Method to Protect Software Against Unwanted Use with a "Temporal Dissociation" Principle

US 20070283437A1
Filed: 08/13/2007
Published: 12/06/2007
Est. Priority Date: 06/25/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method to protect software comprising:

storing a first portion of the software on a first unit, the first unit comprising a memory and a processor;

storing a second portion of the software on a second unit, the second unit comprising a secure processor and a secure memory, where the second portion of the software is secret and the first and second portions of the software forming a single program; and

executing the single formed program by utilizing the first and second portions of the software, wherein the secret second portion of the software comprises at least two computing operations, and wherein portions of the at least two computing operations are interleaved with each other for transmission from the second unit to the first unit and vise versa.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention concerns a process to protect a vulnerable software working on a data processing system against its unauthorized usage using a processing and memorizing unit. The process comprises creating a protected software by choosing in the source of the vulnerable software at least one algorithmic processing and by producing the source of the protected software so that during the execution of the protected software appear several distinct steps, namely 1) the placing of at least one operand at the processing and memorizing unit'"'"'s disposal 2) the carrying out by the processing and memorizing unit, of the algorithmic processing'"'"'s functionality on at least said operand 3) and possibly, the placing at the data processing system'"'"'s disposal of at least one result by the processing and memorizing unit.

Citations

17 Claims

1. A method to protect software comprising:
- storing a first portion of the software on a first unit, the first unit comprising a memory and a processor;
  
  storing a second portion of the software on a second unit, the second unit comprising a secure processor and a secure memory, where the second portion of the software is secret and the first and second portions of the software forming a single program; and
  
  executing the single formed program by utilizing the first and second portions of the software, wherein the secret second portion of the software comprises at least two computing operations, and wherein portions of the at least two computing operations are interleaved with each other for transmission from the second unit to the first unit and vise versa.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein portions of the second portion of the software are executed by the secure processor and the first portion of the software is executed by the processor of the first unit.
  - 3. The method of claim 1, wherein:
    - the at least two computing operations stored in the second unit comprise a first computing operation and a second computing operation, the first computing operation uses a first variable to obtain a first result variable, the second computing operation uses a second variable to obtain a second result, during the execution of the program;
      
      performing a first variable movement by moving the first variable from the first unit into the second unit, performing a second variable movement by moving the second variable from the first unit into the second unit, performing a first result movement by moving the first result variable from the second unit into the first unit, and performing a second result movement by moving the second result variable from the second unit into the first unit, each of said first and second variable movements, said first and second computing operations, and said first and second result movements comprise an operation, the first variable movement, the first result movement, and the first computing operation comprise a first set of operations and the second variable movement, the second result movement and the second computing operation comprises a second set of operations, and at least one operation of one of the sets is interleaved with the operations of the other set.
  - 4. The method according to claim 1, wherein the second unit is a chip medium configured to attach and detach to the first unit.
  - 5. The method according to claim 1, wherein the processor of the second unit is a coprocessor of the processor of the first unit.
  - 6. The method according to claim 1, wherein the second unit is a token.
  - 7. The method according to claim 1, wherein, when the second unit is missing, the program cannot be executed correctly and the software is not completely functional.
  - 8. The method according to claim 1, wherein, when the at least one variable is not provided by the second unit upon request, the program is not executed correctly.
  - 9. The method according to claim 1, wherein the at least two computing operations are elementary functions.
  - 10. The method according to claim 1, further comprising:
    - storing elementary functions that are to be executed in the second unit; and
      
      providing commands from the first unit to the second unit to trigger execution of a respective elementary function.
  - 11. The method according to claim 1, further comprising:
    - defining instructions set in which instructions work with registers and use at least one operand for returning a result, wherein at least some of the instructions comprise;
      
      a part defining functionality of the instruction, a part defining expected chaining for execution of the instruction and comprising bits fields corresponding to an identification field of the instruction, wherein each of the at least one operand comprises;
      
      a flag field and an expected identification field, wherein, for each register used by the instructions set, providing a generated identification field in which the identification of the last instruction which has returned its result in a respective register is automatically memorized, wherein, during the execution of an instruction, for each operand, when required by the flag field, checking the equality of the generated identification field corresponding to the register used by said operand, and the expected identification field of the origin of said operand, and modifying the result of the instructions, if at least one of the checked equalities is false.
  - 12. The method according to claim 1, further comprising selecting a part of the software to form the second portion during operation of creating the protected program.

13. A system to protect software comprising:
- a first unit comprising a memory and a processor and which stories a first portion of the software; and
  
  a second unit comprising a secure processor and a secure memory and which stores a second portion of the software, wherein the second portion of the software is secret, wherein the first and second portions of the software form a single program, wherein the processor executes the single formed program utilizing the second unit, wherein the secret second portion of the software comprises at least two computing operations, and wherein portions of the at least two computing operations are interleaved with each other for transmission from the second unit to the first unit and vise versa.
- View Dependent Claims (14, 15, 16)
- - 14. The system according to claim 13, wherein the second unit is a chip medium configured to attach and detach to the first unit.
  - 15. The system according to claim 13, wherein the processor of the second unit is a coprocessor of the processor of the first unit.
  - 16. The system according to claim 13, wherein the second unit is a token.

17. A method to protect software comprising:
- storing a first portion of the software on a first unit, wherein the first unit comprises a memory and a processor;
  
  storing a second portion of the software comprising a first and second computing operations on a second unit, the second unit comprising a secure processor and a secure memory, where the second portion of the software is secret, and where the first and second portions of the software form a single program; and
  
  executing the program, wherein, operations performed during the execution comprise;
  
  transmitting from the first portion of the software first input for the first computing operation and second input for the second computing operation to the second unit, said first and second computing operations are executed in the second unit, transmitting by the second unit results from the first and second computing operations to the first unit, and wherein operations related to the first computing operation are interleaved with operations related to the second computing operations.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAS VALIDY
Original Assignee
SAS VALIDY
Inventors
CUENOD, Jean-Christophe, Sgro, Gilles

Application Number

US11/838,118
Publication Number

US 20070283437A1
Time in Patent Office

Days
Field of Search
US Class Current

726/23
CPC Class Codes

G06F 21/123 by using dedicated hardware...

G06F 21/125 by manipulating the program...

Method to Protect Software Against Unwanted Use with a "Temporal Dissociation" Principle

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Method to Protect Software Against Unwanted Use with a "Temporal Dissociation" Principle

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links