Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site wdl1.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!mhuxr!mhuxt!houxm!vax135!cornell!uw-beaver!tektronix!hplabs!hpda!fortune!wdl1!jbn
From: jbn@wdl1.UUCP
Newsgroups: net.micro.pc
Subject: Re: Re: software protection - dongles
Message-ID: <654@wdl1.UUCP>
Date: Thu, 22-Aug-85 20:25:20 EDT
Article-I.D.: wdl1.654
Posted: Thu Aug 22 20:25:20 1985
Date-Received: Sun, 25-Aug-85 13:15:07 EDT
Sender: notes@wdl1.UUCP
Organization: Ford Aerospace, Western Development Laboratories
Lines: 11
Nf-ID: #R:entropy:-17600:wdl1:5000017:000:545
Nf-From: wdl1!jbn    Aug 14 16:25:00 1985


       No, you can't break a good dongle by looking at its inputs and outputs,
although you may be able to do so by analyzing the software that polls it.
Good dongles work like Identify-Friend-Foe devices; the program challenges
the dongle by sending it a random number, which it runs through an encryption
algorithm, returning the result, which is then checked by the program.  The
challenge is never the same twice.  Three iterations through the DES algorithm
with different keys for each iteration is probably pretty solid.

					John Nagle