1. Field of the Invention
The present invention relates to information security technology, and more particularly relates to method and central processing unit for processing encrypted software.
2. Background Art
In general, tamper-resistance technology protects devices in an insecure environment free from modifying or subverting by physical or other attack means. For the software, the tamper-resistance technology prevents malicious users from extracting secrets, e.g. secret keys, proprietary algorithms, etc., by analyzing or tampering software programs. The main application scenario is to protect the software content with sensitive data/code in a hostile environment.
Most traditional software tamper-resistance technologies are based on software approaches. These methods encrypt the sensitive data/code of software to increase the bar that malicious users steal the secrets. But with the software encryption approaches, all encrypted data/code must be eventually decrypted by some software routine into plain form, then transfer to CPU. Malicious users could intercept the software in plain form to obtain information.
Several hardware-based approaches are also proposed to realize the tamper-resistant software, but all are based on proprietary architectures and work as coprocessors. A typical architecture is to pack a separate processor, volatile storage (e.g. RAM), non-volatile storage (e.g. flash memory), and cryptographic engine into one package, and communicate with main computer via external bus as a coprocessor. This architecture is suitable for specific purpose software, e.g. ATM software. But it is difficult to develop general purpose software with tamper-resistance since protected program must run on the coprocessor instead of CPU with this architecture and it would limit the working, development, deployment, and distribution of software much.