1. Field of the Invention
The present invention relates to the verification of the authenticity of a software application executed on a host terminal without necessarily resorting to encoding/decoding keys.
2. Description of Related Art
It finds a general application in the authentication of software applications and, more particularly, software applications intended to be executed on a data processing apparatus, more especially a host terminal such as a digital television decoder, equipment for visualising multimedia contents, a micro-computer, a smart card, a personal organiser, a games console, a mobile telephone or the like.
Means of authentication are already known which permit the authenticity or the integrity of software applications loaded and executed on host terminals to be verified. Generally such authentication means use cutting functions and/or cryptographic algorithms which use secret data such as private or secret encoding/decoding keys hidden in the verification software of the host terminal. Most often, these secret data are protected by obfuscation techniques intended to make retroconception more difficult.
In practice, such authentication means loaded in the host terminals are just as vulnerable as the software applications, the authenticity of which they are intended to control. In fact, an experienced pirate can carry out malicious modifications to these authentication means in order, for example, to recover the secret data, delude the verification system or make it produce, in spite of itself, the expected results.