1. Field of the Invention
This invention relates to cryptographic devices, integrated circuits, microprocessors, and computer program security.
2. Description of the Prior Art
Development of computer programs for microcomputers and the data files which they process is often expensive and time-consuming. If such development is undertaken with the object of selling or leasing the programs and data, it is important to the developers that their investment not be subjected to excessive risk. The computer software industry is exposed to risk from piracy of program products by predatory competitors who can incorporate the pirated program into competing products at a fraction of the original developer's cost. Without adequate means of protection against such piracy, the risk may often be considered excessive by vendors and their financial supporters. Sustained growth of the commercial software industry may therefore depend on preventing program piracy.
In the past various means have been used to afford some degree of protection to proprietary programs and data, including contractual agreements between vendors and users, and restricted access to computers and storage media. Program products valuable enough to warrant such protection have generally been used in a relatively small number of fixed-location computer installations operated by individuals considered to be reliable by the software vendor.
However, with the advent of compact lightweight devices such as microcomputers, conventional methods of program protection have proven inadequate. Microcomputers using such programs may be analyzed in secret by their owners who may be numerous and anonymous. By the time the proprietor of the pirated program discovers the theft, the program may have been so widely distributed by the pirate that it no longer can be considered a trade secret. Also the pirate may have removed copyright marks and other indicia of ownership, thus making detection and proof of piracy difficult. The program is also unprotected from "reverse engineering" which involves disassembly of the program to produce a source code listing of the program. This source code can be included in the pirate's products.
One prior-art method of protecting a computer program is to imbed a "magnetic watermark" in a tape on which the program is recorded and distributed. This watermark, which is described in U.S. Pat. No. 4,038,596, is an unerasable key for which the system searches to authenticate the tape. Authorized computers will not accept data from an unmarked tape. This watermark method does not prevent the program from being used in competing computers which do not require a watermark or use a competing watermark.
Encryption has been used for protecting programs as described by Richard L. Enison in a Computation Planning Inc. technical note dated July 28, 1977. In this system programs are stored in a conventional host computer in encrypted form. Attached to the host computer is a "Hard Node" computer which deciphers a selected program and outputs the program in deciphered form into the host computer's main storage. The host CPU then executes the deciphered program from its own main storage. Such a system protects the deciphered program from access by other programs, but does not protect the deciphered program from people who have access to the wiring of main storage. The present invention avoids any need for storing a deciphered program in main storage.
Another approach to software protection is described in U.S. Pat. No. 4,120,030 by Johnstone. In this system a conventional microprocessor is used, the program instructions are stored in conventional sequence and the instruction operation codes are not enciphered. The data memory units transform data addresses so that effectively a byte transposition of the data bytes results. But the data address unscrambling function can be discovered by storing test data into selected locations in data memory, then searching scrambled addresses sequentially until the test data is located.
Microcomputers generally contain one or more integrated circuit microprocessors that are usually interchangeable stock components which are available from many vendors. This interchangeability makes it easy for a pirate to plagiarize proprietary programs by using similar but unauthorized microprocessors. One method of preventing such piracy is to alter each microprocessor and the programs which accompany it so that neither the microprocessors nor the programs are interchangeable. This is accomplished in the present invention by enciphering each program in a different cipher so that each program can be deciphered and executed only by the authorized microprocessor that accompanies it in the microcomputer.
Various systems have been developed in the prior art for enciphering digital information to improve the security and privacy of data within data processing systems, during transmission over telecommunications networks, and during storage on media such as magnetic tape and disc. Examples of such cipher systems may be found in U.S. Pat. Nos. 3,798,359 and 3,958,081.
In a typical cipher system the bits of the information to be enciphered are rearranged or replaced by substitute bits under control of a secret multi-bit number or cipher key. This substitution is reversed to decipher the enciphered information. Very secure ciphers have been developed by combining enciphering methods such as transposing the bits prior to substitution, by substituting bits in groups (for example substituting "0110" for "0001"), by combining bits using exclusive-OR (modulo-2 addition without carry), and by alternating such transposition, substitution and addition several times during the enciphering and deciphering process. Such cipher systems are practically unbreakable without testing all possible keys, and the key can be made large enough to make such testing prohibitively time comsuming.
Such prior-art cipher systems share one common weakness: once enciphered information is deciphered, it is no longer protected. No cipher system, no matter how unbreakable, protects information after it has been deciphered. Such deciphering is generally done only by persons who are authorized to receive the deciphered information, because deciphering in the prior art implies disclosure.
However, a computer program has a peculiar characteristic which makes it different from the messages and data which prior-art encryption systems were designed to protect, i.e. a program need never be read by its user. A person who owns and uses a copy of it need never have access to it. Only the processor circuits which execute the program need access it. This peculiarity of computer programs provides a basis for the present invention which makes it possible to distribute and execute copies of a program, while keeping the program secret at the same time.