The invention involves a procedure to protect computer software and/or computer-readable data against unauthorized use as well as a protective device for use in such a procedure.
Computer software, documents, and data with content that are to be protected against illegal dissemination are primarily sold individually as a package. In part technical measures are employed against unauthorized use, including in particular pirate copies, whereby the measures are either pure software solutions or a hardware protection, so-called dongle.
Problematic in any kind of security measures against unauthorized use is that individually adjusted security measures are required for every product. New distribution paths such as ESD (electronic software distribution), for example over the Internet, are made much more difficult because along with the protected computer program or protected data it is always necessary to prepare and provide individual hardware and software. The licenser therefore has additional costs just for the security measures. The licensee has a one-time procurement price and risks making a bad investment. Payment according to the intensity of use is not customary, because it cannot be measured technically.
The high-grade procedures available today to protect software on the basis of the encoding of documents, program code, or resources are not adequate for future security requirements, especially for widespread and accordingly reasonably priced software as well as their secure accounting as a function of use.
The currently available Private Key Tokens that are used for authentication and that can store certificates, for example in accordance with ITU-norm X.509v3, do meet high security requirements but permit only the storage of a few certificates. The simultaneous use of many differently protected programs or data with individual encoding and accounting is also not foreseen here.
Because every individual software product requires its own protective procedure that in any case is associated with substantial additional costs, the overwhelming share of computer software and/or computer-readable data is still disseminated without effective copy protection. The originators or licensers thereby miss receiving large sums of unpaid license fees.
For the future use of many different computer programs or computer-readable data, especially also from different licensers and utilizing new online marketing paths, new protective procedures are therefore needed that secure the income of licensers and correspond to increased security requirements.
U.S. Pat. No. 5,826,011 describes an electronic security device developed as hardware for the protection of computer software in the installation, which is linked to the computer of the user. This electronic security device includes different secret installation data that are required in the installation of the protected program.
U.S. Pat. No. 5,805,802 describes a module for the protection of software in a computer network, including a microprocessor for the implementation of controlled access to the software, an interface for linking with a network server, a programmable memory in which a use-restricting code is stored, and a device for the processing of this use-restricting code and a current user number.
WO 00/20948 describes a copy protection system that combines a signature procedure with a coding or encoding procedure using variable keys.
Finally the company publication “WIBU-KEY—the Convincing Concept on the Theme of Copy protection” from the applicant himself, published in 1999 by WIBU-SYSTEMS AG, describes a protective device developed as a hardware supplement for linking a copy-protected software to the computer of the licensee. Here use is made of a procedure in which the software to be protected is encoded at the licenser and again decoded at the licensee. The encoding depends upon three parameters: the Firm Code that is given by producer and issued just once for each licenser; the User Code that the licenser is free to set; and finally the Selection Code that serves to select one of more than 4 billion encoding variants for each license entry. The Firm Code and the User Code are programmed into the protective device by the licenser. The Selection Code is sent to the protective device at the disposal of the licensee in the initializing of the encoding and is not stored. The Selection Code, prepared by the licenser, is included in the protected data or the protected software.
Detrimental in the last-named protective procedure is the fact that the licenser is dependent on a fixed Firm Code provided by the producer of the procedure or of the protective device (box). This results in a certain dependency of the licenser upon the producer of the procedure or of the box, which on the one hand restricts the licenser whereas from the point of view of the licenser it leads to security that is not yet optimal. Furthermore, a substantial advantage is that every licenser requires a certain fixed Firm Code, which for the licensee, that is, the end customer of the software, may mean that in using the software of different licensers he must employ several protective devices.