Re: The best small/medium database...?

From: Henrick Hellström (henrick_at_streamsec.se)
Date: 11/03/03 

Date: Mon, 03 Nov 2003 03:19:29 +0100

Henrick Hellström wrote:

> The problem is that you cannot get a piece of software running on a
> multi-purpose computer to prove that it is authentic. This is provably
> impossible, and is also why it is provably impossible to create
> cryptographic strength off-line shareware registration schemes: It is
> necessarily possible to crack any such scheme with no more than limited
> resources. (Cryptographic strength means that you need a heck of a lot
> of time, CPU power or memory to crack the protection. The paper proved
> it impossible to create software protection schemes with this property.)

Ouch! I think I only got that *almost* right, and that is the worst
thing that might happen. <g>

IIRC the paper proved that you cannot keep the implementation details of
a piece of software running on a multi-purpose computer secret.

Still, you could of course create shareware registration schemes that
e.g. uses the license key for decrypting some plugin etc. Such schemes
might successfully keep the plugin secret until it has been decrypted.
What they fail to do, according to the paper, is to prevent anyone with
access to an authentic license key from cracking the protection.

This is just a detail in this context - AFAICS it doesn't entail
anything regarding my other conclusions - but I figured it might be an
important detail. ;) 

-- 
Henrick Wibell Hellström,
StreamSec http://www.streamsec.com
StreamSec Tools security components for Delphi, Kylix and C++Builder
http://www.streamsec.com/products_strsectools.asp

Relevant Pages

  • Re: How can I identify a system uniquely using MFC code
    ... You point out the absurdity of most hand-rolled "copy protection" schemes. ... This use of an SID is woefully inadequate for security, ... after hardware failure or machine migration. ...
    (microsoft.public.vc.mfc)
  • Re: Sarahs Law trial run prompts vigilante fears
    ... Sara Payne has proudly declared: ... Pilot schemes start Monday September 15 in four police areas in ... MAPPA (Multi Agency Public Protection Arrangements)—which is made up ...
    (uk.legal)
  • Re: Win2K Pro or WinXP Pro?
    ... >> schemes have been and will be unqualified failures, ... because the existence of prisons hasn't worked ... Lost revenue due to software ... of a copy protection scheme, I'd love to hear about it. ...
    (microsoft.public.win2000.general)
  • Re: Document protection
    ... so protection seems useless..? ... by the schemes that they fall for. ... that movies on recording media can be ... the PDF format that may help keep the honest person ...
    (borland.public.delphi.non-technical)