For instance AFAIK there is no demo kit for SHK unlike for HASP SRM/HL. There are rumors that AES implementation of SHK does not conform to the standards and uses weak shorter keys and algorithms that in theory are extractable.During the years of sentinel's existence the approach of rainbow/safenet companies was and is more "security through obscurity" than that of aladdin. The firmware should have been extracted just 1 year after releasing the key and generally you could ask IC specialists that it is suicidal to use microchip PICs for a security device. It's fuses are separated aside from the main flash memory and are clearly visible on the die and also can be reset separately regardless the fact they are covered by a protective layer. Despite custom ordered PCB from microchip with MCU and eeprom packaged directly on the PCB there are some evidence that reverse engineers have found a comfortable pads on the pcb which are connected to the programming pins of the SHK's MCU PIC 18F2455 (RB6,RB7,-MCLR, VDD,VSS). HASP's AES encryption is a true 128-bit version of the standard.Ģ.
This MCU has no separate code protection fuses and its code protection flags are incorporated as an ordinary bits in the user flash memory, so erasing them optically would eventually ease the whole flash memory of the chip. It's motorola/freescale MCU is more mature compared to that of the SHK. HASP is more mature key and has been available (to hackers also) for almost 6 years. On my opinion HASP SRM is better (HL is firmware updated to SRM as you probably know so it would be wiser to compare HASP SRM to SHK) because:ġ. Your research is meaningless unless you are working for safenet and now you are deciding which solution should be phased out I would throw away both solutions Or I would have looked for a firmware modification of the keys that makes them execute a hidden user defined code (I mean the part of the user software itself) in the dongles themselves. Soon there will be a single key with common drivers & SDK. Your question is somehow obsolete since both keys (HASP & SHK) are owned by the same company - Safenet.
0 kommentar(er)
