1. Field of the Invention
The instant invention relates to the field of methods of protecting software from unlicensed use. More particularly, the instant invention relates to methods of protecting software from unlicensed use which utilize authentication of digital keys and distributed execution of executable software.
2. Prior Art
It is known in the prior art of protecting software from copying to utilize a system for providing secure access and execution of application software stored on a first computer by a second computer using a communication device while a communication link is maintained between the first and second computers. More specifically, it is known in the prior art to utilize a secure software rental system. The secure server rental system enables a user in a remote location using a personal computer and a modem to connect to a central rental facility, transfer application software from the central rental facility to the remote computer, and execute the application software on the remote computer while electronically connected to the central rental facility. When the communication link between the central rental facility and the remote computer is interrupted or terminated, the application software no longer executes on the remote computer. This interruption or termination is accomplished by integrating header software with the application software. The application software stored on the central rental facility is integrated with the header software to provide the security feature. The use of header software allows the user to execute the application software only while the user is electronically connected to the central rental facility continuously. This use of the header software is intended to prevent the user from copying the application software to a storage device on the remote computer, and subsequently executing the application software after interrupting or terminating the communications link between the central rental facility and the remote computer.
The methodology of utilizing a system for providing secure access and execution of application software stored on a first computer by a second computer using a communication device while a communication link is maintained between the first and second computers fails as a protection against copying because the system downloads the complete executable to the user""s machine (with the inclusion of xe2x80x9cheader softwarexe2x80x9d) making it susceptible to simple cracking techniques which can avoid the protection system by removing the header software. Other forms of header software, such as those that require serial numbers before running the application software, have been shown to be ineffective in protecting software from copying and automated methods of removing the header software have been developed.
It is further known in the prior art of protecting software from copying to repetitively transmit portions or sequences of a retailed (distributed or delivered to an end user) computer program through one way media to a computing device, such that the computing device sequentially executes the transmitted portions or sequences of the retailed computer program, such that a user of the computing device has full use of the retailed computer program, and such that the computing device at no single time has a true, accurate and complete copy of the retailed computer program within the computing device, thereby preventing unauthorized duplication of the retailed computer program by eliminating the presence within the computing device, at any single time, of a true, accurate and complete copy of the retailed computer program.
The method of repetitively transmitting portions or sequences of a retailed computer program through one way media to a computing device, such that the computing device sequentially executes the transmitted portions or sequences of the retailed computer program, such that a user of the computing device has full use of the retailed computer program, and such that the computing device at no single time has a true, accurate and complete copy of the retailed computer program within the computing device fails as a protection against copying because the method allows a complete copy to be assembled from the transmitted pieces of the retailed computer program. No method that operates on a one way medium can be fully secured against unlicensed copying, because simply recording and replaying the transmitted data results in a working copy of the retailed computer program.
It is further known in the art of protecting software from copying to create an encoding technique to protect software programs and hardware designs from being copied, tampered with, and their functions from being exposed. The software programs and hardware designs (collectively called programs) thus encoded still remain executable. The encoding technique employs the concept of complexity of programs and produces proximity inversion in terms of functions contained in the programs, while preserving the behaviors. Various embodiments are possible to achieve this encoding which includes, for example, cascading and intertwining of blocks of the programs. This method of encoding software, while making tampering with the software much more difficult, does not prevent the software from being copied. This technique of encoding software might be combined with other methods of copy protection to make tampering more difficult. But, because this method allows the user complete access to the software, the software can be disassembled, studied, and modified. Given a determined user, software protected from tampering by this method can be reverse engineered because all of the software, in unencrypted form, resides physically on the user""s machine.
Other and further copy protection methods are known in the art. For example, it is known to mark a sector on the disk containing the software to be protected as xe2x80x9cbadxe2x80x9d and store valid data in it. At one time most disk copy software would not copy bad tracks or sectors from a disk. However, such disk copy software is now common.
It is further known in the art of protecting software from copying to copy protect a software being delivered to the customer on a disk (or other physical storage media) by physically manufacturing a defective sector on the disk (or other physical storage media) containing the software to be protected and then to check for this defective sector when the software is loaded into the customer""s volatile memory for operation. This software protection mechanism is readily defeated by reverse engineering the software to no longer check for bad sectors (method of modifying is discussed later). Furthermore, this technique of software copy protection requires special manufacturing capabilities, depends on the error detection capability of the software user""s drive which may not be consistent across all users, and has the additional drawback that it doesn""t allow the software purchaser, the authorized user, to backup his software.
It is further known in the art of protecting software from copying to utilize password based systems to protect software from copying. Typically, in such a system, the user is asked to enter a phrase from the user manual or from a sticker placed on the product""s packaging when the software starts. The user manual, itself, was sometimes protected from copying by use of photocopy resistant paper. This method of copy protection for software is easily defeated by manually typing the required information and making it publicly available, or by reverse engineering the software to bypass the password check.
It is further known in the art of protecting software from copying to attach a hardware device (sometimes referred to as a xe2x80x9cdonglexe2x80x9d or xe2x80x9csmart cardxe2x80x9d) to a communication port as a protection against software copying. The software checks for the dongle sporadically during the software""s execution and shuts down if the dongle is missing. This software copy protection mechanism is defeated by finding the code sequence within the software that checks for the dongle and removing that sequence of code. Additionally, this method requires the Software Vendor 3 to distribute expensive hardware with each copy of his software product limiting it""s use to expensive software packages.
It is further known in the art of protecting software from copying to utilize a dongle protection method that stores part (a few bytes) of the software program""s data inside the dongle""s memory. In this manner, the software cannot function completely without the missing data. However the data or few bytes of executable code, are static (they never change) and once the data or bytes of executable code are read into memory from the dongle, the software copy protection can be defeated by replacing the data or bytes of executable code intended to be provided by the dongle with the data or lines of code as read from the active (RAM) memory.
It is further known in the art of protecting software from copying to encrypt portions of or entire software programs and decrypt them at the point they are run by using a user supplied key. A key may be in the form of a serial number, a card, or a dongle. This method fails to protect the software in question because the decrypted instructions are stored in the memory of the user""s computer where they can easily be read and copied. Also, because the software program protected by the method in question uses locally executing software to verify a key, the locally available software can be modified such that any key appears to be the correct key. Further, if the key is in the form of a serial number, the serial number can be copied without limit. Finally, if the key is in the form of a hardware device, additional costs are incurred by the Software Vendor 3 for each copy of software sold.
It is further known in the art of protecting software from copying to produce software that stores specific information about the software""s user, such as the user""s software version number, the user""s CPU identification number, BIOS version, the user""s hard drive size and partition information, or the user""s Ethernet card address, during the software unlocking process so that when the software next loads up to RAM it will check for that value. The unlocking process usually occurs by telephone or by network, where the user receives a secret key that decrypts the executable and also has the user""s information encoded into the key. This method also suffers from the fact that the executable is resident on the user""s machine and can be reverse engineered to no longer make checks for the above mentioned secret key or data. Additionally, this method of software copy protection is very inconvenient as the authorized user, software licensee, cannot run the copy protected software on another, perhaps upgraded, CPU nor can the user install a new hard-drive and still have the software function.
It is also known, in the art of protecting software from copying and license management, to store a file on the user""s computer which represents a software license. When a user tries to execute protected software, the software checks to ensure that the license file is available locally. If the license file is not available locally, a search is performed for a license file that is not in use on another computer and if a license file is found, it is transferred from one computer to another. This method allows a group of users to share a license as long as the number of simultaneous users doesn""t exceed the number of licenses. This method suffers from the same weaknesses described in the preciously mentioned prior art, which is that the software is available locally in a complete form and can be reverse engineered such that the software no longer checks for the license file when starting up. The License Server provides no needed service to the running software so removing the interaction with the License Server is a straight forward task.
Finally, it is known in the art of protecting software from copying to design a specialized microprocessor that decrypts programs on chip as they run. This method gives each decrypting microprocessor it""s own decryption key stored locally within a tamper resistant casing. Because each processor has it""s own decryption key, only software specifically encrypted using that key will operate correctly on that microprocessor. The microprocessor further encrypts and decrypts memory as it is written to and from an external bus. This invention offers much higher security than the above mentioned prior art, but has the disadvantage that the microprocessor can only run one application provided by one Software Vendor 3 because the decryption key uses a symmetrical block cipher. Because a new decrypting microprocessor is needed for each new software product, such microprocessors are unlikely to reach a mass market. This problem could be overcome by using public key encryption, however, the speed lost by encryption/decryption of every instruction and memory access prevents this microprocessor from running as fast as more general purpose microprocessors on the market. Further, the need for high security results in chip prices for the decrypting microprocessor to be much higher than the prices for currently available general purpose microprocessors on the market and requires additional batteries and tamper detecting circuitry. Furthermore, recent advances in cryptoanalysis such as differential power analysis could be used to recover the key from the device by measuring current draws and or electromagnetic emissions. Once the key has been recovered, the software can be decrypted and copied.
Various additional schemes for protection of software from copying are known in the prior art, however all appear to be variations on the above described methods.
All of the methods known in the prior art save and except the method utilizing a specialized microprocessor that decrypts programs on chip as they run, share a characteristic, they each permit all of the software that is to be protected into the possession and control of the user. Thus, almost every one of the methods known in the prior art shares the problem that if the user has complete access to the executable software and its copy protection system the user can figure out how the system works and use this information to defeat the software""s copy protection system, certainly to disable the software""s copy protection scheme.
The instant invention is of a method of protecting from unauthorized, unlicensed use. The method requires modification of the executable code of the software to be protected such that certain portions of the executable code operate on a License Server while the software to be protected operates on the authorized user""s computer. A License Server may be any computing device that can secured against access by the Software User and which can communicate across potentially unsecured channels to the Software User""s computing device. The preferred embodiment is described in terms of potentially long range communication channels such as found in the internet and telecommunication networks, however the License Server can be, as indicated in the description of alternate embodiments, located within the Software User""s computing system, as long as it can be secured against observation and tampering by the Software User. Careful selection of the portions of the executable code to be run on the License Server connected by said data communications channel assure that no noticeable degradation of software performance is detected by the Software User.
Accordingly, it is an object of this invention to provide a method of protecting software operating on a computer which may be put in communication with a License Server from unauthorized, unlicensed use.
It is a further object of this invention to provide a method of protecting software operating on a computer which is connected to a network from unauthorized, unlicensed use which requires some selected portion of the executable code of the protected software to be run on a License Server connected to that same network.
It is a yet further object of this invention to provide a method of selecting the portions of the executable code of the protected software to be run on a License Server that does not degrade the performance of the protected software while making it computationally not feasible to recover the selected portions of the executable code.
Yet other and further objects of this invention will become apparent upon a reading of the following detailed description of the preferred embodiment.