HISE Logo Forum
    • Categories
    • Register
    • Login

    HISE RSA Not Working

    Scheduled Pinned Locked Moved Scripting
    17 Posts 5 Posters 865 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • CasmatC
      Casmat @ustk
      last edited by Casmat

      @ustk yeah 2048 is minimum for todays world and it does take a couple seconds to sign due to its size, this is where rsa reaches its annoyances, hence why there’s modern options (ed25519 algorithm) which have both shorter signatures, faster performance, all while getting more security.

      i make music

      ustkU 1 Reply Last reply Reply Quote 0
      • ustkU
        ustk @Casmat
        last edited by

        @Casmat Hence my current personal interrogation about moving this encryption to a specific server so to release the load from the website...

        Can't help pressing F5 in the forum...

        LindonL 1 Reply Last reply Reply Quote 0
        • d.healeyD
          d.healey
          last edited by

          Can't this just be defeated by switching an if statement within the binary anyway?

          Libre Wave - Freedom respecting instruments and effects
          My Patreon - HISE tutorials
          YouTube Channel - Public HISE tutorials

          ustkU 1 Reply Last reply Reply Quote 0
          • ustkU
            ustk @d.healey
            last edited by ustk

            @d-healey Not when using the Unlocker system which is deeply embedded in the binary. I believe this is the best protection Hise (Juce) offers so far...

            Can't help pressing F5 in the forum...

            CasmatC 1 Reply Last reply Reply Quote 1
            • CasmatC
              Casmat @ustk
              last edited by Casmat

              @ustk hmm, what’s this unlocker system im seeing, Is it just meant for HISE Activate or how do I work with it?

              i make music

              ustkU 1 Reply Last reply Reply Quote 0
              • ustkU
                ustk @Casmat
                last edited by ustk

                @Casmat

                Link Preview Image
                HISE | Docs

                favicon

                (docs.hise.audio)

                I'm not sure there's a dedicated thread about this but if you search the forum you'd find some examples...

                Hise activate is a ready made server for the encryption so you just have to worry about your plugin implementation side, but you might roll your own PHP script own your server if you feel it
                there's a PHP example somewhere around...

                Can't help pressing F5 in the forum...

                1 Reply Last reply Reply Quote 0
                • ustkU
                  ustk
                  last edited by

                  here:
                  https://forum.hise.audio/topic/5369/build-failed-with-copy-protection-enabled?_=1704891683446

                  Can't help pressing F5 in the forum...

                  CasmatC 1 Reply Last reply Reply Quote 0
                  • LindonL
                    Lindon @ustk
                    last edited by Lindon

                    @d-healey said in HISE RSA Not Working:

                    Can't this just be defeated by switching an if statement within the binary anyway?

                    yes - or a number of if statements if you've coded it that way. All this is doing is

                    1. stopping the script kiddies on day-0
                    2. stopping the pro-pirates building a keygen

                    So these are the two worst scenarios for reducing sales.

                    So can this be hacked ?- why of course it can, anything can be hacked eventually, but this requires the pirate to hack your code base and distribute their own copy of your product. At that point you are pretty much where Urs is at with UHe. Sure he's using a more sophisticated series of counter-measures but the single most important counter measure (he says) is to release updates often -1.1,1.2,1.3 etc. forcing the pirate thru the hoop one more time.

                    Should you use 2048-bit keys - well, 512-bit stops issues 1 & 2 above so really its hard to see the point.
                    Any pro hacker(as you rightfully point out) will just circumvent your serial-checking code in all the places they can find it making the actual algo. pretty moot, as long as they cant reverse engineer your checking code (and using RSA stops that as they cant generate your private key)

                    HISE Development for hire.
                    www.channelrobot.com

                    ustkU 1 Reply Last reply Reply Quote 1
                    • ustkU
                      ustk @Lindon
                      last edited by

                      @Lindon said in HISE RSA Not Working:

                      (and using RSA stops that as they cant generate your private key)

                      unless 512 is "easily" hackable, right? Hence the 2048 size 🤷
                      because if a hacker can easily hack a 512 key there's no point in building the most protective code

                      Can't help pressing F5 in the forum...

                      CasmatC LindonL 2 Replies Last reply Reply Quote 0
                      • CasmatC
                        Casmat @ustk
                        last edited by

                        @ustk thanks! Looks like the unlocker is mainly meant for online licensing solutions. We’re currently planning to release a version with a simple offline auth system using ssh keys to encrypt and make the user download a license.dat file and import that along with the installer into the plugin to verify the license

                        i make music

                        1 Reply Last reply Reply Quote 0
                        • CasmatC
                          Casmat @ustk
                          last edited by Casmat

                          @ustk 512 can be cracked in a couple days with decent hardware, possibly hours with good hardware. 2048 is estimated to be crackable in trillions of years

                          i make music

                          1 Reply Last reply Reply Quote 0
                          • LindonL
                            Lindon @ustk
                            last edited by Lindon

                            @ustk said in HISE RSA Not Working:

                            @Lindon said in HISE RSA Not Working:

                            (and using RSA stops that as they cant generate your private key)

                            unless 512 is "easily" hackable, right? Hence the 2048 size 🤷
                            because if a hacker can easily hack a 512 key there's no point in building the most protective code

                            yeah - EdDSA seems to be the way to go...if you want it secure - buit really the last hour has told me I know nearly nothing about asymmetric encryption...

                            HISE Development for hire.
                            www.channelrobot.com

                            1 Reply Last reply Reply Quote 1
                            • First post
                              Last post

                            14

                            Online

                            1.7k

                            Users

                            11.8k

                            Topics

                            102.8k

                            Posts