It is common for a company or an organization that writes software programs to sell copies of these software programs either on disks or over the Internet. Unfortunately, it is not easy to safeguard the software programs from unauthorized installation. If a program is delivered to customers unprotected, it may be obtained and installed by others, thereby denying the software development company an opportunity to collect payments from all users.
Various methods can be employed to prevent an unauthorized use, or, as it is often called, “pirated” use of computer software. These methods vary in their strength. Often the choice of the protection methodology depends on the assumptions on how sophisticated and skilled the potential attackers are. For example, one potential attacker may be the average buyer and user of personal or business software. He or she is typically knowledgeable about the most common operations involving files, so copying a software program may be within the realm of the user's capabilities. On the other hand, this average user is typically not skillful enough to explore and modify the inside of the executable version of a program or to find values and commands that direct the execution of various portions of the code of the program.
A second example of a potential attacker is a sophisticated “hacker” who can monitor a line or other connection to a data processing system and can read and intercept information flowing unprotected over a network, such as the Internet. These attackers are also, typically, skillful programmers who can analyze the software, locate data of interest to them and also write and execute programs, even the most complicated ones. The only thing that such an attacker may lack is the physical possession of a disk, if the distributed software was located on a disk when it was sold. Or, in some cases, these attackers may find it impossible to properly identify themselves to a server since the identification data may contain the serial number of a computing device they are using.
With these two types of potential attackers in mind, certain solutions to such a problem may provide adequate control but may difficult or expensive to implement. For example, one solution might be to use public key cryptography. Any of the well-known public key algorithms, such as the discrete logarithm (DL) problem in the multiplicative group of elements of a finite field, the RSA method, or a DL problem in a group of points on an appropriate elliptic curve, can be used. In a public key encryption procedure each user has two keys. One key is public and, as its name indicates, is published, so it is available to anyone. The other key is called private and is known to the user (i.e., the key owner) only. Hence, when a software company gets a request from a user, for example, over the Internet, to deliver a particular piece of software, it can, upon verifying the user's credentials, encrypt the program with the user's public key. Since, typically, only this authorized user is in possession of the private key, only the authorized user can decrypt the software and install it on his or her computer.
While the public key cryptography solution may provide software control, such a solution typically requires the existence of sophisticated public key infrastructure (PKI) and the presence of an entity called the Certification Authority (CA) which will certify each user's public key. Thus, this solution may be an expensive solution. The average person buying software on a disk or over the Internet, does not typically have a public/private key pair. The cost of protecting software would be prohibitively high and, therefore, the overall cost of the software may not be competitive. See Schneier, B., “Applied Cryptography,” 2nd edition, John Wiley & Sons Inc, 1996, for a thorough description of issues related to public key cryptography: the algorithms, their strengths, performance parameters, their advantages and disadvantages.
Yet another solution would be to use a symmetric key algorithm, such as DES or the Triple DES as described in Applied Cryptography, and Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A., “Handbook of Applied Cryptography,” CRC Press, 1997. In this case, the encryption is performed much faster, but difficulties and expenses may arise with the distribution of these symmetric keys.
In addition to the systems described above, several patents have addressed the issue of software control. For example, U.S. Pat. No. 5,915,025 entitled “DATA PROCESSING APPARATUS WITH SOFTWARE PROTECTING FUNCTIONS,” describes a data processing apparatus capable of enhancing the level of encryption security. Upon receiving target data to be encrypted, an encryption key generation unit generates an encryption key in accordance with an attribute of the target data. Using this encryption key, an encryption unit encrypts the target data. The encrypted data is placed into a storage unit. When a request is made to process the encrypted data, a decryption key generation unit generates a decryption key in accordance with the attribute of the encrypted data. The procedures for encryption and decryption may be quite complicated and rely on the use of public key encryption methods such as RSA.
Similarly, U.S. Pat. No. 5,757,907, entitled “METHOD AND APPARATUS FOR ENABLING TRIAL PERIOD USE OF SOFTWARE PRODUCTS: METHOD AND APPARATUS FOR GENERATING A MACHINE-DEPENDENT IDENTIFICATION,” addressed the problem of protecting distributed software, and describes how to load the software onto a Compact Disk-Read Only Memory (CD-ROM).
U.S. Pat. No. 6,044,469, entitled “SOFTWARE PUBLISHER OR DISTRIBUTOR CONFIGURABLE SOFTWARE SECURITY MECHANISM,” addresses the problem of how to protect software sent to publishers. As described in the '469 patent, additional code, called “the Protector code,” is added to the software product. This code is executed according to the selected protection options.
A mechanism for limiting the number of licenses for a given software copy is described in U.S. Pat. No. 5,390,297, entitled “SYSTEM FOR CONTROLLING THE NUMBER OF CONCURRENT COPIES OF A PROGRAM IN A NETWORK BASED ON THE NUMBER OF AVAILABLE LICENSES.” The '297 patent describes a system for limiting the number of nodes in a given network that can share the licensed software. The '297 patent also describes mechanisms for preventing a program from running on a computer if the key associated with that computer does not contain an available license for that program.
In U.S. Pat. No. 5,915,019, entitled “SYSTEMS AND METHODS FOR SECURE TRANSACTION MANAGEMENT AND ELECTRONIC RIGHTS PROTECTION,” various aspects of software protection are described. The systems described in the '019 patent utilize computers equipped in a certain way to ensure that information is accessed and used only in authorized ways. The '019 patent describes various methods of maintaining the integrity, availability, and the confidentiality of data.
Yet another method for software protection is described in the U.S. Pat. No. 5,666,411, entitled “SYSTEM FOR COMPUTER SOFTWARE PROTECTION.” Software protected under the system in the '411 patent is described as executing on computer systems which incorporate a microprocessor capable of deciphering certain instructions in real time. In the described system, program files are first enciphered with the help of a distribution cipher key. Prior to first use of software, program files are customized on the user's computer system. This customization procedure re-enciphers the programs, so that they are enciphered under a second cipher key. Customized programs are not described as executing on a computer system other than one constructed with a processor chip that incorporates a crypto microprocessor. The crypto microprocessor is capable of performing this re-encipherment, and of executing both enciphered and unenciphered programs. The security and the efficiency of the system proposed in the '411 patent may depend largely on the properties of the processor chip.
In U.S. Pat. No. 4,757,534, entitled “CODE PROTECTION USING CRYPTOGRAPHY”, a method is described where the user obtains a secret key directly from a vendor.
In U.S. Pat. No. 4,634,807, entitled “SOFTWARE PROTECTION DEVICE”, the software is encrypted with DES, and the DES key is encrypted using the public key encryption mechanism. This software protection mechanism generally uses additional hardware placed in the client computer for the purposes of software protection only.
Yet another approach suitable for software distribution within a defined network of computers can be found in U.S. Pat. No. 5,287,407, entitled “COMPUTER SOFTWARE PROTECTION.” A master copy of a software file has within it a predetermined block of data. When a copy of the file is made, that block of data within the copied file is located and overwritten with data identifying the copied file. Upon finding an unauthorized copy, the data identifying the copy can trace the unauthorized instance of software.
U.S. Pat. No. 4,593,353, entitled “SOFTWARE PROTECTION METHOD AND APPARATUS” describes a system where two authorization codes and an existence of a hardware module containing a pseudorandom number generator unique to the authorized system are utilized. The value generated by the number generator, which is a function of the key and of the particular pseudorandom generator algorithm, is compared with the second authorization code in direct or encrypted form. Depending upon the results of this comparison, a system may generate a signal that allows the installation of a piece of software.
In U.S. Pat. No. 4,471,163, “SOFTWARE PROTECTION SYSTEM”, a protection system is described that controls the operation of a computer by locking the interfaces with this computer and by authorizing the operation in response only when there exists a particular relationship between a number in the program, a number in the lock, and a third number, a “key”, supplied to the lock and which bears a selected relation to both the program number and lock number. In the described system, there exists the need to distribute these keys. Also, it appears that only the same key will re-open the lock after the first instance of the software module is installed.
Other patents relating to the software protection problem include, for example, those which introduce smart cards (U.S. Pat. No. 5,870,726), other special physical devices that prevent users from unauthorized copying of software (U.S. Pat. Nos. 5,267,311 and 4,525,599), by utilizing optical effects (U.S. Pat. No. 5,024,495) or by altering the I/O procedure.