Despite huge efforts by software providers, software protection mechanisms are still broken on a regular basis. Further, a successful attack on one copy can often be replicated automatically on other copies. For example, if a software provider distributes evaluation versions of a piece of software, a crack that removes the time limitation from one copy can be applied to all other distributed copies as well. Yet further, conventional distribution models can allow for serial attacks that quickly affect thousands of users.
Diversification is a concept that can be used to enhance software security and confound attack. However, diversification techniques developed for software security are not always transferable to software protection as different rules can apply. For example, most of the run-time diversification introduced for security could easily be turned off when an attacker has physical access to the program and execution environment.
As described herein, various diversity techniques for software protection provide renewable defenses in space and in time, for example, by giving every user a different copy and renewing defenses with tailored updates.