A Christmas Dongle Story
13.12.2023 Oliver Winzenried
In 1989, Wibu-Systems was founded on the premise to deliver innovative technology for the protection and security of digital assets. That premise was realized with WibuKey and embodied in the company’s first dongle, WibuBox/P, which became a successful security hardware solution.
Fiftteen years later, CodeMeter 1.0, a secure hardware device packaged with a password manager, SecuriKey, and a secure data encryption solution, Steganos Safe, was released to the public and would evolve into Wibu-Systems flagship IT security suite. The grand unveiling of CodeMeter happened at the vibrant Karlsruhe (Germany) Christmas Market in 2003, a place where families gathered for the annual month-long Christmas celebration. There we were, nestled amongst a myriad of stalls and purveyors of handicrafts, holiday food delicacies, and the like.
Our ambitious idea was to sell a USB device to consumers that could act as a password vault, perform as a two-factor authentication key for personal PCs or Macs, and allow software developers a secure place to store software license keys. The notion was that for people owning such a USB device, a lower price for software was possible, as manufacturers wouldn’t have to include a hardware device with their software. We named our USB device “CmStick”. CmSticks overcame many technical challenges and performed perfectly as password vaults and two-factor identification devices. However, software developers were slow to warm to the idea of less expensive software for CmStick owners. It didn’t take long to realize our misstep and quickly shift our efforts away from end users and launched the CodeMeter dongle (CmStick) to the business-to-business market. And that’s where the true success story of our CodeMeter dongle begins.
Just a few months later, Wibu-Systems introduced the CmStick/M to the B2B market, the first dongle with integrated flash mass storage, allowing companies to deliver the license as well as the application itself on the portable, secure hardware device. That year CodeMeter also won the first of its many industry design awards.
In the ensuing years, the global business community became highly security conscious and CodeMeter technology development flourished to meet the industry’s growing demands for secure licensing solutions. That’s when different form factors came into play. In 2009, the first dongles as CmCard/SD and CmCard/CF were released as was a new form factor, CmCard/microSD a year later. In 2011, CmStick/C was introduced, making it the world’s smallest dongle for software protection on the market. The miniature dongle fits into virtually any small-scale device and is thus a feasible option for adding security to intelligent Industry 4.0 sensors.
Later in this decade, the field of industrial automation emerged, and new security solutions were needed to support this growing market. New CodeMeter form factors CmCard/CFast and CmStick/IV were released with industrial automation in mind, offering a space saving design, extended operational temperature range, and highly reliable fast memory features.
Concerns for software piracy, code tampering, reverse engineering and counterfeiting remain key issues for ISVs and embedded system developers, particularly with the proliferation of connected devices, PLCs, and other smart industrial components and systems that define the modern world. The ramifications of these concerns go beyond financial loss; they now present significant threats to public health and safety as well.
Today, CodeMeter dongles (CmDongles) continue to provide the highest level of software protection and license security. A vast range of memory types and sizes means there is a CmDongle for virtually any requirements in the field. At the core of every CmDongle is a smart card chip, which includes a microcontroller with a secure storage area for cryptographic keys and the firmware. With CmDongles, software publishers can independently encrypt and decrypt data using symmetric or asymmetric algorithms like AES (Advanced Encryption Standard), RSA (Rivest-Shamir-Adleman), and ECC (Elliptic Curve Cryptography) and sign data or verify the signature.
With integrated flash memory, data is not lost in power outages, which is a primary design consideration for industrial applications. The CmDongle with flash memory can operate in temperatures from -40°C to +85°C; the SLC-flash technology offers longest life, lower power consumption, memory protection with AES encryption and high availability.
Over the years, CodeMeter licensing and protection technology has evolved beyond the dongle to software-based licensing (CmActLicense), as a signed and encrypted license file bound to a user’s target device, and cloud-based licensing (CmCloudContainer). Wibu-Systems latest CodeMeter innovation is CmReady, which adds CodeMeter capabilities to qualified mass storage devices and fills an attractive and in-demand spot between the top-end protection of the company’s CmDongles and the comfort of CmActLicense software containers. Even as CodeMeter technology evolves into different iterations for solving different problems, the dongle remains the cornerstone of Wibu-Systems success. You can read more about the many use cases for CmDongles with flash memory in this white paper, CmDongle with Flash Memory in Practice.
Contributor
Oliver Winzenried
Co-founder and CEO
Oliver Winzenried began his entrepreneurial career immediately after completing his electrical engineering degree and, in 1989, he founded Wibu-Systems together with Marcellus Buchheit. His passion for software protection has resulted in a wide range of patents covering areas from secure license management and anti-tampering solutions to dongle feature innovations. He is also a director of the VDMA regional association in the state of Baden-Wuerttemberg, Germany, and serves on the board of directors of the Medical Technology working group of VDMA, the board of directors of bitkom, and the managing board of FZI.