Computer system for protecting software and a method for protecting software
First Claim
Patent Images
1. A computer system, comprising:
- a protection mechanism for protecting software, the protection mechanism includinga challenge means associated with a protected item of software,a first response means having access to private keying material of an asymmetric key pair and being able to communicate with said challenge means, anda second response means being able to communicate with said challenge means, whereina) said challenge means has no access to the private keying material accessed by said first response means,b) said challenge means has means for validating an asymmetric proof of said first response means and a proof of said second response means without requiring that said first response means disclose its private keying material, respectively,c) said challenge means has means for prohibiting a protected program from executing unless at least one validation is successful.
2 Assignments
0 Petitions
Accused Products
Abstract
A method for protecting an item of software, wherein at least one first challenge means is associated with said protected item of software, and at least one first response means accesses one private keying material. At least a third means (either challenge or response also exists). The first challenge means has no access to the said private keying material. The first response means proves to the first challenge means that the first response means has access to the private keying material. The first challenge means validates this proof using the public keying material that corresponds to the first response means'"'"' private keying material.
176 Citations
153 Claims
-
1. A computer system, comprising:
a protection mechanism for protecting software, the protection mechanism including a challenge means associated with a protected item of software, a first response means having access to private keying material of an asymmetric key pair and being able to communicate with said challenge means, and a second response means being able to communicate with said challenge means, wherein a) said challenge means has no access to the private keying material accessed by said first response means, b) said challenge means has means for validating an asymmetric proof of said first response means and a proof of said second response means without requiring that said first response means disclose its private keying material, respectively, c) said challenge means has means for prohibiting a protected program from executing unless at least one validation is successful. - View Dependent Claims (2, 8, 9, 10, 11, 12, 13, 14, 15, 16, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
3. A computer system, comprising:
a protection mechanism for protecting software, the protection mechanism including a first challenge means associated with a protected item of software, a second challenge means, a first response means having access to private keying material of an asymmetric key pair and being able to communicate with the first challenge means, and a second response means having access to secret keying material being able to communicate with the second challenge means, wherein a) said first challenge means has no access to the private keying material accessed by said first response means, b) said first challenge means validates an asymmetric proof of said first response means that said first response means has access to said private keying material without requiring that said first response means disclose said private keying material, c) said second challenge means validates a proof of said second response means that said second response means has access to said secret keying material, d) one of said first challenge means and said second challenge means prohibit using the software at least in an unlimited mode unless at least one of the said validations is successful. - View Dependent Claims (6, 7, 17, 18, 19, 20, 63, 66, 69, 72, 75, 78, 79, 80, 81, 94, 97, 100, 101, 102, 103, 104, 105, 118, 121, 122, 127)
-
4. A computer system, comprising:
means for inputting a program to be protected and for embedding including at least a challenge means associated with a protected item of software, a first response means having access to private keying material of an asymmetric key pair and being able to communicate with the challenge means, and a second response means being able to communicate with the challenge means, wherein a) said challenge means has no access to the private keying material accessed by said first response means, b) said challenge means has means for validating an asymmetric proof of said first response means and a proof of said second response means without requiring that said first response means disclose its private keying material, respectively, c) said challenge means has means for prohibiting a protected program from executing unless at least one validation is successful. - View Dependent Claims (64, 67, 70, 73, 76, 82, 83, 84, 85, 95, 98, 106, 107, 108, 109, 110, 111, 119, 123, 124, 128)
-
5. A computer system, comprising:
means for inputting a program to be protected and for embedding including a first challenge means associated with a protected item of software, a second challenge means, a first response means having access to private keying material of an asymmetric key pair and being able to communicate with the first challenge means, and a second response means having access to secret keying material being able to communicate with the second challenge means, wherein a) said first challenge means has no access to the private keying material accessed by said first response means, b) said first challenge means validates an asymmetric proof of said first response means that said first response means has access to said private keying material without requiring that said first response means disclose said private keying material, c) said second challenge means validates a proof of said second response means that said second response means has access to said secret keying material, d) at least one of said first challenge means and said second challenge means prohibit using the software at least in an unlimited mode unless at least one of the said validations is successful. - View Dependent Claims (61, 62, 65, 68, 71, 74, 77, 86, 87, 88, 89, 90, 91, 92, 93, 96, 99, 112, 113, 114, 115, 116, 117, 120, 125, 126, 129)
-
33. A method of distributing software to a plurality of customers, comprising the steps of:
-
providing each customer with a computer system with a protection mechanism for protecting software, the protection mechanism including a challenge means associated with a protected item of software, a first response means having access to private keying material of an asymmetric key pair and being able to communicate with said challenge means, and a second response means being able to communicate with said challenge means, wherein a) said challenge means has no access to the private keying material accessed by said first response means, b) said challenge means has means for validating an asymmetric proof of said first response means and a proof of said second response means without requiring that said first response means disclose its private keying material, respectively, c) said challenge means has means for prohibiting a protected program from executing unless at least one validation is successful, and providing every customer with an identical copy of said software and of said challenge means.
-
-
34. A method for protecting an item of software, comprising the steps of:
-
providing a protection mechanism for protecting the software, associating a challenge means with a protected item of the software, accessing by a first response means to private keying material of an asymmetric key pair and being able to communicate with the challenge means, and communicating by a second response means with the challenge means, wherein a) said challenge means having no access to the private keying material accessed by said first response means and said second response means, respectively, b) validating by said challenge means an asymmetric proof of the said first response means and a proof of the said second response means without requiring that said first response means disclose its private keying material, respectively, c) prohibiting a protected program from executing by said challenge means unless at least one of the validations is successful. - View Dependent Claims (35, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
-
-
36. A method for protecting an item of software, comprising the steps of:
-
providing a protection mechanism for protecting software, including; providing a first challenge means associated with a protected item of software and providing a second challenge means, accessing private keying material of an asymmetric key pair with a first response means and being able to communicate with the first challenge means, and accessing a second response means having access to secret keying material and being able to communicate with the second challenge means, wherein a) the said first challenge means has no access to the private keying material accessed by said first response means, b) validating an asymmetric proof of the said first response means that the said first response means has access to said private keying material by said first challenge means validates without requiring that said first response means disclose said private keying material, c) validating a proof of said second response means that said second response means has access to said secret keying material by said second challenge means, d) prohibiting using the software at least in an unlimited mode by one of said first challenge means and said second challenge means unless at least one of said validations is successful. - View Dependent Claims (130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153)
-
Specification