Does ElecKey use common encryption techniques e.g. public-key encryption?
We use our proprietary algorithms to provide software protection and licensing. We do not use public key encryption. The public key encryption technique has been designed to use in the field of communications where the basic assumption is that the channel and all the information exchanged can be intercepted by an eavesdropper; thereby allowing them to hack the encryption. So the only thing to work against this is 'Time' by making longer and longer bit encryption so that brute force attack would take an endless amount of time.
Public key encryption is very well known since it is commonly used, for example, for web logon, encrypting credit card number, etc. We believe it is a misconception to use public key encryption in software protection because it is a totally different environment. For example, public key is used to encrypt plain text, which is sensitive information. On the contrary, the protected software and licensing scheme are binary data; even if they are exposed, they are not readable.
The most important feature of software protection is not only encryption, but the techniques used in code protection and licensing enforcement.
Code protection safeguards your application against reverse engineering. A hacker may want break your code to steal your intellectual property, or may want bypass the license enforcement scheme, etc. Our solution encrypts the executable as well as .NET assembly to protect against decompilation and disassembly; whereas the code is only decrypted just before the run time. The algorithms are also designed with complicated and confused logics to protect against debugging and tracing. In addition, we use checksums of the protected executable to protect against code modification and virus infection. It can cause the protected application to cease operation if a modification is found. As mentioned above, this is a protected environment in which it cannot be assumed that the encryption will be easily exposed to any brute force attempt. Software protection involves other aspects as well. For example, the protection must wrap the executable, but not increase the file size by too much. It would be impractical to use an encryption that will double the file size.