The advent of micro-processors has revolutionized the computer industry. Dedicated computers now are used in a variety of security and control functions such as automobiles, keyless hotel entry systems, cable television, et cetera. In addition, such microprocessors have resulted in the widespread use of powerful, relatively small-sized personal computers capable of running wide varieties of programs. As such computers, particularly personal computers, become more widely used, the development of software programs to extend the application of such computers into every aspect of business, professional, commercial and home uses is expanding in an explosive manner. Each new generation of software programs for use with such computers seems to become more complex in an effort to simplify the utilization of the programs by the computer users (user friendliness). The complexity of programs, in most cases, is inversely proportional to the ease of use. As software vendors attempt to extend the use of their programs to a wider range of potential computer users, the time, effort, and expense required to produce such programs becomes very significant.
In an effort to recover the developmental costs of modern software programs, particularly those tailored for use with personal computers, the selling prices of such programs are relatively high. As a consequence, there is a strong temptation on the part of many users to produce extra copies for friends or, in the case of program pirates, to produce extra copies for sale at highly discounted prices for use by persons who do not buy from the original vendor and/or developer of the programs. It is believed that the number of unauthorized copies, in many cases, equals or approaches the number of authorized copies of software programs.
In an effort to curb unauthorized production of programs, software vendors have attempted a variety of deterrents. Where the software is sold as a separately priced package, the package frequently includes a statement that utilization of the software by the purchaser includes a contract wherein the purchaser/user agrees not to produce additional copies (other than authorized back-up copies) of the program. The enforceability of such a contract is difficult, and little actual enforcement to date has been evidenced.
Many programs are "copy-protected", i.e., they include a code which prevents operation of the program from a copy made of the original. Persons with even a minimal knowledge, however, of the computer operation readily can bypass this "copy protection" feature and thereafter produce unlimited numbers of copies which will operate. Such persons are called computer "hackers" in the industry and large numbers of unauthorized copies of valuable programs have been set loose in the marketplace by such hackers. Individual and company "hackers for hire" even sell special programs designed to break copy-protected programs for the purpose of assisting in the making and dissemination of unauthorized copies. Usually such copies are made for friends and close associates, but even one unauthorized copy for every authorized sale represents significant losses in sales by the original software vendor.
Some programs are bundled together with specific hardware and are sold as a unit. This is not practical, however, because many software packages are sold separately to the general public for use in personal computers to permit such computers to be used for applications which can vary widely from one purchaser of such a computer to another.
Efforts also have been made in the past to encrypt the programs in some manner and then provide a separate decryption for implementation within the computer, so that the software could not be run on any computer which did not have the authorized decrypting circuitry in it.
A system for providing a cryptographic decoder for computer programs for restricting use of a program only to customers who have paid for such use is disclosed in the patent to Best U.S. Pat. No. 4,433,207. The system of Best requires a deciphering key in the form of a decoder chip which must be incorporated into the computer itself. The programs themselves are encoded and in addition, some third person must provide a program "patch" which will permit operation of the program with the computer equipped with the decoder chip. Because the computer requires the installation of the circuit ship connected to the data bus, and further since it is necessary to "patch" the key and program, the system is relatively cumbersome. In addition, it is possible to decipher the working programs by tapping the data bus in the microprocessor unless an entirely new microprocessor board with the key as an integral part of it is supplied. Thus, the encryption system may be relatively easily broken by knowledgeable persons. Except for these disadvantages, the system of Best does function to prevent use of the program by unauthorized users (who have not broken the enciphering key) by introducing random errors into the legitimate program which will cause unpredictable malfunctions of the program execution in an unauthorized computer. The authorized computer operated with a properly installed and "patched" key chip neutralizes these errors so that proper program operation takes place.
Another system for preventing unauthorized use of computer programs is disclosed in the patent to Uchenick U.S. Pat. No. 4,458,315. This patent stores a first key information in the program which is to be protected; and a separate key circuit, physically separate from the program, is provided to the customer with each program which is sold. This separate key stores second key information which is to be utilized in conjunction with the first key information for comparison in the computer to permit operation of the program in the computer if a predetermined relationship between the keys exist. If such relationship does not exist, the processing of the program is terminated. As in the case of the system of Best, however, it is possible to examine the data bus and capture the deciphered code embodied in the keys; so that copied decoded programs then can be produced by unauthorized copiers for use without the key. The requirement for implementation of the key inside the central processing unit or the computer itself also is undesirable.
Three other computer software security systems which require the addition of a decoding chip to be placed inside the central processing unit or computer itself are disclosed in the patents to Best U.S. Pat. Nos. 4,168,396; Best 4,278,837; and Johnstone 4,120,030. Each of these systems require the installation of an internal chip in the computer with all of the disadvantages which have been discussed above in conjunction with the Best patent U.S. Pat. No. 4,433,207. In addition, Best '396 and Best '837 each require a battery to preserve the enciphering key in the chip. Each chip references differently enciphered programs and program "patches" require specifically encrypted programs to be used. In all three of these patents, a deciphered working program may be captured by tapping the data bus in the microprocessor unless the decoding chip is incorporated into an entirely new microprocessor board supplied for unique operation with that program. Such an approach is unacceptable for any computer which is to be utilized in the operation of multiple programs, since each such program would require a separate microprocessor board for optimum security.
Another prior art approach employing a separate program decoding key for use with an encrypted program is disclosed in the patent to Clarke U.S. Pat. No. 3,806,882. This patent utilizes a RAM for security storage. Consequently, power must be supplied at all times to maintain viablity of the security. The electronic key which is utilized is a ROM which requires a considerable amount of time to erase and encode. In operation, the address of the key is erased and rewritten periodically (such as once every 48 hours) and this must occur continuously in order for a user to maintain access to the security storage. Consequently, it is necessary to have a back-up power supply for use with the system, since the key and that portion of the computer which interfaces with it continuously must be active in order to provide the desired level of security. Most personal computers are turned off and on frequently during their operation (at least once a day). Many personal computers are portable and most of the personal computers which are presently available in the market do not have a back-up battery supply for continuously supplying power to portions of the computer circuitry. Thus, the system of Clarke is not practical for such personal computers.
It is desirable to provide a simple and effective computer software protection system which overcomes the disadvantages of the prior art mentioned above. It further is desirable to provide a computer software security system which utilizes inexpensive circuitry, requires no permanent power supply, and operates in conjunction with codes embedded in the software itself to provide authorized use of a program only by a user having a key corresponding to the particular software package with which such key is uniquely associated. Copies of the software should not be capable of being run with any other key or without a key, and the embedded code should be made as nearly incapable of breaking (reverse engineering) as possible.