> Not if you use a challenge/response that uses the serial number as
> part of the encryption key. The key is that EVERY challenge is unique,
> with a unique response.

The software has to have "unencrypted" code that will make the challenge and
test to see if the response is correct.  How could you keep a cracker from
simply mimicing the KEELOQ device?


I better idea may be to make the dongle a necessary part of the software.
If you are writing your software in C++, for example, put a routine that
isn't too processor intensive ONTO the PIC.  Thus, the PIC would be
contributing to the actual execution of the program.  This makes your
security extremely dynamic, a cracker would be really fried to do this
because he would have to reverse engineer your source code.  Think about it,
no matter what a wannabe cracker tries, the software is essentially
"incomplete" without with a functioning dongle!  (I shock myself with these
ideas sometimes....)

Obviously a 12Cxxx won't do it.  Unless you're REALLY creative. I'd use a
16F8xx part or anything with extended amounts of programming space.

If you would like more details on how to do this just contact me, I don't
require money.  Just a challenge and a little time.

Anthony Clay
zarthrag@intcon.net

--
http://www.piclist.com hint: The list server can filter out subtopics
(like ads or off topics) for you. See http://www.piclist.com/#topics