Software protection method utilizing hidden application code in a protection dynamic link library object
First Claim
1. A method of protecting software from unauthorized use, comprising the steps of:
- (a) encrypting a first portion (C) of a compiled application code (A) according to an encryption key (K) to produce an encrypted code (C*);
(b) storing the encrypted code (C*) in a dynamic link library (DLL) associated with the software application;
(c) generating a value (Ck) derived from at least a part of the compiled application code (A);
(d) generating a second value (K*) derived from the value (Ck) and the encryption key (K); and
(e) storing the second value (K*) in a hardware security device.
11 Assignments
0 Petitions
Accused Products
Abstract
A system and method in which the operating system of the user computer loads the software application and a DLL having a portion of the application execution code stored therein into memory is disclosed. At selected points during its execution, the software application calls the DLL to execute a portion of the application code that was saved into the DLL before delivery to the end user. Since this code is encrypted and the encryption key is stored in a hardware security device and not in the DLL or the software application, the application code portion cannot be executed without recovering the key.
-
Citations
68 Claims
-
1. A method of protecting software from unauthorized use, comprising the steps of:
-
(a) encrypting a first portion (C) of a compiled application code (A) according to an encryption key (K) to produce an encrypted code (C*);
(b) storing the encrypted code (C*) in a dynamic link library (DLL) associated with the software application;
(c) generating a value (Ck) derived from at least a part of the compiled application code (A);
(d) generating a second value (K*) derived from the value (Ck) and the encryption key (K); and
(e) storing the second value (K*) in a hardware security device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of protecting a software application expressed in application code from unauthorized use, comprising the steps of:
-
(a) generating a value (Ck) derived from a least a part from a complied application code (A);
(b) generating a random number (R);
(c) generating a third value X from the from the value (Ck) and the random number (R);
(d) generating a fifth value (Y) from the third value (X) and a second value (K*), wherein the second value (K*) is derived from the value (Ck) and an encryption key (K) used to encrypt a portion (C) of the compiled application code (A) to produce an encrypted code (C*) before the software application is distributed to a user;
(e) computing a seventh value (K′
) from the fifth value (Y) and the random number (R);
(f) decrypting the encrypted portion (C) of the compiled application code (A) using the seventh value (K′
). - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. An apparatus of protecting software from unauthorized use, comprising:
-
(a) means for encrypting a first portion (C) of a compiled application code (A) according to an encryption key (K) to produce an encrypted code (C*);
(b) means for storing the encrypted code (C*) in a dynamic link library (DLL) associated with the software application;
(c) means for generating a value (Ck) derived from at least a part of the compiled application code (A);
(d) means for generating a second value (K*) derived from the value (Ck) and the encryption key (K); and
(e) means for storing the second value (K*) in a hardware security device. - View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59)
-
-
60. An apparatus for protecting a software application from unauthorized use, comprising:
-
a first software module executing in a developer computer, the first software module for encrypting a first portion (C) of a compiled application code (A) according to an encryption key (K) to produce an encrypted code (C*);
storing the encrypted code (C*) in a dynamic link library (DLL) associated with the software application;
generating a value (Ck) derived from at least a part of the compiled application code (A);
generating a second value (K*) derived from the value (Ck) and the encryption key (K); and
means for storing the second value (K*) in a hardware security device. - View Dependent Claims (61, 62, 63, 64)
-
-
65. An apparatus for protecting a software application expressed in software application code from unauthorized use, comprising:
-
a dynamic link library (DLL), the DLL for generating a value (Ck) derived from a least a part from a complied application code (A);
generating a random number (R);
generating a third value X from the from the value (Ck) and the random number (R);
a hardware security device, the hardware security device for generating a fifth value (Y) from the third value (X) and a second value (K*), wherein the second value (K*) is derived from the value (Ck) and an encryption key (K) used to encrypt a portion (C) of the compiled application code (A) to produce an encrypted code (C*) before the software application is distributed to a user;
wherein the DLL further computes a seventh value (K′
) from the fifth value (Y) and the random number (R) and decrypts the encrypted portion (C) of the compiled application code (A) using the seventh value (K′
). - View Dependent Claims (66, 67)
-
-
68. A method of protecting a software application from unauthorized user, comprising the steps of:
-
encrypting a portion of the compiled application code (C) according to an encryption key (K) to produce an encrypted code (C*);
storing the encrypted code (C*) in a dynamic link library (DLL) associated with the software application; and
storing a key (K*) usable to decrypt the encrypted code (C*) in a memory secure from the unauthorized user.
-
Specification