This invention relates to a system for providing computer program instructions in an encrypted manner, wherein execution of the encrypted program is performed by digital logic hardware. More specifically, the invention relates to using the instruction buffers of a processor to control the execution of encrypted instructions.
Microprocessors characteristically perform a series of instruction buffer operations during program execution, which follow a series of steps. While each step changes the information stored in buffers in the microprocessor, there is generally a discernable pattern which is established by the steps, thus enabling undesired surreptitious analysis.
It is possible to provide more elaborate protective systems for encoding the software, by use of proprietary hardware components for example, or even by requiring the end user to comply with registration requirements in order to enable software operation. In that respect, the encryption scheme for the program ensures that the program is executable in unencrypted form, at least with respect to the instruction sets provided to the CPU. Unfortunately, the instructions provided to the CPU are in a form that is understandable by the CPU prior to CPU execution. Thus, it is easy for an unauthorized user to determine what is necessary to operate the programs successfully.
It is often desired to provide software and updates of software to end users in such a manner that the software is transferred through public channels, such as the Internet. To provide such software in restricted form, it is desired to provide security to the distributor of the software so that the software is not subject to unauthorized use. In particular, if software is shipped via public or private channels, it is desired that the end user of the software can only use the software on the end user""s specified computer, and that the software not be willingly or unwillingly shared by the end user. By computer, it is intended that this includes personal computers, smart cards, work stations, dedicated CPUs embedded in hardware appliances, and any other device in which integrated circuit (IC) microprocessors may be used.
In some programs, the cost of the programs to the end user is such that it becomes economical for third parties to determine what is necessary to circumvent restrictions on use by unauthorized persons. Therefore, it is desired to make the unauthorized duplication or use of a program uneconomical. In order to do that, it is desired to provide an encryption scheme which prevents unauthorized persons from xe2x80x9cattackingxe2x80x9d the encryption of the software through analysis of the input and output of user commands and instruction sets from the software. It is further desired to provide a software encryption technique in which there are no external indicia of a decryption technique which can be used to analyze the encryption of the software. It is further desired that software be encrypted in such a manner that it is unnecessary to decrypt the software in order to accomplish execution of the software.
According to of the invention, a microprocessor processes computer programs which are selectively operable on selected ones of individual processors. The microprocessor according the present invention includes an instruction buffer with a predetermined plurality of bit locations, and further includes reconfigurable logic circuitry for processing instructions from the instruction buffer. Additionally the microprocessor includes a programmable instruction decoder which interprets instructions represented by bits stored on the instruction buffer, and the logic circuitry routes the register bits to subsequent bit locations within the instruction buffer. The subsequent bit locations must conform to a predetermined interdependency criteria corresponding to the predetermined format subsequent to execution of at least one instruction by the logic circuitry, and the logic circuitry provides a verification of the interdependency criteria.
More particularly according to the invention, in order to execute program instructions, buffer interdependencies must match those predicted by the compiler. If one were to reverse engineer the program, the interdependencies may not match, and this provides a means of detecting unauthorized use.
According to a further aspect of the invention, a CPU is provided with an ability to modify its operation in accordance with an encryption key. When a program is compiled, the program is modified in order that execution may be performed with the CPU changes with respect to pipelined instruction routing. Logic on the CPU is able to route a subset of the register bits, and selects destination logic gates in the microprocessor. This in turn establishes an instruction buffer interdependency.
According to one aspect of the invention, a microprocessor contains logic able to route a subset of bits from selected bit locations in the buffer to destination logic circuits in the microprocessor. The destination logic circuits then provide verification of whether the register bits meet a predetermined criteria.
An instruction buffer on a keyed microprocessor contains logic which is able to route a subset of the instruction bits on the microprocessor. This selects destination logic gates in the microprocessor which eventually reach a programmable instruction decoder. If the interdependencies fail to match a predetermined acceptable pattern, then the interdependencies are deemed not to match.
According to a further aspect of the invention, a microprocessor is able to process computer programs which are selectively operable on selected ones of individual processors. A key is shared by the microprocessor and a compiler, and the key is used by the compiler to encrypt standard instructions into encrypted instructions. An instruction buffer on the keyed microprocessor contains logic able to route a subset of the instruction bits from any bit locations in the buffer to destination logic circuits in the microprocessor. The instruction bits reach a programmable instruction decoder, and the routing of the instruction bits is controlled in accordance with the key.
According to a further aspect of the invention, a computer program is executable on a selected processor. The processor buffers instructions as instruction bits on the microprocessor. A subset of the instruction bits are routed from bit locations in the buffer to destination logic circuits in the microprocessor. The instruction bits then reach a programmable instruction decoder.
According to a further aspect of the invention, a microprocessor processes computer programs which are selectively operable on that particular microprocessor. Logic instructions for executing encrypted program instruction are received at memory locations. Logic circuitry modifies operation of the microprocessor in accordance with logic instructions stored in the memory locations. The logic circuitry is configurable in accordance with the received logic instructions.
In the invention, a microprocessor uses a programmable instruction decoder to decode encrypted instruction op codes. The decoding is accomplished without decrypting the op codes and logic gates immediately process data. The data representation changes change during the execution, which has the effect of securing the program from analysis for decryption.
A custom instruction set is provided for each CPU chip or groups of CPU chips. That custom instruction set is used by the software manufacturer to provide a unique version of a mass produced program to a customer for program operation with a microprocessor chip. The CPU is therefore programmed for that custom instruction set. The length of each instruction, and the other features of this invention are configurable to have according to the present invention cryptographically significant level of security when viewed from the IC pins. Pirates who examine signals inside the IC will accordingly be deterred from success by the inventive features described herein.
A secure key is used in configuring both the encrypted software with a compiler and the microprocessor system executing the encrypted software so that the instructions provided by the compiler are only executable by an IC which use the same key. This key is stored on the IC in non-volatile memory, and it controls the instruction decoder, the reconfigurable logic, the signal routing, the error corrections to the instructions executed, the sequencer circuit, and instruction buffer content interdependency checking circuitry. The key also determines the program counter operations which would not be incremented in the usual manner. The key also controls instruction result obfuscation circuits so that common microprocessor results, such as the ANDing of two operands, are not easily recognized by the surreptitious observer. The key controls memory mapping in the IC so that physically fixed memory resources are allocated in different ways for ICs with different keys.
The way instructions are executed ensure that, an adversary attempting to pirate the software will have difficulty understanding the results of instruction execution. It is a goal of the present invention to anticipate pirate attacks, and to provide measures which will thwart their tactics. The microprocessor chip according to the present invention will use instructions, data, addresses, and RAM memory as well as instructions with bits in each instruction configured cause confusion for attackers, but which are disregarded by the instruction decoder of the present invention during execution.
According to another aspect of the invention, physical aspects of the logic architecture are varied according to keys. Software compiled according to the keys is implemented so as to accommodate these changes. This allows variations in memory block size and layout, as well as variations in pipeline use. Since each CPU could be provided with a different key, the software compiled according to one key would not work with a CPU varied according to a different key.
According to another aspect of the invention, a CPU has its logic gates configured to perform variable logic instructions. The logic gates may be reconfigured according to a key. Even though the instructions may be coded to obscure their meanings, the instructions still specify ordinary operations like AND, OR, ADD and COMPARE. So to make these operations more difficult for an adversary to recognize, measures will be taken. The logic gates which calculate the result of each basic operation will be variably allocated from several possible sets of logic gates. Also, the result of the basic operation will be made more obscure than is normally done. The operands that are used as inputs to the logic for the basic operations can be in two different formats, so an adversary has a difficult time understanding what is going on.