Hi all,

I'm in need of a few pointers regarding the emulation of a Sentinel HL dongle. The information I've found so far is a bit confusing (hence my user name!), so I'd appreciate it if someone could link me to a step-by-step guide on how to achieve this. I'm particularly interested in emulating the hasp_decrypt() function, not just the envelope! Is this even possible at all?

Thanks for any helpful insights!

Cheers!

I'm confused,you didn't read the faq http://www.woodmann.com/fravia/rce-faq.htm

I believe forums exist to share knowledge and debate ideas, not to patronise others. Of course I read the faq and searched this forum, as well as others, and many internet sites. Had I found the answers I'm looking for, I probably wouldn't have posted in the first place!

Perhaps you find my question "lameass", or doubt of my efforts to research the subject, so allow me to rephrase my original question in a more detailed manner:

You can find many guides out there about dongle emulation, including for several Sentinel flavours. The issue I have with these is that most are a little dated, and it's not clear whether the same techniques apply to the latest generation of Sentinel HL keys. In fact, this is what woodmann's page on dongles (which, granted, is a few years old, but still a great read) has to say on HASP-HL (which I assume Sentinel HL is based upon): "HASP-HL currently appears secure from all but the most expensive of attacks". On the other hand, I've seen people claiming that it is possible to do it, and you can certainly find many sites that sell allegedly functional emulators for the current generation of keys.

From my research, I've learned that the current Sentinel HL technology uses white-box cryptography. As far as I understand, in this technique the encryption key is built in the algorithm, and so it's virtually impossible to retrieve it. Presumably, the API functions hasp_encrypt() and hasp_decrypt() make use of this technology, so naturally I'm skeptical about the possibility of emulating them.

To be more concrete, consider the following scenario: Software X uses the latest Sentinel HL keys as a protection device, and uses the encryption functions to retrieve data without which it cannot possibly work. If you're given a copy of software X, a memory dump of a legitimate key, and the latest tools/emulators, will you be able to run the software? Or, in other words, is there any emulator out there which can properly reproduce the hasp_decrypt() function?

I've seen very little evidence of this, apart from the odd comment in discussion forums and dodgy Russian sites where they try to sell you emulators, so I'm tempted to say that it's not possible at all. Of course, a week of research is certainly not enough to gain a deep understanding of such complex subject, which prompted me to register here and seek the opinion of a more seasoned person. So, which one is it? Am I correct, or can it be done somehow?

Yes it can be done. With your limited info thats the best answer.

You could always look here for some basics:
http://www.woodmann.com/crackz/Dongles.htm#tutorials

You will have to provide a lot more than "I'm in need of a few pointers regarding the emulation of a Sentinel HL dongle."

Woodmann

I'm not entirely sure what additional information you require. Consider my question more of a theoretical one.

I'd already read the page you suggest: it's a great read, but it hasn't been updated in a few years. The tutorials are all about turn-of-the-century technology. As far as I'm aware, at the time Safe-Net hadn't bought Aladdin yet, and the first papers on white-box cryptography hadn't even been published! The quote about HASP-HL on my second post above was taken precisely from that page: it reads "HASP-HL currently appears secure from all but the most expensive of attacks".

I would believe that a generic emulator could work if the encryption keys were stored in memory, or the algorithm was known (and it was the same for every vendor), but presumably this is not the case for the new generation of Sentinel HL keys. Safe-Net claims that the encryption algorithms are unique for each software company and, further, there are some 65,000 variations to choose from.

So, how is it possible that a generic emulator would work without having access to a legitimate key? For instance, would the EDGE emulators (the most recent on the page you mention) do the trick?

If you want to discuss theory, you can search this place for everything you
could possibly want to know about Sentinel.

So, you say "theory", thats pretty vague. I gave you an answer which was yes, you can do it.

As for emulators, whatever has come in the past probably will not work with the new.
The reason is obvious.
Can you make them work ? I have no idea for I know not what version you are talking.

Woodmann

I believe the latest Sentinel version is 6.4. I haven't tried the EDGE emulator, but I very much doubt I could make it work.

When I say "theory" it's not about Sentinel, but rather the reverse engineering of white-box cryptography algorithms. If I understand the concept of white-box cryptography correctly, I don't think a generic emulation should be possible, only a specific one for which you would need access to a legitimate key, not just a memory dump of one (but, of course, if you had a legitimate key you would also have other options).

I may be wrong concerning newer versions but I think you can find what you need from a memory dump.

I will look further.

Woodmann

Memory dump not possible according to safenet.
Continuing the search.

There are some dongle folks that can help you.
If you want to learn you will need to start dissecting it.

If you have no experience at this I suggest you
purchase what you need. Otherwise, you have an extremely large learning curve ahead of you.

Thanks for everything, Woodmann, you have been most helpful!

Cheers!

Thanks, I think.

Perhaps someone around here will have something to add.

Woodmann

a sentinel has a long history of producing fundamentally flawed security devices and software
b. of course it can be broken... that's why security devices are made -- they are meant to be broken
c. is it publicly emulated? not likely! it took about 5 years before emulators like the one Edge keygened came to life.
d. whats needed? you need to get into hardware reverse engineering to dump the memory. The memory MAYBE dumpable from the software side. Althogh, a software dumper/solver would require some sort of flaw in the design/authentication or cryptosystem to be exploited. Think remote buffer overflow to dump shellcode which dumps keys and firmware back to the PC or encryption keys which don't really have solid entropy. 65k possibilities? thats not much, that's 0xFFFF , which you can brute force farting. That being said, thats just the user id, how its connected to the encrypt/decrypt functions/transforms is unknown.

a. find out the algorithm it uses. most likely with these atmel/mcu/fpga/ they use aes 128,256. So identify the chip model # first
b. fuzz the hardware and see if it crashes in an exploitable way (use emulators), see if you can get a memory layout/find design flaws in the cryptosystem. This needs a development emulator or some hints from SDK if any.
c. find a hw reverse engineering vendor who has worked with that particular chip in US/China/eastern Europe and ask them if they can dump the chip for you
d. see if you can extract the key and place it into the algorithm, this will be a product specific emulator
f. do you want to make it a TruEmu(TM) ? then automate step d so its not dependent on c, probably something to do with b.

Now, when you do some real research, you will get a bandwagon of followers eager to help and learn from your findings as well.

I see you as one of three categories, maybe another...

Probably someone who wants to emulate a particular product that<s of high value they have for a friend\client\customer. You are searching to see if there is any generic emulator so you know if the result of your efforts will be full-proof. As you find -- there is no generic emulator you account for this on your client. stop posting as a result answer has been found

OR

You really are interested in dongle reversing but don't quite know anything but have been challenged because your mouth got in the way of making claims it probableeeeee should not have. Now you are seeking to see if there are any solutions to your position.

|

you actually are interested in dongles, but somehow Kno nothing about the dongles. If this is the case:
a. buy an sdk
b. take it apart
c. learn to exploit and study previous emulator.
d. then start using the steps described

DONGS

That was a very in-depth reply, cheers Sab! I'm not saying which category I fit into, but I do admit that I know very little about dongles and have a (bad) habit of making claims I can't always backup.

In any case, my questions have been answered here. It's become quite clear that dongle reversing is not for the faint-hearted and, even though I'm genuinely interested in the subject, I think I'd need another degree before I could pursue it further.

Thanks guys!

depending on which you really are... a degree is not needed, just passion and time. you may find passion and time better well spent on other areas -; like hardware reverse engineering in general. good luck