Method and apparatus for securing executable programs against copying

US 5,675,645 A
Filed: 04/18/1995
Issued: 10/07/1997
Est. Priority Date: 04/18/1995
Status: Expired

First Claim

Patent Images

1. An apparatus for executing a secure program in a computer system, wherein the ability to make workable copies of the secure program from the computer system is inhibited, the apparatus comprising:

a program memory in which the secure program data is stored in an encrypted form;

a security chip coupled to the program memory, the security chip comprising;

means for decrypting portions of the secure program into a clear portion and a remainder portion;

means for providing the clear portion to memory locations accessible by a processor; and

remainder memory for storing the remainder portion of the secure program, the remainder memory not directly accessible by the processor;

means for requesting subsets of the remainder portion for use by the processor; and

means, within the security chip, for checking that the requested subset is within a valid predetermined set of requested subsets dependent on a stored state for the processor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure system for executing program code in an insecure environment while making it impossible, or at least impractical, to determine how to copy the program code and associated data is provided. A program memory contains encrypted program data and security circuitry contained within an integrated circuit is provided for decrypting the program data as it is needed by a processor. A portion of the processing steps which would be done by the processor in an insecure system is performed in this secure system within the secure circuitry using portions of the decrypted program data which are not provided to the processor. Program data is parsed it out based on a proper request to the security chip from the processor. A key value stored in volatile memory is used in the decrypting process and the volatile memory is positioned on the integrated circuit such that its contents are lost before a chip peel provides access to the volatile memory.

Citations

33 Claims

1. An apparatus for executing a secure program in a computer system, wherein the ability to make workable copies of the secure program from the computer system is inhibited, the apparatus comprising:
- a program memory in which the secure program data is stored in an encrypted form;
  
  a security chip coupled to the program memory, the security chip comprising;
  
  means for decrypting portions of the secure program into a clear portion and a remainder portion;
  
  means for providing the clear portion to memory locations accessible by a processor; and
  
  remainder memory for storing the remainder portion of the secure program, the remainder memory not directly accessible by the processor;
  
  means for requesting subsets of the remainder portion for use by the processor; and
  
  means, within the security chip, for checking that the requested subset is within a valid predetermined set of requested subsets dependent on a stored state for the processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The apparatus of claim 1, wherein the secure program stored in the program memory is stored with the clear portion and the remainder portion stored separately.
  - 3. The apparatus of claim 1, wherein the remainder portion is a set of branch instructions of the secure program.
  - 4. The apparatus of claim 3, wherein the security chip further includes means for caching branch statements based on recently executed branches.
  - 5. The apparatus of claim 1, wherein the means for decrypting portions of the secure program is configured with a decryption key.
  - 6. The apparatus of claim 5, wherein the decryption key is stored in a volatile memory.
  - 7. The apparatus of claim 6, wherein the volatile memory is distributed over the security chip, the security chip further comprising overlying circuitry which overlies and obscures at least a part of the volatile memory.
  - 8. The apparatus of claim 7, wherein the overlying circuitry is coupled to a power source for the volatile memory such that the removal of the overlying circuitry removes the power to the overlying circuitry.
  - 9. The apparatus of claim 1, further comprising:
    - clocking means, within the security chip, for determining a rate of instruction execution of the processor; and
      
      timing response means for rejecting processor requests when the clocking means determines that the rate is outside a range of normal operation for the processor.
  - 10. The apparatus of claim 1, further comprising a data decompressor for decompressing the secure program after decryption, wherein the secure program is compressed before encryption.
  - 11. The apparatus of claim 10, wherein the decompressor is an entropy decoder.
  - 12. The apparatus of claim 1, further comprising:
    - checksum means, within the security chip, for determining a checksum of bus accesses on a processor bus; and
      
      checksum response means for rejecting processor requests when the checksum does not match a predetermined checksum for those bus accesses.
  - 13. The apparatus of claim 1, further comprising a data scrambler for reordering data elements of the secure program according to a reversible and deterministic pattern determined by a key value, wherein the secure program is reordered by the inverse of the data scrambler before being placed in the program memory.
  - 14. The apparatus of claim 13, wherein the data scrambler comprises a plurality of first-in, first-out buffers.
  - 15. The apparatus of claim 13, wherein the reversible and deterministic pattern is generated by reference to the output of a pseudorandom number generator.
  - 16. The apparatus of claim 1, wherein the means for decrypting portions of the secure program operates based on the key value and the output of a pseudorandom number generator.
  - 17. The apparatus of claim 1, further comprising means for altering the operation of the security chip and the program flow of the secure program when said means for checking detects that the requested subset is not within the valid predetermined set of subsets, whereby the altered operation causes a negative effect on the program flow or operation.
  - 18. The apparatus of claim 17, wherein the means for altering is a means for halting the processor.

19. An apparatus for encrypting program data to prevent unauthorized copying, comprising;
- a branch separator for extracting branch statements from the program data;
  
  a compressor for compressing the extracted branch statements and a remainder of the program data to form compressed data; and
  
  an encryptor for encrypting the compressed data.

20. An apparatus for encrypting program data to prevent unauthorized copying, comprising;
- a branch separator for extracting branch statements from the program data comprising;
  
  means for automatically generating checksum data representing checksums of program data; and
  
  means for automatically generating timing information used to assess timing of program data processing;
  
  a compressor for compressing the extracted branch statements, a remainder of the program data, the checksum data, and the timing information, to form compressed data; and
  
  an encryptor for encrypting the compressed data.

21. A method of executing a secure program to prevent copying of the secure program in a usable form from information acquired over an insecure processor bus, the usable form being a copy which replaces the functionality of the original, comprising the steps of:
- accepting a request from a processor over the insecure processor bus for a block of program data, the block of program data including at least one of one or more program instructions or one or more program data elements;
  
  decrypting, in a secure manner, the block of program data into a clear portion and a remainder portion;
  
  providing the clear portion to the processor over the insecure processor bus; and
  
  accepting requests from the processor over the insecure processor bus for elements of the remainder portion;
  
  checking that the request is consistent with the state of the processor and previous requests;
  
  processing the requests from the processor for elements of the remainder portion; and
  
  responding to the requests with request responses, wherein the request responses do not contain enough information content to recreate the remainder portion with substantially less computational effort than required to create said remainder portion.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 22. The method of claim 21, further comprising the steps of:
    - separating a program into the clear portion and the remainder portion to form a secure program; and
      
      encrypting the secure program prior to placing the secure program into an insecure memory.
  - 23. The method of claim 22, wherein the step of separating is a step of separating branch instructions of the program from other instructions of the program.
  - 24. The method of claim 21, wherein the step of decrypting is performed with a decryption key.
  - 25. The method of claim 24, further comprising the step of storing the decryption key in a volatile memory.
  - 26. The method of claim 25, further comprising the steps of:
    - providing a power source to the volatile memory;
      
      covering the volatile memory with a circuit such that the power source is removed from the volatile memory when the circuit is disturbed and the circuit shields the volatile memory from probing.
  - 27. The method of claim 21, further comprising the step of checking a rate of instruction execution of the processor prior to providing a request response.
  - 28. The method of claim 21, further comprising the step of decompressing the secure program after decryption, wherein the secure program is compressed before encryption.
  - 29. The method of claim 21, further comprising the steps of:
    - determining a checksum of bus accesses on a processor bus;
      
      comparing the checksum to a precalculated checksum for a set of instructions of the secure program which are executed under normal operation; and
      
      preventing the unobstructed operation of the secure program when the checksum and the precalculated checksum differ.
  - 30. The method of claim 21, further comprising the steps of:
    - scrambling an order of data elements of the secure program according to a reversible and deterministic pattern determined by a key value prior to storage in an insecure memory; and
      
      descrambling the order of the data elements upon proper request of the processor.
  - 31. The method of claim 30, wherein the step of scrambling comprises a step of generating a pseudorandom number used to form the reversible and deterministic pattern.

32. A method for encrypting a program to prevent unauthorized copying, comprising the steps of:
- separating program code according to sequences of nonbranch instructions and branch instructions;
  
  compressing the nonbranch instructions to form a first set of compressed data;
  
  compressing the branch instructions to form a second set of compressed data; and
  
  encrypting the first and second sets of compressed data.

33. An apparatus for executing a secure program in an insecure computer system, wherein the ability to make workable copies of the secure program during execution of the secure program using the insecure computer system is inhibited, a workable copy being a copy which replaces the functionality of the original secure program, the apparatus comprising:
- a program memory in which the secure program, data is stored in an encrypted form;
  
  a security chip coupled between the program memory and adapted to be coupled to a processor over an accessible processor bus, the security chip comprising;
  
  means for decrypting portions of the secure program into a clear portion and a remainder portion;
  
  means for providing the clear portion to memory locations accessible by the processor; and
  
  remainder memory for storing the remainder portion of the secure program, the remainder memory not directly accessible by the processor except via the security chip;
  
  means for requesting subsets of the remainder portion for use by the processor; and
  
  means, within the, security chip, for checking that the requested subset is within a valid predetermined set of requested subsets given a stored state for the processor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ricoh Company Limited, Ricoh Corporation (Ricoh Company Limited)
Original Assignee
Ricoh Company Limited, Ricoh Corporation (Ricoh Company Limited)
Inventors
Gormish, Michael J., Schwartz, Edward L.
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/423,402
Time in Patent Office

903 Days
Field of Search

380/4, 380/49, 375/240
US Class Current

713/187
CPC Class Codes

G06F 21/123 by using dedicated hardware...

G06F 2221/2107 File encryption

Method and apparatus for securing executable programs against copying

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for securing executable programs against copying

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links