1. Field of the Invention
The present invention relates generally to cryptography in computer networks and, more specifically, to a system and method to check whether a computer device runs the correct version of a software program based on obfuscated initiation values of a cryptography protocol.
2. Description of the Related Art
Content player software configured to run on client computing devices is typically fairly complex. Oftentimes, security flaws in the content player software are discovered after the software is released and downloaded by many client computing devices. Such security flaws may result in copyrighted content being viewed or copied by end-users or others without proper authorization. To remedy such security flaws, the client content player software is updated to a new version that is designed to address the security flaws, and a client computing device is not able to download copyrighted content until the client computing device verifies the new version of the content player software has been loaded properly onto the device.
Typically, each version of the content player software is represented by a different version number. The version number of the content player software currently residing on the client computing device is stored in a memory on the client computing device that is associated with the content player software. One drawback of this approach is that the end-user of a client computer can easily “hack” the content player software and change the version number without downloading a new version of the content player software corresponding to the modified version number and developed to address one or more security flaws in the old version of the content player software. As a result, the end-user of the client computing device may be able to avoid DRM and other copy protections implemented by the content provider and exposed through the one or more security flaw in the content player software.
As the foregoing illustrates, what is needed in the art is a more secure approach to verifying that an application currently installed on a client device is secure.