Software protection device
First Claim
1. Apparatus for use in protecting wherein the software is independent of the operating system of a host computer comprisingfirst storage means adapted to contain at least one decryption key,second storage means containing instructions for decrypting another key using a key held in the first storage means and for decrypting encrypted software using the said other key,a processor for carrying out the instructions held by the second storage means, andswitch means having first and second modes in which the first storage means are, and are not, in communication with the processor, respectively,the switch means being constructed to enter its first mode automatically under predetermined conditions and while in this first mode to cause the processor to execute a sequence of the instructions held in the second storage means which end with an instruction which causes the switch means to enter its second mode,the first and second storage means, the processor and the switch means being contained in a tamper resistant housing, and the apparatus including an interface constructed to allow the processor to communicate with other apparatus external to the housing.
2 Assignments
0 Petitions
Accused Products
Abstract
In order to prevent the unauthorized copying of software, a software module is encrypted using the data encryption standard (DES) algorithm, and the key is encrypted using the public key of a public/private key algorithm. To use the module it is entered into a software protection device where the private key held in a RAM 11 is used by a processor 13 to decode the DES key using instructions held in a ROM 12. Further instructions held by this ROM are used by the processor 13 to decode the module. Once the process of decoding keys and software has started, the processor 13 runs through a sequence of predetermined instructions and cannot be interrupted (except by switching off). When the sequence is complete processor 13, or for example a host computer 30, is enabled to use the decoded software, but a switch/reset circuit 17 operates preventing access to the RAM 11 and the ROM 12 so preserving the secrecy of the private key and any decoded DES key which is now stored in the RAM 11.
390 Citations
12 Claims
-
1. Apparatus for use in protecting wherein the software is independent of the operating system of a host computer comprising
first storage means adapted to contain at least one decryption key, second storage means containing instructions for decrypting another key using a key held in the first storage means and for decrypting encrypted software using the said other key, a processor for carrying out the instructions held by the second storage means, and switch means having first and second modes in which the first storage means are, and are not, in communication with the processor, respectively, the switch means being constructed to enter its first mode automatically under predetermined conditions and while in this first mode to cause the processor to execute a sequence of the instructions held in the second storage means which end with an instruction which causes the switch means to enter its second mode, the first and second storage means, the processor and the switch means being contained in a tamper resistant housing, and the apparatus including an interface constructed to allow the processor to communicate with other apparatus external to the housing.
-
7. Method for use in protecting wherein the software is independent of the operating system of a host computer comprising the steps of
passing encrypted software from a host computer to third storage means contained in a tamper-resistant housing; -
decrypting the encrypted software using at least one decryption key contained in first storage means, instructions contained in second storage means and a processor, the first storage means second storage means and the processor being contained in the tamper-resistant housing; isolating the first storage means from the processor automatically under predetermined conditions, and executing the decrypted software on the processor under control of the host computer. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification