HISE Logo Forum
    • Categories
    • Register
    • Login

    Different Encryption Types in HISE?

    Scheduled Pinned Locked Moved Scripting
    59 Posts 8 Posters 3.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • CasmatC
      Casmat @Christoph Hart
      last edited by

      @Christoph-Hart thanks!

      i make music

      1 Reply Last reply Reply Quote 0
      • A
        aaronventure @Christoph Hart
        last edited by

        @Christoph-Hart said in Different Encryption Types in HISE?:

        If one makes an online authentication system, then it’s pretty much game over for keygens, hence you don’t see adobe photoshop keygens anymore

        If you make a "must-call-home-to-use-the-plugin" copy protection you'll get the righteous wrath of your legit user base and anything else can be bypassed with a crack.

        Can't this be bypassed by a crack, too? If the script is not encoded you can just... remove the boolean, no?

        Christoph HartC 1 Reply Last reply Reply Quote 0
        • Christoph HartC
          Christoph Hart @aaronventure
          last edited by

          @aaronventure everything can be cracked, sure.

          1 Reply Last reply Reply Quote 0
          • LindonL
            Lindon @Christoph Hart
            last edited by

            @Christoph-Hart said in Different Encryption Types in HISE?:

            If that was the procedure, the cracked release will contain a modified binary (which is most often the case, because otherwise the "crack release" will contain only a 200kb keygen which I've never encountered in my life so far).

            Well thats exactly what happened to me with Atmosia 2.0 - people are still downloading (at my cost) the binary and trying to apply the keygen generated code - even if I went to RSA with V2.5.... so its def. a problem.

            HISE Development for hire.
            www.channelrobot.com

            LindonL d.healeyD 2 Replies Last reply Reply Quote 0
            • LindonL
              Lindon @Lindon
              last edited by Lindon

              So to be clear -

              • Yes everything can be hacked...
              • RSA and many other schemes(including the unlocker) can be hacked by a dedicated serious pirate group

              But here we are asking for a better encryption method NOT because this will stop the dedicated pirate groups hacking the code and delivering a hacked-binary - because this wont, but more on this in a minute. No we are trying to stop the keygen attacks only. These are the worst for reasons @Casmat outlined in https://forum.hise.audio//post/73852

              So first to deal with @Christoph-Hart s issue that "key gens are rare", which I think is a manifestation of the black-swan problem, just because you haven't seen them doesn't make them rare. Because my experience is that they are not rare at all.

              Second - why keygens are really bad: Because they generate valid keys, and no matter how many places and how many timed-to-activate-only-at-a-future-date elements you put in your code then the key gen defeats them in one single step.

              I strongly recommend everyone interested in this stuff go look at the advice and experiences Urs Heckman of (UHe) has posted in the DSP forum at KSPAudio, here's some of his advice:

              • have your validation code in several places
              • have your validation code additionally execute at some future date

              There's more but both these things are an attempt to fight off the dedicated hacking groups with their shipped-hacked-binary approach. Both these things are utterly defeated at the outset by a KeyGen.

              HISE Development for hire.
              www.channelrobot.com

              d.healeyD 1 Reply Last reply Reply Quote 1
              • d.healeyD
                d.healey @Lindon
                last edited by d.healey

                @Lindon said in Different Encryption Types in HISE?:

                people are still downloading (at my cost) the binary

                Why are they able to download it from you without a valid purchase?

                Libre Wave - Freedom respecting instruments and effects
                My Patreon - HISE tutorials
                YouTube Channel - Public HISE tutorials

                LindonL 1 Reply Last reply Reply Quote 0
                • LindonL
                  Lindon @d.healey
                  last edited by

                  @d-healey demo

                  HISE Development for hire.
                  www.channelrobot.com

                  d.healeyD 1 Reply Last reply Reply Quote 0
                  • d.healeyD
                    d.healey @Lindon
                    last edited by d.healey

                    @Lindon Is there a way you could limit the content in the demo until they activate it with a license key that you can confirm is genuine via a server call? And then download the additional content.

                    Libre Wave - Freedom respecting instruments and effects
                    My Patreon - HISE tutorials
                    YouTube Channel - Public HISE tutorials

                    LindonL 1 Reply Last reply Reply Quote 0
                    • LindonL
                      Lindon @d.healey
                      last edited by

                      @d-healey said in Different Encryption Types in HISE?:

                      @Lindon Is there a way you could limit the content in the demo until they activate it with a license key that you can confirm is genuine via a server call? And then download the additional content.

                      of course...but.....

                      HISE Development for hire.
                      www.channelrobot.com

                      1 Reply Last reply Reply Quote 0
                      • d.healeyD
                        d.healey @Lindon
                        last edited by d.healey

                        @Lindon said in Different Encryption Types in HISE?:

                        I think is a manifestation of the black-swan problem

                        Sign up to some of the cracker groups on FB, you'll see keygens

                        This just popped up in my feed. FB doesn't do anything when you report the groups...

                        c0c732bf-5c46-4444-b6fc-02d5265c5e9c-image.png

                        Libre Wave - Freedom respecting instruments and effects
                        My Patreon - HISE tutorials
                        YouTube Channel - Public HISE tutorials

                        CasmatC 1 Reply Last reply Reply Quote 0
                        • CasmatC
                          Casmat @d.healey
                          last edited by Casmat

                          @d-healey yup haha, I had seen the same thing, the thing with keygens is that everyone’s starting to realize that using encryption is the way to go, and keygens have died down because these cracker groups are unable to find any way to get real keys, but they still pop up with systems with some sort of error in the code that gives out the private key or it not having any encryption at all, which there are still many because people don’t know much about encryption and still want to stick with an outdated system

                          FB doesn't do anything when you report the groups....

                          Classic FB (and other piracy sites), unless a dmca takedown is issued, they’ll just sit around

                          i make music

                          CasmatC orangeO 2 Replies Last reply Reply Quote 0
                          • CasmatC
                            Casmat @Casmat
                            last edited by

                            I also suggest taking a look at this which definitely helps consolidate everything into a nice blog post:

                            Link Preview Image
                            How to Generate Secure License Keys in 2025

                            Software vendors should move away from legacy license key algorithms such as partial key verification to generating secure license keys using modern algorithms like elliptic-curve and RSA cryptography.

                            favicon

                            Keygen (keygen.sh)

                            i make music

                            1 Reply Last reply Reply Quote 0
                            • orangeO
                              orange @Casmat
                              last edited by orange

                              @Casmat said in Different Encryption Types in HISE?:

                              @d-healey yup haha, I had seen the same thing, the thing with keygens is that everyone’s starting to realize that using encryption is the way to go, and keygens have died down because these cracker groups are unable to find any way to get real keys

                              No, the keygens definitely didn't die.

                              I guess you haven't seen industry-leading plugin manufacturers that have been hacked even though they used cutting-edge encryption methods ​​in the market.

                              The logic of keygens is not just finding existing keys. It can also solve Key's mathematical formula. Or a fake little server like app can cheat the plugin via The HTTP 200 OK success status response. Then it generates keys upon the method. In this case, it makes no sense whether to encrypt the key.

                              In my experience, if the licensing system used by the plugin is not obfuscated, it will definitely be cracked, regardless of whether the encryption is 2048. Because the hackers can see the source code very clearly, I guarantee it :beaming_face_with_smiling_eyes:

                              develop Branch / XCode 13.1
                              macOS Monterey / M1 Max

                              LindonL CasmatC 2 Replies Last reply Reply Quote 2
                              • LindonL
                                Lindon @orange
                                last edited by

                                @orange said in Different Encryption Types in HISE?:

                                In my experience, if the licensing system used by the plugin is not obfuscated, it will definitely be cracked, regardless of whether the encryption is 2048. Because the hackers can see the source code very clearly, I guarantee it :beaming_face_with_smiling_eyes:

                                Yeah thats possibly another thing we need to think about - how do we obfuscate the HSIE script source code...

                                HISE Development for hire.
                                www.channelrobot.com

                                d.healeyD 1 Reply Last reply Reply Quote 0
                                • d.healeyD
                                  d.healey @Lindon
                                  last edited by

                                  @Lindon you can't without encrypting it because anyone can just look at the code and make a deobfuscator. Security through obscurity is a last resort.

                                  I take the approach that anything on the client side is already compromised so all my 'security' stuff is server side.

                                  Libre Wave - Freedom respecting instruments and effects
                                  My Patreon - HISE tutorials
                                  YouTube Channel - Public HISE tutorials

                                  LindonL 1 Reply Last reply Reply Quote 0
                                  • LindonL
                                    Lindon @d.healey
                                    last edited by

                                    @d-healey said in Different Encryption Types in HISE?:

                                    @Lindon you can't without encrypting it because anyone can just look at the code and make a deobfuscator. Security through obscurity is a last resort.

                                    true. I bet you users love your "must have an internet connection" tho....

                                    HISE Development for hire.
                                    www.channelrobot.com

                                    d.healeyD Dan KorneffD 2 Replies Last reply Reply Quote 0
                                    • d.healeyD
                                      d.healey @Lindon
                                      last edited by

                                      @Lindon They only need a connection to download the instrument, once they have the files they can use them offline, on any machine - remember all my stuff is open source so I don't have the same piracy paranoia as everyone else 😃

                                      Libre Wave - Freedom respecting instruments and effects
                                      My Patreon - HISE tutorials
                                      YouTube Channel - Public HISE tutorials

                                      1 Reply Last reply Reply Quote 0
                                      • Dan KorneffD
                                        Dan Korneff @Lindon
                                        last edited by

                                        @Lindon said in Different Encryption Types in HISE?:

                                        I bet you users love your "must have an internet connection" tho....

                                        I just released a plugin that currently supports online activation only. 35K active activations so far. 7 complaints.
                                        I do plan on offering offline activation soon, but this doesn't appear to be huge issue like or was years ago.

                                        Dan Korneff - Producer / Mixer / Audio Nerd

                                        LindonL d.healeyD 2 Replies Last reply Reply Quote 2
                                        • LindonL
                                          Lindon @Dan Korneff
                                          last edited by

                                          @Dan-Korneff said in Different Encryption Types in HISE?:

                                          @Lindon said in Different Encryption Types in HISE?:

                                          I bet you users love your "must have an internet connection" tho....

                                          I just released a plugin that currently supports online activation only. 35K active activations so far. 7 complaints.
                                          I do plan on offering offline activation soon, but this doesn't appear to be huge issue like or was years ago.

                                          Good to know Dan, thanks...

                                          HISE Development for hire.
                                          www.channelrobot.com

                                          1 Reply Last reply Reply Quote 0
                                          • d.healeyD
                                            d.healey @Dan Korneff
                                            last edited by

                                            @Dan-Korneff said in Different Encryption Types in HISE?:

                                            35K active activations so far

                                            You should make a video tutorial about your marketing strategy

                                            Libre Wave - Freedom respecting instruments and effects
                                            My Patreon - HISE tutorials
                                            YouTube Channel - Public HISE tutorials

                                            Dan KorneffD 1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post

                                            28

                                            Online

                                            1.7k

                                            Users

                                            11.9k

                                            Topics

                                            103.5k

                                            Posts