Hints for Safe Implementation - How to protect the UPW

8 September 2022

The API integration offers you the best compatibility and flexibility. For example, you can keep your software running in demo or limited full-product mode if the CRYPTO-BOX®® is not present.


Before starting with the CRYPTO-BOX integration into your software, we strongly recommend that you review our secure implementation notes in Chapter 17 of the Smarx®OS Compendium. By following these suggestions, you can significantly increase the protection level of your integration.

An important point is the protection of the CRYPTO-BOX user password (UPW). If you store the UPW statically in your source code, it can be easily found by an attacker analyzing your software. Therefore it is a good idea to decrypt the UPW dynamically during program execution. These sample projects demonstrate how you can implement this securely

The samples are written in C++, C#.NET (Visual Studio 2015 and up) and Delphi (RAD Studio 10 and up) and are based on the CBIOS API resp. CBIOS4NET/Smarx4NetCore API. They can serve as a reference code which can be adapted to other development environments as well. More samples which demonstrate the usage of hardware based encryption functions of the CRYPTO-BOX can be found in the Smarx OS Professional Protection Kit (PPK) under:
[PPK root folder]\SmarxOS-Samples\CBIOS
and:
[PPK root folder]\SmarxOS-Samples\Security

Do you have any questions or feedback to this sample, or need support by adapting it to other languages/development environments? Please contact us!

Back