What We Know About Them
The dongle is a software protection device that takes the shape of a small piece of hardware that plugs into a communications port (generally USB) on a computer and serves as an electronic "key" for a piece of software; the program will run only when the dongle is plugged in.
Characteristics
The purpose of the dongle is copy protection or authentication of software to be used on a system. In its most basic form, the dongle mostly appears as a two-interface security token with transient data flow that does not interfere with other dongle functions and a pull communication that reads security data from the dongle.
Dongles are used by proprietary software vendors as a form of copy protection or digital rights management, because it is far harder to replicate a dongle than to copy the software it authenticates. Without the dongle, the software may run only in a restricted mode, or not at all.
Modern dongles include built-in strong encryption and use fabrication techniques designed to thwart reverse engineering. Typical dongles also now contain non-volatile memory — key parts of the software may actually be stored and executed on the dongle. Thus dongles are now essentially secure cryptoprocessors that execute inaccessible program instructions that may be input to the cryptoprocessor only in encrypted form.
Hardware cloning, where the dongle is emulated by a device driver, used to be a big threat to traditional dongles. To thwart this, advanced dongles are based on smart card products, which are widely used in extremely rigid security requirement environments such as military and banking.
Network dongles significantly lower deployment cost for licensing networked instances of an application - a single server-side dongle can license a number of instances of an application via the network. Some dongle vendors pre-configure network dongles for the maximum number of peer applications to enable, other vendors enable software developers to tailor the number of peer applications to their needs.
For some extremely secure software installations, for example on computers where HID processes are not allowed to run, software producers insist that the dongles they use for copy protection use device drivers. However, in general dongle drivers bring problems for end-users. Most developers and software vendors aimed to get rid of the dongle driver headache. Most modern entry-level dongles are driverless dongles, making dongle deployment and management easy for both software vendors and end-users. These driverless dongles are based on plug 'n' play (HID) technology, which works like a plug 'n' play mouse or keyboard. Higher-end dongles can be both, i.e. driverless in HID environments, as well as providing a driver for certain circumstances.
For some high-security installations, where it is paramount that there is no misuse by computer clock adjustment, an advanced dongle with an embedded real-time clock can be used. The dongle's time calculation is driven by an internal clock which is battery-driven and sustainable for a number of years, sometimes up to 3 years. Its unique design tackles license misuse by computer clock adjustment. Not only is this technology critical to some high-security installations, but it is also an ideal dongle solution for license rental and trial management.
Expanding on this technology, some dongle manufacturers produce a rechargeable RTC dongle, whereby the dongle's battery can be repeatedly charged/discharged. When not connected to a host computer, the dongle runs on its internal battery, but once connected, it runs on a charge from the host, while at the same time recharging its internal battery.
More innovative modern dongles for ultimate dongle security provide a feature called code porting whereby the software vendor can transfer part of the important program code or license enforcement into a secure hardware environment on the dongle (such as in a smart card OS). An ISV can port thousands of lines of important computer program code into the dongle.