Software encryption status quo and development trend of the industry
Software developers usually use some kind of encryption technology to protect their software to prevent illegal use. Also need software encryption software is authorized to purchase content, in order to maximize the sales profit.
Software encryption technology is divided according to whether the use of a dedicated hardware-based encryption hardware and software-based encryption. Hardware-based encryption, encryption need to bind with a dedicated hardware device, the hardware encryption encryption locks, commonly known as a dongle. Software-based encryption, encryption does not require dedicated hardware, general binding digital license with the the terminal device hardware and software information, also known as the electronic authorization forms.
Simply think drive-based hardware encryption security than software-based encryption is not correct, because the more involved in software security, including encryption products, security, encryption policy design, application software, operating systems, , hardware, data communications, and so on, is a comprehensive technical areas, not simply by a to determine whether security.
In other countries, the market share of the electronic authorization and encryption locks are evenly matched. Habits and historical reasons, the encryption locks also occupy a certain market share. Encryption locks, however, is the network developed product of the times, is a pure client technology, lack of management and statistical functions, the presence of hardware production, logistics, driver installation inconvenience, not only the high cost, and can not be achieved network distribution and sales of the software, is gradually decline.
The development of the electronic authorization that is in the ascendant. Electronic license protection methods have become more and more integrated into the Internet technology, cloud computing and SaaS concept is not only more convenient to use and manage software electronic issue and be able to achieve, but also in line with today’s green low-carbon development concept, has replaced the encryption locks Exclusive the software encryption market trends. The more well-known companies in the world, Microsoft, IBM, Autodesk, SIEMENS, Adobe and other software are electronic authorization protection mode.
In the country, the use of encryption software developers lock higher rates, with foreign habits and historical reasons for the continuation of the following two reasons:
1 domestic manufacturers generally considered security encryption locks electronic authorization.
There are not any available electronic license products too high, the price of foreign electronic authorization.
In fact, with the growing improvement of the network environment, the network activation for most domestic users is not a problem. And also mentioned earlier, that the point of view of the security of encryption locks electronic authorization sided incorrect. From a realistic point of view, the encryption locks through hardware replication easier to crack, but completed piracy industry chain has been formed. Instead, electronic authorization because the hardware can not be copied, but also need to network activation and validation, in fact, have very good protection effect. In addition, the domestic has also appeared in some licensed products provide electronic 2-3 company must grow with the development of China’s software industry and grow up.
Therefore, the encryption software industry trends hardware, networking, and information technology. Below, we talk about, from the software encryption method specific to elaborate software encryption status quo and development trend of the industry.
First, the software encryption method
As mentioned earlier, the software encryption technology is divided into encryption hardware-based and software-based encryption.
A hardware-based encryption
Hardware-based encryption encryption locks, some important information, such as encryption keys to sensitive data, authorization documents, custom algorithms, etc. can be stored in the dongle.
The encryption lock interface form is divided into two kinds of parallel port and USB port. The parallel port is the early use of the form, because the mating inconvenient and conflict with the printer, and now has less use. Most developers use are USB interface dongle.
Encryption locks from the two types of CPU type, a microcontroller for CPU and another using a smart card chip as the CPU the microcontroller hardware itself easily crack or copy, so more and more high-end encryption locks using a smart card chip CPU, to prevent hardware crack. But more and more smart card dongle crack, first, because the chip is more and more advanced analytical techniques and instruments; smart card program to be written to the chip factory to manufacture in this session program may leak; encryption locks of the same brand the CPU procedure is the same, only different developers data and key, if these files are spread out, it is easy to copy.
Dongle has a certain degree of security strength, but there are also a number of drawbacks:
1) apply to the traditional one-time perpetual license, can not facilitate the achievement of the trial version and on-demand purchase
2) the presence of hardware production, logistics, installation and maintenance costs
3) can not be achieved the issue of Internet-based electronic upgrades, tracking and management
4) Once cracked, can be copied in large quantities, it is difficult to remedy
Two software-based encryption
Software-based encryption, electronic authorization, and specific also divided into two kinds of registration number and license file:
Registration code is also known as the serial number or authorization code, obtained by a transformation of the the software user computer hardware and software information, the available hardware and software information, including: CPU serial number, BIOS serial number, card number, hard drive serial number, computer name, etc. . Transform algorithm used a custom algorithm or standard encryption algorithm. User or first use of the software installation process, you need to enter the registration code to verify. After authentication, the software can be used normally. The approach has the advantage of the registration code protection is simple to use, the drawback is that security is not high, unable to achieve complex authorization requirements.
License file and the registration code to bind the same computer hardware and software information, just a registration code length restricts use of both hardware and software information, the license file can use multiple hardware and software information. Moreover, the license file can contain more information, so you can achieve the complex authorization requirements, and can even store some user information. The typical license file method is to use the private key of the asymmetric algorithm to sign the license file, while the public key is embedded in the software code. Asymmetric encryption and decryption process, the private key authorization server exists, it is difficult to crack through the analysis of authorization documents.
The advantages of the electronic authorization protection does not require additional hardware, and therefore does not need to install the driver and client components, electronic software issue. The drawback of the electronic license protection mode is not networked users need to manually extract the computer information, and then manually import registration codes or license, is not very convenient to use. In addition, the domestic electronic authorization few of the developers of the product, which also limits the popularization and promotion of electronic license protection technology.
Second, the software encryption industry development status
1. Encryption locks
The major foreign dongle provider SafeNet, Inc. in the United States and Germany Wibu.
Encryption locks provider deep Si Luoke and Feitian. The two companies because of the low prices, the first to introduce the smart card encryption locks localized well to occupy a certain market in the country.
2. Electronic authorization
Foreign company licensed products to provide electronic Flexera Software and SafeNet which, Flexera Software is focused on the field of electronic authorization, the product’s ease of use and functionality are doing better, but the price of the product is also very high.
The domestic electronic authorization products company the Beijing Biteansuo (BitAnswer), Shenzhen-use the (Euse) Safengine Company.
There are very few companies will develop their own electronic authorization scheme, but the developers to develop their own programs usually exist the following questions:
1) the development of non-professionals, there are many loopholes in the security
2) is difficult to achieve flexible licensing control, management and statistical functions very simple or no
3) are likely to be introduced in order to solve the immediate problem of short-term program, and produce far more than expected in the future due to the security, stability and scalability issues continued to invest
4) can not meet market changes brought about by the new demands on software licensing model
Software encryption industry trends
The software encryption industry trends is closely related with the development trend of the software industry. With the popularity of cloud computing and SaaS, provider of software products is change in the direction of the network and platform. Used for the majority of software developers, SaaS products can not only save a lot of hardware and software purchase and maintenance costs, you can also purchase demand, while reducing the use of risk, forcing platform providers to continuously improve products and enhance services to retain customers.
Toward the development of network and platform development is also a software encryption technology trends. The view on the current development trend, the encryption lock technology has developed very mature market is nearing saturation, slow growth. The existence and use of the hardware habit makes encryption locks can not keep up with the pace of development of the Internet era, will be replaced by the electronic license.
Electronic authorization license from early registration code form to the feature-rich documents in the form of changes in technology is undergoing authentication method from offline manually verify the development of automatic network authentication. Authorized management thinking of in particular, the electronic license technology from a single software license certification development as an authorized certification, authorization management and statistical information, and other function of both, greatly increased the authorized level of information for software developers.
Can predict the future of electronics licensed products should have the following main characteristics:
Unified authorized management platform: provided by third-party security professional software developers, based on the Internet’s one-stop software protection and authorization management platform, without having to install and maintain, low cost, easy-to-use.
2 Flexible License: support the authorization of the client software and the cloud computing model traditional software license; authorized press time, the number of functional modules; authorized to bind the computer hardware and software information, encryption locks, or by a user name and password authentication method for authorization.
Simple and friendly user experience: based on the WEB, anywhere access; Users can buffet purchase, activate and update the software, you can buy their own software to keep abreast of information; software developers can learn about software activation information and user information can be synergies by the members of the organization to complete the design of software license, implementation, management and maintenance work.
4. Cloud licensing model: This is a cloud computing model of software licensing. Traditional software is pure client implementation, authorization is also a client. Although cloud computing is the trend, but the transition difficult for traditional software would be a good way for a certain degree of cloud computing transformation. The concrete realization of ideas, the only software authorized transfer from the client to the cloud on the authorization server, so that small changes to the software, but you can instantly enjoy the benefits of cloud computing: high security strength demand to buy cloud storage .