Software watermarking for anti-tamper protection

US 20030217280A1
Filed: 05/17/2002
Published: 11/20/2003
Est. Priority Date: 05/17/2002
Status: Abandoned Application

First Claim

Patent Images

1. A system that protects a software program from tampering, rehosting, and piracy, comprising:

a watermarking system that processes the software program to create a watermarked software program comprising a fingerprint of a system on which it is to run and its clock, loadable executables that each contain an embedded encryption/decryption algorithm, and an execution instance;

a secure ID device containing a clock that updates initialization code used by the watermarked software program;

a storage medium containing the watermarked software program from which it is loaded into executable memory of a system on which it runs;

a storage device and an executable memory for storing the watermarked software program; and

a processor for initializing the watermarked software program using predetermined initialization parameters and the initialization code from the secure ID device and for executing the watermarked software program by;

executing an executable in a first software module of the watermarked software program, which executable comprises the embedded encryption/decryption algorithm and a first encryption key;

performing an integrity check prior to communicating with a second software module;

encrypting data to be communicated to the second software module using the embedded encryption/decryption algorithm and the first encryption key;

transmitting the encrypted data from the first software module to the second software module;

decrypting the encrypted data at the second software module using an embedded encryption/decryption algorithm and a corresponding second encryption key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods and software that provide for watermarked executable software. A software program is processed to create a watermarked software program comprising a fingerprint of a system on which it is to run and its clock, loadable executables that each contain an embedded encryption/decryption algorithm, and an execution instance. A secure ID device contains a clock that updates initialization code used by the watermarked software program. A storage medium contains the watermarked software program from which it is loaded into executable memory of a system on which it executes. A processor of the system is used to initialize the watermarked software program using predetermined initialization parameters and the initialization code from the secure ID device and execute the watermarked software program. The watermarked software program executes an executable in a first software module, which executable comprises the embedded encryption/decryption algorithm and a first encryption key. An integrity check is performed prior to communicating with a second software module, such as by summing or hashing a binary representation of the executable with the first encryption key. Data to be communicated to the second software module is encrypted using the embedded encryption/decryption algorithm and the first encryption key. The encrypted data is transmitted from the first software module to the second software module. The encrypted data is decrypted at the second software module using an embedded encryption/decryption algorithm and a corresponding second encryption key.

Citations

12 Claims

1. A system that protects a software program from tampering, rehosting, and piracy, comprising:
- a watermarking system that processes the software program to create a watermarked software program comprising a fingerprint of a system on which it is to run and its clock, loadable executables that each contain an embedded encryption/decryption algorithm, and an execution instance;
  
  a secure ID device containing a clock that updates initialization code used by the watermarked software program;
  
  a storage medium containing the watermarked software program from which it is loaded into executable memory of a system on which it runs;
  
  a storage device and an executable memory for storing the watermarked software program; and
  
  a processor for initializing the watermarked software program using predetermined initialization parameters and the initialization code from the secure ID device and for executing the watermarked software program by;
  
  executing an executable in a first software module of the watermarked software program, which executable comprises the embedded encryption/decryption algorithm and a first encryption key;
  
  performing an integrity check prior to communicating with a second software module;
  
  encrypting data to be communicated to the second software module using the embedded encryption/decryption algorithm and the first encryption key;
  
  transmitting the encrypted data from the first software module to the second software module;
  
  decrypting the encrypted data at the second software module using an embedded encryption/decryption algorithm and a corresponding second encryption key.
- View Dependent Claims (2, 3)
- - 2. The system recited in claim 1 wherein the processor performes the integrity check by summing a binary representation of the executable with the first encryption key.
  - 3. The system recited in claim 1 wherein the processor performes the integrity check by performing a hashing function on a binary representation of the executable with the first encryption key.

4. A method that protects a software program from tampering, rehosting, and piracy, comprising the steps of:
- creating a watermarked software program derived from the software program that comprises a fingerprint of a system on which it is to run and its clock, loadable executables that each contain an embedded encryption/decryption algorithm, and an execution instance;
  
  providing a secure ID device containing a clock that updates initialization code used by the watermarked software program;
  
  providing a storage medium containing the watermarked software program from which it is loaded into executable memory of a system on which it runs;
  
  loading the watermarked software program from the storage medium into the executable memory of the system and onto a storage device of the system;
  
  initializing the watermarked software program using predetermined initialization parameters and the initialization code from the secure ID device to provide a set of encryption keys for each executable of the watermarked software program; and
  
  executing the watermarked software program by;
  
  executing an executable in a first software module of the watermarked software program, which executable comprises the embedded encryption/decryption algorithm and a first encryption key;
  
  performing an integrity check prior to communicating with a second software module;
  
  encrypting data to be communicated to the second software module using the embedded encryption/decryption algorithm and the first encryption key;
  
  transmitting the encrypted data from the first software module to the second software module; and
  
  decrypting the encrypted data at the second software module using an embedded encryption/decryption algorithm and a corresponding second encryption key.
- View Dependent Claims (5, 6, 7, 8, 9)
- - 5. The method recited in claim 4 wherein the watermarked software program is created by processing source code for the software program, executables for the software program that relate to a specific system on which the watermarked software program is to operate, parameters for tuning a runtime system including optimized runtime processes or tasking architecture for an operating system of the specific system on which the watermarked software program is to operate.
  - 6. The method recited in claim 4 wherein the first encryption key is calculated when the watermarked software program is initialized and is based upon the hardware fingerprinting value and the parameters that were created when the original software is watermarked.
  - 7. The method recited in claim 4 wherein each time an executable exchanges data with a peer executable, it calculates a new encryption key that they both use on their next exchange of data regardless of which direction the data exchange takes place.
  - 8. The method recited in claim 4 wherein the step of performing the integrity check comprises summing a binary representation of the executable with the first encryption key.
  - 9. The method recited in claim 4 wherein the step of performing the integrity check comprises performing a hashing function on a binary representation of the executable with the first encryption key.

10. Software that protects a software program from tampering, rehosting, and piracy, comprising:
- code segments comprising a watermarked software program derived from the software program that comprise a fingerprint of a system on which it is to run and its clock, loadable executables that each contain an embedded encryption/decryption algorithm, and an execution instance;
  
  a code segment that executes an executable in a first software module of the watermarked software program, which executable comprises the embedded encryption/decryption algorithm and a first encryption key;
  
  a code segment that performs an integrity check prior to communicating with a second software module;
  
  a code segment that encrypts data to be communicated to the second software module using the embedded encryption/decryption algorithm and the first encryption key;
  
  a code segment that transmits the encrypted data from the first software module to the second software module; and
  
  a code segment that decrypts the encrypted data at the second software module using an embedded encryption/decryption algorithm and a corresponding second encryption key.
- View Dependent Claims (11, 12)
- - 11. The software recited in claim 10 wherein the code segment that performs the integrity check comprises a code segment that sums a binary representation of the executable with the first encryption key.
  - 12. The software recited in claim 10 wherein the code segment that performs the integrity check comprises a code segment that performs a hashing function on a binary representation of the executable with the first encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Original Assignee
Lockheed Martin Corporation (Martin Marietta Corporation)
Inventors
Keaton, Thomas S., Yelowitz, Larry

Application Number

US10/150,375
Publication Number

US 20030217280A1
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/14   against software analysis o...

G06F 21/16   Program or content traceabi...

G06F 2221/2153   Using hardware token as a s...

Software watermarking for anti-tamper protection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Software watermarking for anti-tamper protection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links