Digital content such as games, videos and the like may be susceptible to unlicensed usage, having significant adverse impact on the profitability and commercial viability of such products. Commonly, such commercial digital content may be protected by a licensing verification program; however these may be circumvented by reverse engineering of the software instructions of the computer program which leaves them vulnerable to misuse.
One way of preventing circumventing of the software licensing program, may use a method of “obfuscation”. The term obfuscation refers to making software instructions difficult for humans to understand by deliberately cluttering the code with useless, confusing pieces of additional software syntax or instructions. However, even when changing the software code and making it obfuscated, the content is still readable to the skilled hacker.
Additionally, publishers may protect their digital content product by encryption, using a unique key to convert the software code to an unreadable format, such that only the owner of the unique key may decrypt the software code. Such protection may only be effective when the unique key is kept secured and unreachable to an unwanted party. Hardware based methods for keeping the unique key secured are possible, but may have significant deficiencies, mainly due to an investment required in dedicated hardware on the user side, making it costly, and therefore, impractical. Furthermore, such hardware methods have been successfully attacked by hackers.
Software copy-protection is currently predominantly governed by methodologies based on obfuscation, which are volatile to hacking or user malicious activities. There is therefore a need for a better technique for protecting sensitive software sections, such as licensing code.
Further, software programs operable in managed execution environments have become widespread and more common, in recent years. Unlike native programs, managed programs are not executed directly by the CPU. Rather managed programs may require a native program to interpret the managed program. Managed execution environments may be considered superior to native environments in terms of memory management, debugging and profiling support, making this type of programs advantageous to developers of desktop and mobile applications.
It is particularly noted that even if it may be reasonable to assume that a sequence of native program instructions may not be intercepted, for read or modification, during execution, such an assumption would not be reasonable for a managed execution environment. A managed execution environment may be susceptible to unexpected behaviors introduced into the software implementing the execution environment. There is therefore a need for a technique for executing securely encrypted managed programs on existing managed execution environments.
The invention below addresses the above-described need.