This invention relates in general to the field of protection against unauthorized use of data files, and in particular to protection against unauthorized software updates in terminals.
For terminals in general, and for secure telephones such as the Motorola, Incorporated SECTEL.RTM. Super Economical Terminal (SET) specifically, there is a need to allow the terminal user to update software in the unit (e.g., to fix software "bugs" or to add software enhancements). It is common for the user of a particular group of terminals to wish to expand the capabilities of one or more, but not all, of the terminals within the group (e.g., to add secure facsimile capability to one SET terminal in a group of terminals).
It is typically a problem to provide software enhancements to a user of a group of terminals to upgrade only a subset of the group of terminals without enabling the user to provide the same software enhancement to all terminals within the group. One software upgrade method to prevent unauthorized use, which is time and labor intensive and thus expensive, is to have the software upgrade installed directly by a representative of the software owner. While providing excellent security against unauthorized usage of software updates, etc., this method necessitates physical transportation of a person, as well as the software updates to the user's site, and, because the software updates are typically routine, does not represent a good, cost-effective use of resources for the software upgrade producer.
A second method to prevent unauthorized usage of software updates is for the software producer to separately encrypt a copy of each datafile upgrade for each terminal. The separate encryption of data for each terminal produces a software update version which is usable only by the specific terminal for which it was produced. The individual encryption can be based on a terminal-unique identifier, such as the terminal serial number (TSN). Such encryption requires the production, transportation, and installation of a separately encrypted update for each feature and/or for each "bug" fix. Thus, if one common datafile were to update twenty terminals, twenty separately-encrypted copies of that datafile would have to be produced, transferred to the user, and individually decrypted and installed to update the twenty terminals. It is inefficient and expensive to produce, transfer, decrypt, and install many datafiles when only one copy should be necessary.
Thus, there is a need for a software usage protection system which is simple, efficient, and cost-effective. Such a usage protection system should allow for software updates only for authorized terminals, and not require installation by the software producer. Such a system should, if possible, provide the advantages of cryptographically sealing data files for maximum protection against unauthorized use without actually requiring the encryption of the data files themselves.