The payload is as a JWS: Base64UrlEncode(header) || '.' || Base64UrlEncode(payload) || '.' || Base64UrlEncode(signature) . The client verifies the signature using the hard‑coded EPVK bundled with the installer; any alteration of the payload invalidates the signature. 4. Lifecycle Management | Phase | Action | Security Controls | |-------|--------|-------------------| | Generation | License Server receives purchase order → generates a random activation nonce → derives per‑device secret via HKDF | Server runs inside a hardened KMS; private signing key stored in an HSM. | | Distribution | Signed token transmitted over TLS 1.3 | Mutual TLS optional for high‑value clients; rate‑limiting to prevent enumeration attacks. | | Activation (Client) | Stores token in %APPDATA%\Eulen\license.eak (encrypted with DPAPI on Windows) | File integrity protected by signature; OS‑level encryption prevents theft. | | Renewal | Before exp the client can request a renewal token; server may extend expiry or modify feature set | Renewal requires re‑validation of device fingerprint; short renewal windows (e.g., 30 days) limit abuse. | | Revocation | Server adds token’s sub to a revocation list (CRL) published daily; client checks CRL on startup if online | Offline clients enforce a grace period (e.g., 7 days) after last successful CRL fetch. | | De‑provisioning | Upon contract termination, server revokes the token; client removes stored EAK file after next check | Auditable logs stored in SIEM for compliance. | 5. Threat Model | Threat | Description | Mitigation in EAK | |--------|-------------|-------------------| | Key Forgery | Attacker attempts to create a valid token without server involvement. | Use of Ed25519 signatures with a private key stored in an HSM; public verification key hard‑coded, making key generation infeasible. | | Replay Attack | Captured token is reused on a different device. | Device fingerprint ( fp ) is bound to token; mismatch aborts activation. Random nonce ensures each token is unique. | | Man‑in‑the‑Middle (MITM) | Intercept activation request to extract fingerprint or tamper with response. | TLS 1.3 guarantees confidentiality and integrity; optional client certificates provide mutual authentication. | | Key Extraction | Attacker extracts the EPVK from the client binary to attempt offline forgery. | EPVK is public by design; security relies on private key protection on the server side. | | Token Tampering | Modification of payload (e.g., extending exp ). | Signature verification fails if payload altered. | | License Dumping | Exporting the EAK file to another machine. | Fingerprint hash mismatch triggers failure; token is useless without the original device’s fingerprint. | | Revocation Bypass | Offline client never receives revocation list. | Grace period limits exposure; long‑term contracts can enforce periodic mandatory online checks. |
This paper documents the EAK design, evaluates its security, and positions it within the broader landscape of software licensing. Although the specifics of the EAK implementation are proprietary, the concepts described herein are fully generic and can be reproduced by any organization seeking a robust activation‑key system. | Licensing Mechanism | Core Idea | Typical Use‑Case | Strengths | Weaknesses | |---------------------|-----------|------------------|-----------|------------| | Serial Number / Product Key | Human‑readable alphanumeric string, often checksum‑protected. | Consumer desktop apps, low‑risk environments. | Simple to generate/distribute. | Easy to share; limited cryptographic binding. | | Online Activation (Server‑Side Validation) | Client contacts licensing server; server returns a signed token. | Enterprise SaaS, frequently connected products. | Real‑time revocation, usage analytics. | Requires constant connectivity; latency. | | Hardware Dongle | Physical device stores secret key; driver validates presence. | High‑value CAD/CAE tools, DRM‑critical software. | Very strong binding to hardware. | Costly, prone to loss, inconvenient for remote sites. | | License File (Signed JSON/XML) | Offline file containing entitlement data, signed by CA. | Applications with intermittent connectivity. | Offline verification; flexible payload. | Revocation requires expiration or CRL checks. | | Blockchain‑Based Tokens | License recorded on a public or permissioned ledger. | Decentralized distribution, traceability. | Tamper‑evident, transparent. | Complexity, performance overhead, regulatory concerns. | eulen activation key
Formal security analysis (using the Bellare‑Rogaway model) shows that, assuming the hardness of the elliptic‑curve discrete logarithm problem on Curve25519, an adversary’s probability of forging a valid token is negligible (≤2⁻¹²⁸). | Criterion | EAK (Hybrid) | Online‑Only Activation | Hardware Dongle | License File (Unsigned) | |-----------|--------------|------------------------|-----------------|--------------------------| | Offline Use | ✔ (token stored locally) | ✘ (requires server) | ✔ (dongle present) | ✔ (but insecure) | | Revocation Speed | Fast (CRL daily) | Immediate (server check) | Immediate (dongle disabled) | Slow (expiry only) | | Implementation Cost | Medium (KMS + server) | Low (web service) | High (hardware logistics) | Very low | | User Convenience | High (no dongle, minimal connectivity) | Medium (requires connection) | Low (physical device) | High (simple file) | | Security Level | High (asymmetric + device binding) | High (server‑side) | Very High (tamper‑resistant) | Low (easy to spoof) | | Scalability | Excellent (stateless token verification) | Good (depends on server load) | Limited (dongle inventory) | Excellent (no server) | The payload is as a JWS: Base64UrlEncode(header) || '