[12].The input to the max232IC will be of Transistor Transistor
Logic (TTL) and its voltage range will be of 5 volt. The output
of the max 232 ic will be of Recommended Standard 232 Logic
(RS232 logic) and its voltage range will be of 12 volt. The max
232 ic which is operating on 5 volt supply has to step up the 5
volt input to 12 volt. Hence a capacitor is used for pumping the
voltage and called as pumping capacitor.
B. software implementation
The microcontroller work under software control which is
written in C language. To program the microcontroller using
the C programming language, needs two tools:
1. AVR Studio which is an integrated development
environment that includes an editor, the assembler,
HEX file downloader and a microcontroller emulator.
WinAVR which is for a GCC-based compiler for
AVR. It appears in AVR Studio as a plug-in.
2. WinAVR also includes a program called Programmer’s
Notepad that can be used to edit and compile C
programs, independently of AVR Studio.
To load the program in the microcontroller, go through four
major stages:
• creating an AVR Studio project,
• compiling C code to HEX file,
• debugging C program using the simulator,
• downloading HEX file to the Atm16L development board and
running it.
C. Experimental Results
The design of a microcontroller-based circuit for software
protection (hard key) and its implementation enabled us to
access the protected software in a full version which all system
function activated when a valid hard key used, and with invalid
hard key the protected software stays in a limited version,
5. IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), ISSN: 2249-9555
Vol. 3, No.1, February 2013
153
which is some menu and some sub menu disabled and other
enabled.
When we use invalid hard key the protected software send a
message shown in figure 5.
Figure 5. The message display with invalid hard key
Figure 5: shows the message displayed when the protected
program runs with invalid hard key.
Thus protected program open in limited user permission
area, that shown in figure 6.
Figure 6. a limited user permission area.
Figure 6: shows the protected program when it runs in a
limited user permission area, where some menu (jobs and
salary) and some menu options (employee, qualification, etc, in
employee effort menu), disabled .
When we use availed hard key the protected software send
a message shown in figure 7.
Figure 7. The message display with a valid hard key
Figure 7 shows the message display when the protected
program runs with valid hard key.
Thus protected program open in limited user permission
area, that shown in figure 8.
Figure 8. a full user permission area.
Figure 8: shows the protected program when it runs in a full
user permission area, where all menu and all menu option are
enabled. See the menu (jobs and salary) and menu option
(employee, qualification, etc, in employee effort menu) which
are disabled in a limit version, here in a full version are enabled
CONCLUSION
This design was implemented by using: Microcontroller
AT16L, Crystal Oscillator 16.93MHz, max232, Switch, and
Capacitors. The system makes them easy to store the key inside
hard key and cannot be read from it, receive data, encrypt and
send the encrypted key. The design of a microcontroller-based
circuit for software protection (hard key) and its
implementation, show us very strong tool for software
protection.
Thus, we say that we have developed a method and an
excellent tool to protect software from piracy and unauthorized
usage.
REFERENCES
[1] Qiang Liu ,“Techniques using exterior component against software
piracy,”, Department of Computer Science, University of Auckland.
[2] Qiang Liu ,“Techniques using exterior component against software
piracy,”, Department of Computer Science, University of Auckland.
[3] Software copy
protection,http://www.miragesystems.de/products/licence-
protector/overview-home/software-copy-protection/print.html,Retrieved
on February 2013
[4] Interactive solution,
http://www.interactivestudios.net/Products/QuickLicense Manager.aspx.
Retrieved on February 2013
[5] Software copy protection,
http://www.matrixlock.de/english/e_allgem.htm, Retrieved on February
2013
[6] CrypKey Instant User Manual,
www.crypkey.com/support/manual_request.php?,Retrieved on February
2013
[7] Strong bit technology,
http://www.strongbit.com/hardkey_inside.asp,Retrieved on February
2013
AUTHORS PROFILE
6. IRACST - International Journal of Computer Science and Information Technology & Security (IJCSITS), ISSN: 2249-9555
Vol. 3, No.1, February 2013
154
Ms Eshtiag Jah Alrasool Alsideg Mohammed Ahmed, has been working as
a Lecturer at Faculty of Science And Art - King Abd Alaziz University -
Jeddah, Saudi Arabia.
Mr El nzeer El ameen Mohammed Ali, has been working as a Lecturer at
Gezira Collage of Technology - medani, Sudan.