Software products (applications) are highly vulnerable to unauthorized copying and use (piracy). Illegally copied applications are commonly distributed on a wide-scale basis over the Internet and via recordable CD-ROMs. Software developers lose billions of dollars per year as a result of such unauthorized copying and distribution.
Software developers commonly use a variety of different forms of copy protection to prevent others from illegally copying and using their products. One of the most robust methods involves the use of an Electronic Security Device (ESD) which attaches to a port of the end user's computer and communicates with the application. If the ESD is not attached to the user's computer, the application crashes or otherwise fails to operate properly.
Typically, the ESD is in the form of an electronic circuit which receives a numerical "seed" value from the application, applies a hardware-implemented number calculation algorithm to the seed value, and returns a "response" value to the application. To test for the existence of the ESD, the application's copy protection code sends one or more seed values to the ESD and compares the resulting response values with expected response values. The expected values can be generated by the software developer at development time (such as through experimentation with the ESD), or can be generated "on-the-fly" during execution by implementing the ESD's number calculation algorithm (if known to the software developer) within the copy protection code.
Another type of system for controlling the use of applications involves using a license management server to control the number of copies of an application that can concurrently run on a network. With this type of system, the application will run properly only if it has checked out an authorization certificate from the license management server. When a user launches the application on a workstation of the network, the application requests an authorization certificate from the license server. If less than the maximum authorized number of copies are currently running, the license server dispatches an encrypted certificate to the workstation to unlock the application.
A variety of techniques also exist for making it more difficult for pirates to analyze an application's copy protection or other security code. One such technique involves storing the application's executable code in an encrypted form to hide the details of the security scheme, and decrypting the code as it is executed or loaded into memory. Another technique involves inserting "dummy" machine instructions within the application's machine code to throw-off disassemblers.
Despite the sophistication of modern ESDs, and the significant time dedicated by software developers to writing better copy protection code, software pirates are often able to defeat copy protection schemes with relative ease. This is commonly done by using the latest software development tools to locate and circumvent the application's copy protection code. The modifications needed to remove or circumvent the application's copy protection code are commonly distributed by the pirate as a small, separate piece of code (patch). A user can execute the patch to create a modified (cracked) version of the application which will run without the ESD, or which will otherwise operate without use of the copy protection scheme. Once a cracked version of a product becomes available, the software developer has lost much of its investment in its product.
A stronger form of copy protection is therefore needed. Ideally, software developers should be able to add the copy protection code without considerable time or effort, yet the resulting protection scheme should be extremely difficult and time consuming to analyze and circumvent.