A dongle is a small hardware device that connects to a computer to authenticate a piece of software. When the dongle is not present, the software runs in a restricted mode or refuses to run. Dongles are used by some proprietary vendors as a form of copy prevention or digital rights management because it is much harder to copy the dongle than to copy the software it authenticates. Vendors of software protection dongles (and dongle-controlled software) often use terms such as hardware key, hardware token, or security device in their written literature. In day-to-day use however, the jargon word "dongle" is much more commonly used.

The term has been somewhat generalized to describe specialized connectors that convert one type of port to another, for example an RJ45 jack that plugs into the edge connector on some kinds of PC card Ethernet adaptors, as well as small devices such as USB flash drives or wireless networking adapters. In addition, author Douglas Adams, in a 1990s column for the US edition of MacWorld magazine, used the term "little dongly things" to describe plug converters necessary for adapting US power cables to international plugs.^[1] These usages are not universally accepted.

Software protection dongles are typically used with very expensive packages (starting with about USD 500 and up) and vertical market software, such as CAD/CAM software, MICROS Systems hospitality and special retail software, Digital Audio Workstation applications and some translation memory packages. The vast majority of printing and prepress software, such as CtP work flows, require dongles. Efforts to introduce dongle copy prevention in the mainstream software market were generally met with stiff resistance from users. Despite being hardware, dongles are not a complete solution to the trusted client problem.

Some times, in cases such as prepress and printing software, the dongle is encoded with a specific, per-user licence key, which determines which software features are enabled in the target application. This is a form of extremely restrictive licensing, which allows the vendor to engage in vendor lock-in and licence overpricing. An example of this practice is seen in the way Creo licences Prinergy to customers: When a computer-to-plate output device is sold to a customer, Prinergy's own licence cost is provided separately to the customer, and the base price contains little more than the required licences to output work to the device. In order to access the advertised features in the application, the customer must pay a significant amount of money for a special dongle.

Well-known software protection dongle manufacturers include Matrix (Matrix Dongle) Matrix Software License Protection System,^[2] SafeNet (better known as Rainbow),^[3] Aladdin,^[4] Microcosm Ltd (Dinkey Dongles),^[5] WIBU-SYSTEMS,^[6] SG-Lock^[7], UniKey (or SecuTech)^[8] and Senselock (or Sense),^[9] and in the digital audio world, some versions of Pro Tools and many plugins use the Pace iLok Smart Key USB dongle.

History

The word dongle has been used as a placeholder name since the 1970s. Its origin is unknown. The American Heritage Dictionary, 4th edition, says it is "probably [an] arbitrary coinage." Claims that it was derived from the name "Don Gall" are an urban myth popularized by a 1992 advertisement for Rainbow Technologies, now SafeNet, a dongle vendor.

Dongle as the name of a device was used well before 1980 within the telecom industry to refer to BNC cable joiners of either gender (such as the RG58 cable used on 10 meg Ethernet).

WORDCRAFT was the first program to use a software protection dongle, in 1980. Its dongle was a simple passive device that supplied data to the pins of a Commodore PET's external cassette port in a pre-determined manner. This arrangement was made possible because the PET cassette port supplied both power and data connections through a proprietary edge connector. It did, however, make the cassette port unusable for its intended purpose.

That first dongle was allegedly invented and named by Graham Heggie in the UK although the true inventor and namer of the Dongle was a Mr John Paulson from Chinley in Derbyshire (UK)

The two cubic inch (33 cm³) resin-potted first generation devices were called "dongles" by the inventor as there was no other suitable term to hand on the day. The distributor, Dataview Ltd., then based in Colchester, UK, then went on to produce a derivative dongle which became their core business.

Dongles rapidly evolved into active devices that contained a serial transceiver (UART) and even a microprocessor to handle transactions with the host. Later versions adopted the USB interface in preference to the serial or parallel interface. Currently, due to the maturity and advancement of USB technology, USB interface is gradually taking a dominating position.

It is interesting to note that modern smart cards present the same features set as modern dongles. Given this, the dongle market may be overtaken by smart cards as smart cards are more secure and powerful by design than traditional MCU based dongles.

Problems with software protection dongles

There is the potential for weaknesses in the implementation of the protocol between the dongle and the copy-controlled software. It requires considerable cunning to implement this in a fashion that is not easy to crack. For example, naive implementations might simply define a function to check for the dongle, returning "true" or "false" accordingly, reducing the prevention scheme to a single bit value at one point in the program.

Modern dongles include built-in strong encryption and use fabrication techniques designed to thwart reverse engineering. Typical dongles also now contain non-volatile memory — key parts of the software may actually be stored and executed on the dongle. Thus dongles evolved and have become secure cryptoprocessors that execute inaccessible program instructions that may be input to the cryptoprocessor only in encrypted form. The original secure cryptoprocessor was designed for copy protection of personal computer software (see US Patent 4,168,396, Sept 18, 1979) to provide more security than dongles could then provide. See also bus encryption.

However, security researchers warn that dongles still do not solve the trusted client problem: that if you give a user the cryptographic ciphertext, the algorithm and the key, your cipher is likely to be breakable, even with the algorithm and key encoded in hardware.^[10]

Another problem is that if the need for the dongle is bypassed, the counterfeit version of the program is then seen to be superior to the legitimate original.

Hardware cloning is also a lethal threat to traditional dongles. To thwart this, some dongle vendors adopted smart card product, which is widely used in extremely rigid security requirement environments such as military and banking, in their dongle products.

A more innovative modern dongle is designed with a code porting mechanism, meaning you can transfer part of your important program code or license enforcement into a secure hardware environment (such as in a smart card OS, mentioned above). An ISV can port hundreds and thousands of lines of important computer program code into the dongle.

Most dongles need a driver installed, and the dongle driver is not always stable. Software users may encounter a "dongle not found" error even while the dongle is attached. New generation dongles (such as UniKey) use HID (Human interface device) to solve this problem. See HASP, many users of Dongles refer to them as Hasps (IBM product with similar features).

Game consoles

• Some unlicensed titles for game consoles used dongles to connect officially licensed cartridges to circumvent authentication chips embedded in the console that give restrictions on what software will run.^[11]

References

See also

• The trusted client model

External links

• Jargon File: dongle