Crackability of a software

Hi folks.
I start saying that in my opinion all softwares are crackable (not in all cases, for example i think that a keygen is not always possible, but, imho, a patch is always possible). Is this right?
If my first statement is right, is there anyone that knows a site that says what i've said before (a site such as intel, microsoft or companies like these)? Also is possible to prove it?

[chessgod101]

Your first statement is not exactly correct. For example, it is not possible to patch a rar archive to accept a faux serial. I have also seen programs the the author encrypted specific features of a program which could only be decrypted with a valid serial. To solve these problems, brute force is the only viable option. Depending on the length of the serial/password, it could take centuries to brute force a valid value. Hypothetically, once you get a valid serial(be it brute forced of leaked), you could nop the decryption routine and patch the correctly decrypted code into the program.

Sure. I've forgotten to say that my statement isn't referred to cases that requires a key to decrypt something (this last problem, imho, isn't a reversing problem but is a cryptography problem because we have a piece of code encrypted without a routine that decrypt that piece of code)

[Syoma]

I think it is just trash topic. Read manuals first. Start from NP-hard problems.

Quote:

Originally Posted by Syoma

I think it is just trash topic. Read manuals first. Start from NP-hard problems.

-.-'

I repeat it for the last time: my statement doesn't refer to protections that involve, in any way, tecniques of encryption when the key is not included or deducible from the code of the exe...

In particullary, my question is referred to the existence of some tecniques or protection software (such as themida or armadillo) that doesn't allow, in any way, to do an operation of reversing engineering (or cracking if is the case)

[Syoma]

I didn't write about any encryption.

So, i don't understand why you have mentioned NP-hards problems in your previous post...

[Maximus]

you asked about proving it.

said in short term, you have asked if you can make a turing machine that can say if a generic turing machine can stop.

A good way to understand this problem's category is to understand this:

http://en.wikipedia.org/wiki/Cantor%27s_diagonal_argument

Hence, that guy told you to learn the basis of (academical, tbh) IT.
It's the basis of the modern logic, since it is founded over Goedel's theorems+ the Church-Turing one.

Quote:

for example i think that a keygen is not always possible, but, imho, a patch is always possible

that is not true brother.
In some cases keygen is the only solution, and in other you need a patch and keygen.

Every software is keygen-able if you understand the routine. put some times it needs a patch to remove server check,....etc

also some teams releasas only keygens like : Core for example
some release cracked like EAT

[Kerlingen]

Quote:

Every software is keygen-able if you understand the routine

I guess you never heard something about symmetric and asymmetric cryptography.

Quote:

Originally Posted by Kerlingen

I guess you never heard something about symmetric and asymmetric cryptography.

No brother.. I think these are new for me >>> :confused

Lits Talk About Symmetric:
types :
¹ã-fÿ”Éô8°€Xö .. Key to resolve : SiM >> yes it is AES
,¼bP:: .. Key to resolve : SiM ?? blowfish

more others brother ¹ã-fÿ”Éô8°€Xö I start to miss xxTEA crypto.

Lits Talk About aSymmetric:
I think I don't need to talk about ELGAMAL & RSA

Some poeple will Say Noooo !! AES is UnBreakable ! I think they should focus on eXpande Shperic Linearization .. Ahh Math is cool as it should. Regardless in-feasibality of bruteforcing you will get some key with sid-channel attack.


Let Go More Deep :>.. What if An ECC is Implemented ? Does that need a patch or a keygen ?


besides all that what do prefer ? Keygen - or - Patch
Please that when I say Keygen thats Includes KeyFileMaker also.

[Kerlingen]

Your post doesn't make any sense.

[zementmischer]

"eXpande Shperic Linearization" - hey, i know this one - it's used to prove the Riemann hypothesis as well as Fermat's last theorem. AFAIR it can also be used for prime factorization in O(1)

I think everybody here knows that AES has been broken.
But a key space of 2^126 or 2^254 is still not feasible.

And 'side channel attacks' (eg. timing, power consumption) do not attack the algorithm but the implementation. Hence if the algorithm is properly implemented you won't get any results - unless you analyze the entire key space.

Quote:

Originally Posted by SiM

that is not true brother.
Every software is keygen-able if you understand the routine. put some times it needs a patch to remove server check,....etc

What about in the case of a piece of software without a serial algo. For example one that submits a serial code for a server, which returns a value (1 or 0 for example) as to whether it's valid. In this case the entire algo is on the server and there is no possible way to determine what it is, unless you can get access to the server, which is no longer Reverse Engineering and becomes hacking/cracking, and therefore the only possible way to Reverse the program is to simply patch the server check.

[greengo]

Do not forget about the programs suggest incomplete functional - DEMO. It is not broken.