1. Technical Field
The present invention relates to a technology of preventing a software program provided to a computer system from being used or executed illegally and, in particular, to a processor which is provided with a function to prevent illegal execution of a program, an instruction executed by a processor to prevent illegal execution of a program and a method of preventing illegal execution of a program. More particularly, this invention relates to a processor which is provided with a function to prevent illegal execution of a program which can not be externally monitored or modified, an instruction executed by a processor and a method of preventing illegal execution of a program.
2. Prior Art
Along with recent technological revolution, computer systems have penetrated into enterprises and homes in addition to universities and institutes. A computer system includes a workstation and a personal computer (PC), etc., which are relatively less expensive and can be purchased by general users in addition to host/main frames and office computers. Especially, rapid popularization of a PC is remarkable.
Along such technological trend, various software programs running on computer systems have been developed and sold and the software industry are now as prosperous as or even more prosperous than the hardware industry. The software as referred to here includes an OS (operating system) for controlling the operation of an entire computer system and an application program for implementing functional operation suited an objective and an operation of users on a system. Programs of various functions and for various uses are available as an application program such as a word processing, spread sheet, database and communication programs, etc.
Users typically purchase a software which the users want to install on their own computer systems in the form of removable media such as a floppy disk and a CD-ROM and use the media by mounting them on a suitable drive unit. Also, it is recently possible to install a software program by a process of file transfer (download) of a desired software into the user""s own local disk via an external network such as the internet.
However, purchasing media which store software programs is no more than obtaining a limited right to use the software programs and does not mean that the purchaser has obtained copyright of the software program or the right to reproduce it. Unlimited or unlicenced reproduction of a software program is an act which is strictly prohibited by the copyright law. (Incidentally, it would be reasonable to interpret that the use of a software downloaded via a network is also limited).
From the stand point of a software vendor who provides a software program, profit comes from distribution of program storing media with charge. If reproduction is rampant without limitation and permission, profit which should be rightfully enjoyed could not be assured. Illegal use of a software program discourages the volition of those who engage software industries to develop a software and may thus deactivate the activity of the software industries. In view of the above, a protection technology has been so far developed to prohibit a software program from being illegally used or reproduced without permission (or prevent beforehand).
An example of protection is to encrypt a software program for which it is desired to prevent illegal use. Specifically, by distributing program storing media in encrypted condition with charge or charge free and providing a key to decrypt the encryption only to a legitimate user, the use of the program which is stored in the media is suitably limited.
A problem involved here is by what media to provide a user with a key. For example, it may be possible for a software vendor to provide the user with a key by a mail such as an envelop but it would be very easy to use the key illegally in this case.
A further highly technological method includes the use of a so-called xe2x80x9csecurity devicexe2x80x9d. In this case, the software vendor distributes program storing media with a security device attached thereto. The security device contains identification information and the like required for a predetermined authentication procedure and is used by being connected to a serial port or a parallel port of User""s PC, for example. On the other hand, the program stored in the media includes some number of check points (i.e., xe2x80x9cauthentication routinexe2x80x9d) in addition to a main routine for effecting an operation which is specific to the function and the use of the program per se.
An example of the authentication routine is such that a CPU (Central Processing Unit) executing a program gets an access to the security device to read out the identification information for verifying whether or not it matches identification information possessed by the program in each check point and permits the CPU to continue to run the program only when the identification information match each other.
In another example of an authentication routine, a CPU executing a program writes a code conforming to a certain rule into a security device. The security device prepares scrambled or encrypted identification information using the received code. The CPU reads out the scrambled or encrypted identification information and descrambles or decrypts it by a program to correlate it to the identification information possessed by the program. The CPU is permitted to continue to run the program only when the information is successfully correlated. While the CPU and the security device are connected via a bus external to the CPU chip, the authentication routine is prevented from being decoded by bus snooping by effecting scrambling or encryption.
These two examples using the security device are analogous each other in that authentication processing is effected by an instruction to the CPU executing a program.
By using the security device, the security level could be upgraded considerably. Also, the right to use a software program could be limited only to a single computer system in which the security device is mounted. However, this method could not be said to be perfect. For example, because a bus transaction can be easily monitored by using a logic analyzer (well known), it would be possible to analyze the authentication routine to reveal the identity of identification information and an encryption key.
For further improving the security level, a measure has been employed to successively change an input value to the security device. However, with a device like ICE (InCircuitEmulator)*, a software can be relatively easily reverse-assembled so that the program can be modified so as to unconditionally jump a routine accessing to the security device (i.e., authentication routine).
Accordingly, it is desirable to so design that a security operation is indispensable to the execution of a program in order to enhance the protection of a software program. In this sense, the above prior art examples in which a program per se stored in the media contains an authentication routine are adequate. Further, the authentication routine must be in a form which can not be externally accessed or modified. In the above prior art examples using the security device, although the authentication routine is implemented in the form of a system operation and is invisible in the appearance, it can be decoded technically (described in the above). In summary, a conventional protection method which is externally accessible can not be said to be perfect in protecting a program.
ICE is a device normally used for assisting to develop a program and a software and operates exactly similar to a CPU by inserting it in a CPU socket in place of a CPU. Contrary to a CPU, the ICE can access to a bus and read out a register value for each instruction. By using such instruction trace function of the ICE, the authentication routine can be located in the software program using the address of an external device as a trigger. Further, by applying an illegal patch to a program address, the program can be modified so as to have it continue to run without accessing the security device.
It is an object of this invention to provide an improved technology to prevent illegal use and execution of a software program provided to a computer system.
It is another object of this invention to provide an improved processor having a function to prevent illegal execution of a program, an instruction executed by a processor to prevent illegal execution of a program and a method of preventing illegal execution of a program.
It is a further object of this invention to provide an improved processor having a function to prevent illegal execution of a program which can not be externally monitored or modified, an instruction executed by a processor and a method of preventing illegal execution of a program.
This invention is conceived in view of the above objects and, in this first aspect, provides a processor having a function to prevent illegal execution of a program and of a type which has a memory managing unit having a function to manage a main memory installed therein and has an instruction set for operating itself, in which said instruction set includes an execution permitting instruction for permitting execution of a program code on said main memory, and said execution permitting instruction includes a predetermined authentication operation beside an operation to provide said memory managing unit with an identification number of a program to be executed and address/attribute information.
Said predetermined authentication operation may include comparison of the identification information stored within said processor with identification information supplied from exterior of said processor.
The identification information used for authentication may comprise a processor ID unique to said processor and a software ID unique to a software program.
Alternatively, the identification information may comprise a random number internally generated by said processor and the software ID unique to the software program.
The operation to provide said memory managing unit with the identification number of the program to be executed and the address/attribute information may be permitted when said predetermined authentication operation is successfully completed while it may be inhibited when the authentication operation fails.
This invention provides, in its second aspect, an instruction executed by a processor of a type which has a memory managing unit for managing a main memory installed therein, comprising; a predetermined authentication operation, and an operation to provide said memory managing unit with an identification number of a program to be executed and address/attribute information.
Said predetermined authentication may include comparison of identification information stored within said processor with identification information supplied from the exterior of said processor.
The identification information used for authentication may comprise a processor ID unique to said processor and a software ID unique to a software program.
Alternatively, the identification information may comprise a random number internally generated by said processor and the software ID unique to the software program.
The operation to provide said memory managing unit with the identification number of the program to be executed and the address/attribute information may be permitted when said predetermined authentication operation is successfully completed while it may be inhibited when the authentication operation fails.
This invention provides, in its third aspect, a processor having a function to prevent illegal execution of a program and of a type which executes predetermined processing while reading/writing a program code and data on a main memory, comprising; a bus interface for sending/receiving an instruction and data to and from the exterior of said processor, a decoder for decoding a received instruction, an internal memory for storing a procedure relating to one or more instructions, a logic circuit implementing the procedure relating to one or more instructions, a control unit for executing instructions according to the procedure stored in said internal memory and the procedure implemented in said logic circuit, a processor ID unique to said processor, and a memory managing unit having a function to manage said main memory, one of said internal memory and said logic circuit storing a procedure of execution permitting instruction which permits execution of a program code on said main memory and the procedure of said execution permitting instruction including a predetermined authentication operation beside an operation of providing said memory managing unit with identification information of a program and address/attribute information.
The processor of the third aspect having a function to prevent illegal execution further comprises; an encryption means for encrypting said processor ID to output it to the exterior via said bus interface, and a decryption means for receiving the encrypted identification information from the exterior via said bus interface and decrypting it to derive the processor ID and the software ID, and in which said predetermined authentication operation may include comparison of ID""s each other.
The operation to provide said memory managing unit with the identification number of the program to be executed and the address/attribute information may be permitted when said predetermined authentication operation is successfully completed while it may be inhibited when the authentication operation fails.
This invention provides, in its fourth aspect, a processor having a function to prevent illegal execution of a program and of a type which executes predetermined processing while reading/writing a program code and data on a main memory, comprising; a bus interface for sending/receiving an instruction and data to and from the exterior of said processor, a decoder for decoding a received instruction, an internal memory for storing a procedure relating to one or more instructions, a logic circuit implementing the procedure relating to one or more instructions, a control unit for executing instructions according to the procedure stored in said internal memory and the procedure implemented in said logic circuit, random number generating unit, and a memory managing unit having a function to manage said main memory, one of said internal memory and said logic circuit storing a procedure of execution permitting instruction which permits execution of a program code on said main memory and the procedure of said execution permitting instruction including a predetermined authentication operation beside an operation of providing said memory managing unit with identification information of s program and address/attribute information.
The processor of the fourth aspect having a function to prevent illegal execution of a program further comprises random number output means for outputting a random number generate by said random number generating means via said bus interface, and decoding means for receiving encrypted identification information via said bus interface from the exterior and decrypting it to retrieve the random number and a software ID, and in which said predetermined authentication operation may include comparison of the random number with the software ID.
The operation to provide said memory managing unit with the identification number of the program to be executed and the address/attribute information may be permitted when said predetermined authentication operation is successfully completed while it may be inhibited when the authentication operation fails.
This invention provides, in its fifth aspect, a method of preventing illegal use of a program for a software supplier to permit the right to use a software program to only a single processor, comprising the steps of;
(a) receiving a software program to which a software ID is attached,
(b) encrypting a processor ID unique to said processor to output it to the exterior of said processor,
(c) decrypting the encrypted processor ID and encrypting a software ID managed by a software supplier together with said processor ID in the software supplier,
(d) supplying the identification information encrypted in the step (c) to said processor,
(e) decrypting the identification information to retrieve the processor ID and the software ID in said processor,
(f) correlating the processor ID held by said processor and the software ID attached to said software program with the processor ID and the software ID obtained in the step (e), respectively,
(g) permitting said processor to execute said software program only when said correlating process is completed successfully.
This invention provides, in its sixth aspect, a method of preventing illegal use of a program for a software supplier to permit the right to use a software program to only a single processor, comprising the steps of;
(a) receiving a software program to which a software ID is attached,
(b) generating a random number by said processor to output it to the exterior of said processor,
(c) encrypting a software ID managed by a software supplier together with said random number outputted by said processor ID in the software supplier,
(d) supplying the identification information encrypted in the step (c) to said processor,
(e) decrypting the identification information to retrieve the random number and the software ID in said processor,
(f) correlating the random number held by said processor and the software ID attached to said software program with the random number and the software ID obtained in the step (e), respectively,
(g) permitting said processor to execute said software program only when said correlating process is completed successfully.
The processor of this invention is of a type which has a memory managing unit installed therein for managing storing operation of code/data in the main memory and includes an execution permitting instruction to permit execution of a program code (application) in the main memory as one of the instruction set.
Such kind of execution permitting instruction includes a procedure to set an identification number of the program to be executed, a store address of the program and attribute information of the program in the memory managing unit (described in a code xe2x80x9cLOAD MMU . . . xe2x80x9d for example). The procedure of the instruction is defined by a microprogram.
In this invention, the execution permitting instruction includes an authentication procedure for authenticating the right to use the program beside the procedure to set predetermined data in the memory managing unit. The authentication operation is done, for example, by a comparison of identification information held within the processor with identification information supplied from the exterior (supplier of the software program, for example) of the processor. Execution of the software program is permitted only when the authentication operation is completed successfully.
The identification information used in the authentication procedure comprises a processor ID unique to the processor (assigned upon manufacturing, for example) and a software ID uniquely assigned to a software program. Alternatively, the identification information comprises a random number which the processor generates from time to time and a software ID uniquely assigned to the software program.
It is almost impossible to externally monitor or detect such authentication operation because it is executed within the processor. Also, because the authentication procedure is included in the microprogram describing an instruction which means permission to execute the program, the existence of the authentication procedure itself looks as if it is hidden from the exterior. Thus, prevention of illegal execution of a program can be largely enhanced in this invention.
By using a processor ID which the processor chip inherently possesses as identification information used for authentication process, the right to use a specific software program is limited to a single processor. In this sense, it can be said that illegal execution of a program is strictly inhibited.