Anti-Tampering Guidelines
The security that the LSAPI provides is only as good as the security of the application code and the secret values themselves.
Distribution of application code to end users means that an intruder can recover the shared secrets and use them to create a license system flow that appears to be correct for whatever challenge the application issues. An intruder can also locate and modify the code that compares and then validates the license system's challenge response.
You should take defensive steps by using antivirus programming techniques and other measures to prevent code modification, and also to make it difficult to circumvent the basic challenge protocol. Following are guidelines that you can use when you develop an application that includes calls to the LSAPI functions. For additional information, see Table Lookup Method.
When you select the license secrets
-
Choose unique secrets for each one of your company's applications.
-
Choose unique secrets for each application version.
When you code the application
-
If you include the secrets in the application, obscure them by encrypting them or scattering them throughout the code.
-
Place most of the challenge code and data in discardable overlays, if possible.
-
Incorporate an obscure internal checksum over the code that interfaces with the license system and with the challenge verification.
-
Use different challenge values for calls to the LSRequest and LSUpdate functions.
-
Verify the code offset when your application calls the challenge algorithm, at the entry point to the algorithm, if applicable.
-
Avoid simple comparisons and obscure critical comparisons.
-
Save the challenge response that the license system returns. Do not compare it for equality immediately after a call to the LSRequest or LSUpdate function.
-
Perform a meaningless comparison immediately after a call to the LSRequest or LSUpdate function.
-
Verify the challenge result more than once.
-
Perform mathematical operations with the challenge response, and compute another result that your application verifies later in the code.
-
Perform multiple operations with the challenge response, like meaningless read, comparison, and subtraction operations, before doing a final comparison. If the intruder uses a hardware monitor, this strategy can increase the number of hardware breakpoints that occur and thereby cause additional confusion for the intruder.
-
To verify that the current license is still valid, call the LSUpdate function periodically.