Electronic security locks, popularly known as “dongles,” are commonly used to deter software piracy. This idea describes a simple yet-powerful design of such a security lock using the linear feedback shift register (LFSR) principle. The lock, which is implemented using Atmel’s AT90S2323 AVR RISC microcontroller, connects to the PC’s RS-232 serial port. The lock uses the PC’s serial port to communicate to the PC, as well as derive power for its own operation. Commercially available dongles come in various shapes and connectivity. The most common type connects to the PC’s parallel port. Increasingly, dongles with USB connectivity also are appearing, and those using RS-232 connections exist as well.
These locks use some type of programmable device containing a lock algorithm. The application software (the item to be protected) also contains an embedded version of the lock driver software. The dongle vendor usually provides the lock driver software itself. The actual lock algorithms are closely guarded secrets.
The lock design presented employs an LFSR implemented in software. An LFSR is an ordinary shift register with some of its output stages (called taps) fed back to the input. LFSRs have an interesting property that if the feedback taps are chosen carefully, then outputs cycle through 2n − 1 sequences for an n-bit LFSR. The sequence then repeats after 2n − 1 instances. If the output sequences are observed, they appear to be random.
The circuit for an 8-bit LFSR is shown in Figure 1. The LFSR is loaded with an initial “seed” value of “1” (i.e. 00000001 binary) and then the register is clocked. The resulting outputs are shown in Table 1. An 8-bit LFSR would have a cycle length of 255; similarly, a 16-bit LFSR would have a cycle length of 65,535, and so on.
The LFSR can be used in an electronic-lock implementation that would work as follows: The LFSR register is initialized with a seed value “x” and is cycled “y” number of times. The resulting register value is compared with the result that the driver calculates. If the two numbers match, it would indicate that the lock is present. Otherwise, the application software would terminate or indicate that the dongle wasn’t found. The initial seed and the cycle number can be generated by the PC using the current time of day.
Figure 2 shows the hardware for the electronic lock. An AT90S2323 processor, developed by Atmel, is used to implement the lock. The AT90S2323 is an 8-pin device and needs a supply voltage between 3 V and 6 V to operate. The power supply is derived from the RTS output signal present on the RS-232 port. Resistor R2 (1 kÙ) and zener Z1 (5.1 V) provide the supply voltage to the processor. The circuit operates using a 3.58-MHz crystal clock.
The AT90S2323 processor doesn’t have a hardware UART, so the processor software implements a serial transmit and receive function using a bit-banging method. The serial port operates at 9600 bits/s, 8 data bits, no parity, and one stop bit. The lock illustrated in Figure 2 employs an 8-bit LFSR. Higher-order LFSRs could be implemented using the taps shown in Table 2.
This lock design expects two numbers from the PC (the seed and the cycle count). It then continually calculates and sends back the result ad infinitum. The PC driver software can be written and embedded in any application that needs to be protected. Click here to view source code used for this application.