Manipulating rights-to-execute in connection with a software copy protection mechanism
First Claim
1. A method of safely extracting a right to execute from a logically secure coprocessor associated with a host processor, where said coprocessor stores at least a supervisor key and further stores a software key representing said right to execute a particular application, said host processor having access to said particular application encrypted under said software key, said method comprising the steps of:
- a) providing to the coprocessor a transfer set including at least a writable medium and a physically and logically secure medium, said physically and logically secure medium storing clear text token data,b) providing to said coprocessor a data block comprising said clear text token data encrypted under said supervisor key,c) decrypting said data block, in said coprocessor to produce said clear text token data,d) encrypting said clear text token data in said coprocessor under said software key to produce a corresponding data block,e) encrypting said software key under said supervisor key to produce an encrypted software key, andf) writing said corresponding data block, said encrypted application file and said encrypted software key to said transfer set and deleting said software key from said coprocessor,whereby said software key is removed from said coprocessor and written to said transfer set to constitute said transfer set as a backup set.
0 Assignments
0 Petitions
Accused Products
Abstract
A software asset protection mechanism segregates the right to execute software from the software itself. The rights to execute, when installed on a composite computing system, are stored in a coprocessor element of the composite computing system. The software asset protection mechanism is enhanced as described herein by providing for the manipulation of those rights to execute. More particularly, the rights to execute can be conditioned at least in terms of a valid period of execution at least in terms of a valid period of execution or a valid number of executions. The rights to execute can be safely transferred from one coprocessor to another, or can be returned to the software vendor. Finally, a method of backing up the rights to execute to provide the user with the rights to execute in case the coprocessor element of the composite computing system fails.
-
Citations
43 Claims
-
1. A method of safely extracting a right to execute from a logically secure coprocessor associated with a host processor, where said coprocessor stores at least a supervisor key and further stores a software key representing said right to execute a particular application, said host processor having access to said particular application encrypted under said software key, said method comprising the steps of:
-
a) providing to the coprocessor a transfer set including at least a writable medium and a physically and logically secure medium, said physically and logically secure medium storing clear text token data, b) providing to said coprocessor a data block comprising said clear text token data encrypted under said supervisor key, c) decrypting said data block, in said coprocessor to produce said clear text token data, d) encrypting said clear text token data in said coprocessor under said software key to produce a corresponding data block, e) encrypting said software key under said supervisor key to produce an encrypted software key, and f) writing said corresponding data block, said encrypted application file and said encrypted software key to said transfer set and deleting said software key from said coprocessor, whereby said software key is removed from said coprocessor and written to said transfer set to constitute said transfer set as a backup set. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of safely transferring a right to execute a protected application from a logically secure first coprocessor, where said first coprocessor stores a software key representing said right to execute said protected application, to a logically secure second coprocessor, said method comprising the steps of:
-
a) coupling said first coprocessor to said second coprocessor for bidirectional communication, b) challenging said second coprocessor by said first coprocessor to determine if said second coprocessor is a trusted recipient and simultaneously transferring antecedent information from said first coprocessor to said second coprocessor to allow access to an encrypted software key, c) if said second coprocessor is determined to be a trusted recipient by said first coprocessor, encrypting said software key under a specific key, derivable by a trusted recipient from said antecedent information, to produce an encrypted software key and transmitting said encrypted software key from said first coprocessor to said second coprocessor, d) if said second coprocessor is not determined to be a trusted recipient by said first coprocessor, then returning an error condition without transmitting said encrypted software key. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A method of conditioning a right to execute a particular protected application on a composite computing system including a host processor and a physically and logically secure coprocessor, wherein said protected application includes at least a portion encrypted under a software key and said right to execute is represented by said software key stored in a permanent memory of said coprocessor, said method comprising the steps of:
-
a) incorporating at least one condition within said encrypted portion of said protected application, b) providing to said coprocessor said at least one condition, c) providing for storage in said permanent memory data associated with said at least one condition along with storage of said software key, d) requiring said coprocessor to access said condition and said data prior to authorizing any use of said protected application, e) further requiring said coprocessor to compare said condition and said data to determine if said at least one condition is met, and authorizing use if, and only if said at least one condition is met. - View Dependent Claims (15, 16)
-
-
17. A method of providing backup for a right to execute a particular protected application on a composite computing system including a host processor and a physically and logically secure coprocessor, wherein said protected application includes at least a portion encrypted under a software key and said right to execute is represented by said software key stored in a permanent memory of said coprocessor which coprocessor also stores a first key in said permanent memory, said method comprising the steps of:
-
a) providing a backup set to said coprocessor including a writable medium and a physically and logically secure medium, said physically and logically secure medium storing token data and said backup set also storing said token data encrypted under a first key, b) passing said encrypted token data to said coprocessor and decrypting said token data so that said coprocessor has access to decrypted token data, c) probing said physically and logically secure medium to verify that the decrypted token data corresponds to the token data stored by said physically and logically secure medium, ci) in the event there is no correspondence, rejecting said backup set and terminating said steps, cii) in the event there is correspondence, then d) modifying and then encrypting said decrypted token data under said software key, e) encrypting said software key under said first key, and f) writing results from steps d) and e) to said backup set, and writing said protected application to said backup set. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A method of providing backup for a right to execute a particular protected application on a composite computing system including a host processor and a physically and logically secure coprocessor, wherein said protected application includes at least a portion encrypted under a software key and said right to execute is represented by said software key stored in a permanent memory of said coprocessor which coprocessor also stores a first key in said permanent memory, said method comprising the steps of:
-
a) coupling said coprocessor to a different coprocessor, b) challenging said different coprocessor by said coprocessor to determine if said different coprocessor is a trusted recipient and simultaneously transferring antecedent information from said coprocessor to said different coprocessor to allow access to an encrypted backup, c) if said different coprocessor is determined to be a trusted recipient by said coprocessor, encrypting said software key under a specific key derivable from said antecedent information to produce an encrypted backup and transmitting said encrypted backup from said coprocessor to said different coprocessor, d) if said different coprocessor is not determined to be a trusted recipient by said coprocessor, then returning an error condition without creating said backup. - View Dependent Claims (25, 26, 27, 28, 29)
-
-
30. A method of safely distributing demonstration software only for demonstration use on composite computing systems comprising a host computer and a logically and physically secure coprocessor, wherein the coprocessor stores at least a specific key, said method comprising the steps of:
-
a) distributing said demonstration software in a form in which at least a portion thereof is encrypted under a software key, b) distributing, along with said demonstration software said software key encrypted under said specific key and a null token data file, encrypted under said software key, said software key including at least a condition of use flag inhibiting any coprocessor from erasing said software key, c) installing said software key on a coprocessor by; c1) decrypting said software key under said specific key, and c2) searching permanent memory of said coprocessor to determine if said software key had previously been installed, c3) writing said software key to said permanent memory only if said step c2) indicates that said software key had never been previously installed, whereafter said demonstration software can be executed on said composite computing system by decrypting encrypted portions by said coprocessor, or c4) inhibiting said writing step c3) in the event said software key had been previously installed wherefore said demonstration software cannot be executed on said composite computing system, whereby a user may install said demonstration software into a composite computing system only on a single occasion thereby protecting software vendors from users repeatedly installing demonstration software. - View Dependent Claims (31)
-
-
32. A method of encrypting software keys as a service by a physically and logically secure coprocessor under a first key which method is resistant to a plain text attack on said first key, said method comprising the steps of:
-
a) accepting a software key for encryption, b) padding said software key with a number of a given length, said number including at least a component which is random, c) encrypting a result produced by said step b) under said first key, whereby said padding produces an encrypted result in response to a first encryption operation which is different form an encryption result produced on a second encryption operation even though an identical software key is presented on each occasion thus foiling a plain text attack on said first key. - View Dependent Claims (33, 34, 35, 36, 37)
-
-
38. A method of identifying first and second processors to each other as companion processors which companion processors are characterized by storing a set of keys, which set includes a number of keys greater than one, comprising the steps of:
-
a) at a fist processor, generating a first random number, concatenating said first random number with a message authentication code, to produce a concatenated result and encrypting said concatenated result under one key of said set of keys to produce a first identifier, b) at a second processor, generating a second random number, concatenating said second random number with a message authentication code, to produce a concatenated result and encrypting said concatenated result under another key, said another key selected by said second processor from said set of keys, to produce another identifier, c) transmitting said first and another identifiers to said second and first processors, respectively, d) determining, at said processors that said identifiers were generated by companion processors by; 1) decrypting said identifiers with keys selected from said set of keys until a decrypted result includes a valid message authentication code as a portion, or e) determining that said first and second processors are not companion processors if all keys in said set are employed without any decrypted result including a valid message authentication code. - View Dependent Claims (39)
-
-
40. A method of safely transferring a right to execute from a logically secure source coprocessor associated with a host source processor to a logically secure sink coprocessor associated with a host sink processor, where said source coprocessor stores at least a source key and a software key representing said right to execute a particular application and said sink coprocessor stores a sink key, both said source and sink keys included within a set of keys stored in both said source and sink coprocessors, said host processors having access to said particular application encrypted under said software key, said method comprising the steps of:
-
e) at said source coprocessor, generating a first random number, concatenating said first random number with a first message authentication code to produce a concatenated result and encrypting said concatenated result under said source key to produce a source identifier, b) at said sink coprocessor, generating a second random number, concatenating said second random number with a second message authentication code to produce a concatenated result and encrypting said concatenated result under said sink key to produce a sink identifier, c) transmitting said source and sink identifiers to said sink and source coprocessors, respectively, d) verifying, at said coprocessors that said identifiers were generated by companion coprocessors by 1) decrypting said identifiers with keys selected from said set until a decrypted result includes a valid message authentication code as a portion, or 2) until all keys in said set are employed without any decryption result including a valid message authentication, 3) terminating an attempt to transfer a right to execute if step d2) is reached, and otherwise, e) creating a session key at each coprocessor from said source and sink identifiers, f) encrypting said software key at said source coprocessor under said session key to produce a transmittable software key and deleting said software key from said source coprocessor, g) transmitting said transmittable software key from said source to said sink coprocessor, h) decrypting said transmittable software key at said sink coprocessor with said session key to recreate said software key, and i) storing said software key in a non-volatile memory of said sink coprocessor, whereby said software key has been extracted and transferred from source to sink coprocessors without exposing said software key and without revealing either said source or sink keys.
-
-
41. A method of safely increasing storage capacity without compromising security for software keys normally stored within a logically and physically secure storage of finite storage capacity, said storage accessible to a logically secure coprocessor element of a composite computing system comprising the steps of:
-
a) selecting one or more software keys for storage external to said logically and physically secure storage to form a key block, b) generating a random number, c) encrypting said key block under said random number to produce an encrypted key block, d) storing said random number internally to said physically and logically secure coprocessor, e) storing said encrypted key block external to said physically and logically secure coprocessor in unsecured storage, and f) erasing said software keys form storage internal to said logically and physically secure coprocessor. - View Dependent Claims (42)
-
-
43. A method of conditioning manipulation, in the form of transfer, hardware backup or erasure, of a right to execute a protected application on a composite computing system including a host processor and a physically and logically secure coprocessor, wherein said protected application includes at least a portion encrypted under a software key and said right to execute, if present, is represented by said software key along with a data object stored in a permanent memory of said coprocessor, said method comprising the steps of:
-
a) providing said data object to said coprocessor, b) storing said software key in association with said data object in said permanent memory of said coprocessor, c) in response to a request for said manipulation of said software key, requiring said coprocessor to access said data object prior to any such manipulation of said software key, and d) thereafter requiring said coprocessor to interpret said data object as a specification of permitted manipulations and executing said manipulation if, and only if, said manipulation is a permitted manipulation.
-
Specification