Publishers of electronic content such as games and videos are often concerned with protecting their electronic content from unlicensed usage, since unlicensed usage may have a significant adverse impact on the profitability or even on commercial viability of such publishers. Commercial electronic content often includes a simple licensing verification program, but such a program may be bypassed by reverse engineering the software instructions of the program.
Some publishers protect their electronic content by “obfuscation”, which means making software instructions difficult for humans to understand. This method deliberately clutters the code with useless, confusing pieces. However, one problem with this method is that obfuscated electronic content is readable to the skilled hacker.
Some publishers protect their electronic content by encryption, using a unique key to translate their code to an unreadable format, such that only the owner of the key can decrypt the code. However, such protection is only effective when the key is kept secure. Hardware based methods for keeping the key secure are possible. However, hardware based methods have two deficiencies. First, they require an investment in special-purpose hardware on the user's side, which is costly and, therefore, not practical. Secondly, all such hardware methods were successfully attacked by hackers.
There are existing software-based methods of encrypting and decrypting electronic content, where decryption is performed in the client system's CPU. However, existing methods have three independent problems. Firstly, such methods remain susceptible to hacking, since the CPU's content is synchronized with other parts of the client system's memory with respect to the decrypted content. Secondly, the protocol stack execution in existing methods decrypts a single encrypted instruction at a time, so an instruction that is executed in a loop, gets decrypted on every iteration of this loop, causing a degradation in the performance of the whole system. Thirdly, existing methods do not test: (1) whether the decryption will be performed on software which imitates the functionality of hardware, or (2) whether the instructions used to decrypt and execute the encrypted electronic content have been properly installed. Failure to test either of these two conditions can expose existing software-based protection methods to failures.