Underlying Technologies

Modern Guardant dongles are based on Cortex-M3, a high-performance 32-bit microcontroller. Powerful microprocessors provide a variety of security features such as: hashing, symmetric encryption algorithms, development and validation of electronic signatures based on elliptic curves, as well as the execution of arbitrary custom code within the dongle.

Use of a serial microcontroller as a basic element allows you to quickly and cost-efficiently make changes to the firmware that controls the operation of the dongle. This makes it possible to quickly respond to new hacking techniques and successfully resist the constantly developing tools used by analysts to attack. As a result, the dongle is enriched with new features that enhance its reliability and compatibility, as well as resistance to hacker attacks.

The cryptographic algorithm ECC160, implemented in Guardant dongles on a hardware level, was designed to generate electronic signatures. Signature verification of the application allows you to make sure that it was made by none other than a dongle. This greatly complicates building emulators, because any data generated randomly by software in the course of its work can be used for testing.

If the application uses a limited set of data to communicate with dongle, the challenge is to make the data supply last for as long as possible. Accordingly, the more varied the data, the longer it takes to create a table emulator for the dongle.

The use of an electronic signature allows the protection developer to increase the potential variety of the data flow indefinitely, because, as opposed to hardware-based symmetric encryption algorithms, there is no need to prepare a table of questions and answers in advance for later use in the application.

Guardant dongles can perform hardware-based encryption of any data that the application uses, using cryptographic algorithms that implement data conversion inside the dongle’s microcontroller. In this case, neither the method of conversion nor the encryption keys leave the memory of the microcontroller, which complicates the analysis of these algorithms from the outside.

Modern Guardant dongles implement several different algorithms on the hardware level:

• symmetric GSII64 algorithm (proprietary in-house design);
• symmetric AES128 algorithm;
• unidirectional versions of all algorithms;
• the ability to upload arbitrary encryption algorithm for Guardant Code dongles.

Hardware restrictions mean the proprietary technology of a programmable block on memory reading and writing for a selected area of the dongle. Hardware restrictions are an efficient measure to protect the contents of memory. Restrictions are set on the lower level, which ensures they cannot be bypassed by conventional software means.

By default, the software utility sets up read and write restrictions for handles of hardware algorithms and protected cells created in the Guardant dongles. This ensures that the hardware algorithms of Guardant dongles cannot be read or duplicated.

The protected cells technology is used to secure application data and handles of cryptographic algorithms. This information is protected by hardware restrictions on read/write, and access to it requires a password. In addition, the state of a cell can be easily controlled: it can be activated or deactivated, both directly and remotely.

The protocol of exchange with the Guardant dongle has a number of original features that increase its resistance: tunnel traffic encryption, use of unique session keys, mutual authentication of the dongle and Guardant API, automatic verification and automatic repeat during data transfer.

At the beginning of a session, the application and the dongle generate an encryption key for the symmetric algorithm. This key will encrypt all data sent to the dongle and the data received by the application in response. For each session with the dongle, a new encryption key is generated, due to which a stream of data will always be different. Moreover, a new encryption key is generated once in a while during the session, i.e. the encryption method changes in the course of the session as well. Thanks to this, the recording and playback of different sessions with a dongle will not assist hackers.

All Guardant software components, including service utilities, drivers, Guardant API, and Auto Protection, are safely protected from reverse engineering by the use of pseudo code. Certain parts of the code are converted into a secure system of commands of a unique virtual machine that ensures their correctly timed execution.

A new instance of pseudo-code with its own logic and set of commands is generated every time in the protection of the same application. Thus, pseudo-code instructions can only be executed on the particular interpreter for which the byte code has been generated. The interpreter is also responsible for the protection of pseudo-code instructions, and of itself from modifications.

The generated pseudo-code and the corresponding interpreter is called a virtual machine. The system of Guardant code virtualization constitutes a complex and multi-level protection technology that is resistant to static and dynamic analysis.

Each copy of a virtual machine implements the following in a unique way:

• set of internal pseudo-code commands;
• multiple mutual integrity controls;
• obfuscation of the virtual machine code;
• conversion of the code of the virtual machine itself;
• defense mechanisms of pseudo-code from modifications;
• dynamic calculation of the command parameters;
• lack of permanent signature in the code protected by pseudo-code.

Remote update of dongle memory is widely used to change the operating conditions of the protected application and modification of the protection system. For example, it can be used to extend the duration of use for the software licensed based on usage time, to activate demo versions or to increase the number of network licenses.

Arbitrary code implementing functionality useful to the application can be executed directly in the protected memory of the dongle using its microprocessor. With proper selection and preparation of code that is loaded into the dongle, the possibility of software hacking is virtually eliminated. The loadable code technology is supported by Guardant Code dongles, as well as all their modifications.

Current models of Guardant dongles are able to work without first installing the drivers, if using the Human Interface Device (HID). This feature greatly simplifies the installation and daily operation of dongles for end users. When operating in HID mode, the dongle uses a standard driver already included with the Microsoft Windows OS family.

This means that the dongle is ready for operation as soon as the operating system recognizes it as a standard USB HID-compliant device. The operation of dongles in HID mode does not differ from operating them via the Guardant driver in any significant way.