Your driving license to expert cryptography

Share:

Few successful software applications don’t use cryptographic methods as they protect code and data from predatory attacks.

By analogy, applying cryptography is like driving a car. Just as you first have to learn what all the controls are for before you can go zipping down the interstate, first you must become familiar with basic cryptographic methods. And just like yesterday’s trendy car is no longer in vogue today, obsolescence in security is accelerating.

There isn’t much you can do to slow down technological evolution, but as a software developer, you can ensure that a primary responsibility is to use cryptography properly and safely.

Access the recordings and download the slide deck
English Access 
German Access

CodeMeter® offers a wide range of cryptographic methods and harnesses Wibu-Systems’ vast experience and knowledge. Nevertheless, even great technologies like CodeMeter may fail  if they have been implemented poorly or without the necessary safety precautions.

The webinar provides an overview of the available cryptographic methods in the CodeMeter API. 

An essential key point is the secure storage of private and secret keys; the first question you should ask yourself is where you should be storing your licenses. CmDongle, the hardware-based protection vessel, offers an impenetrable fortress. CmActLicense, the software-based container, is available with a unique and proprietary technology, SmartBind®. The private and secret keys are stored in an encrypted license file whose key is the fingerprint of the specific PC to which the license file is bound. 

How to operate encryption is your second important decision; that should depend on the kind of application you have developed and the threat scenario you are going to face in your business model.

Finally, there are many cool facts: did you know that in Counter Mode (CTR), encryption with AES is really just about XOR? 

For example, consider a database field with a Boolean value. A simple encryption with AES returns exactly two possible encrypted values. This means that an attacker would actually be able to derive the unencrypted value for all records by knowing just one record.

This is where our webinar begins: we’ll show you practical examples about how to implement CodeMeter in ways that allow it to protect your software today and tomorrow.

During this hour together, we discussed:

  • HASH functions
    • SHA 256
  • Symmetric encryption
    • AES 256
    • Direct encryption in CmContainer
    • Indirect encryption
    • Encryption without CmContainer
    • Selection of the most appropriate operating mode
  • Asymmetric encryption
    • ECC 224
    • RSA 2048
To top