Software products can be distributed in a variety of different ways. The most common distribution method today is to package the software on optical or magnetic disk or tape media, such as compact disk (CD-ROM), Digital Versatile Disk (DVD) or floppy disk. Software can also be distributed electronically over networks, such as streaming or packetized data sent over local or wide area networks (intranets), the Internet, and even wireless networks, (e.g., radio). Software products, such as application software (e.g., games, programs, and so on) or digital data (e.g., text, photos, video or graphical data, and so on), are often distributed in their entirety as complete standalone products. This means that the software can be accessed and used by anyone who happens to possess it, along with the appropriate computer, game machine, or playback device. This not only poses a problem for owners of the software with regard to theft of their purchased products, but represents a huge problem for software producers in that it facilitates the illegal copying and distribution (pirating) of their software products. In effect, each valid copy of a disk, tape or downloaded program can be used as master to generate scores of illegal copies.
The problem of software piracy has become an enormous challenge and burden to the software industry. It affects most software markets, in particular the entertainment, gaming, and small business application segments of the industry. In the PC (personal computer) game industry alone, according to one estimate, ten installed copies emanate from each single purchased copy. This represents a critical loss of revenue for software producers and publishers. The problem of software piracy is especially critical in the early life-cycle of a product. Through hacking of security mechanisms, illegal copies of a new software product can be made available in the open market days or even weeks in advance of it being officially released for sale by the producer. This type of piracy can cripple the profitability or even viability of a product for a producer before it is even released for distribution.
Although some anti-piracy and copy protection schemes currently exist to protect distributed software, these systems are typically not adequate to protect against a determined attack to break the protection. Moreover, once a program has been hacked, it is usually quite easy for the hacker to produce downloadable tools that eliminate the protection. The time to crack a software application security system is typically measured in hours or, at most, a couple of days. This means that as soon as a pirate gains possession of the software, it is often a simple matter to remove existing digital rights management tools, such as copy protection, and sell or distribute illegal copies of the software.
The static nature of most current widely distributed software products is a particular problem that is not adequately addressed by most present copy protection schemes. Once someone has the disk or the distribution files, it is very easy for competent hackers to redistribute the software in the same or any other available media, given the nature of digital storage and the ability to make nearly perfect reproductions. Furthermore, the pervasiveness of hacking has led to widespread availability of downloadable tools and instructions that enable even casual users of the product to remove many of the copy protection mechanisms in use today.
In addition, existing software applications are generally distributed as homogenized releases. This makes it difficult to identify, track, or tie the product to the authorized end-user. Although software registration is available, such as by using registration codes, network addresses (e.g., MAC-address from a network card), CID (Computer ID) mechanisms, and so on, these systems only tie the software to the hardware. These solutions thus have the disadvantage for the end-user that the software effectively only works on the computer it was first installed on. Such solutions can also lead to other problems such as lost registration codes or original disks with the unique serial numbers, and so on.
What is needed, therefore, is software protection that provides robust anti-piracy techniques that make hacking a software product impractical and cost-ineffective.
What is further needed is a software protection scheme that is unique to each authorized end-user and installation, rather than the target device.