This invention relates to the protection of computer software, and more particularly to a method of protecting software using multiple keys which are external to the software being protected to produce a single control key which will allow the protected software to be continued to be processed by the computer.
Hardware-based software protection devices are generally sold to end-users who receive a distribution diskette containing the desired program including a recorded key and a hardware device which contains a matching key. In order to operate the software, the supplied hardware portion is plugged into a specified port of the computer establishing a communications path between the hardware device and the computer. If the hardware device contains the correct key which matches the key recorded in the software, then the software is allowed to continue. However, the wrong key or the absence of such a key prevents the operation of the software.
In U.S. Pat. No. 4,458,315 to Uchenick a first key is stored in the program and a second key, physically separate from the program, is supplied to the customer with each program sold in a hardware based register. The first and second keys are compared to see if they bear a predetermined relationship to each other, in which case the program is authorized. In a first implementation, each secured program has the same first key in a hardware register and the secured program contains the second key. In a second implementation, different first keys are provided for each secured program, but the secured program copies supplied to the users must incorporate in advance a complete list of all second keys which are to be used with the different first keys.
Another approach is followed by U.S. Pat. No. 4,593,353 to Pickholtz in which first and second authorization codes are stored in the program and are read by the computer before the program is allowed to be executed. A hardware module containing a pseudorandom number generator unique to the authorized system receives the first authorization code as a key. The resultant number generated by the number generator which is a function of the key and pseudorandom generator algorithm is compared with the second authorization code which enables an execution signal to be generated in response to a positive comparison to enable the stored program to be executed.
One of the problems with the aforesaid approaches resides in the fact that all of the first keys used must be known in advance and stored in the original software program. For example, when software is offered for sale with additional modules, upgrades and features, such embellishments may be useful and are sold only to certain users and not to others. Because all the copies of the software in the aforesaid approaches have the same set of values of keys for comparison with the external hardware key, then another key or code must be supplied in another hardware device when the additional module is separately offered for sale, even if that additional module which is related to the basic software has been supplied in advance. Only such an approach could distinguish the legal users of additional software modules from others. The additional hardware device adds expense and time delays in ordering and shipping. Also in such a case, remote implementation, e.g., telephone or facsimile, is not possible.
The mass reproduction of the software device which has the keys incorporated therein of necessity limits the flexibility in the choice of keys, as well as compromising the security. If a key is stored in the software being protected, and that key is broken or discovered by a copier, all the software copies on which that key appears has thus been discovered eliminating the desired security.