Use of pseudocode to protect software from unauthorized use

US 6,334,189 B1
Filed: 11/20/1998
Issued: 12/25/2001
Est. Priority Date: 12/05/1997
Status: Expired due to Term

First Claim

Patent Images

1. A software application which runs in conjunction with an electronic security device (ESD), the application comprising, on a computer-readable medium:

application code which provides application-level functionality to a user of the application;

security code which implements an ESD-based use restriction scheme to protect against an unauthorized use of the application, at least a portion of the security code being in pseudocode; and

an interpreter module which includes executable code for retrieving and executing the pseudocode.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Three methods are disclosed for protecting software applications from unauthorized distribution and use (piracy). The first method involves using values generated by a conventional ESD (Electronic Security Device) to encrypt and/or decrypt user data (such as a file) that is generated and used by the application. In a preferred embodiment, the user data is encrypted (such as during a write to memory) using values returned by the ESD, and the user data is later decrypted using like values returned by a software-implemented ESD simulator. The second and third methods involve the use of special development tools that make the task of analyzing the application'"'"'s copy protection code (such as the code used to encrypt and/or decrypt user data) significantly more difficult. Specifically, the second method involves using pseudocode to implement some or all of the application'"'"'s copy protection functions. The pseudocode for a given function is generated (preferably in encrypted form) from actual code using a special development tool, and is then imbedded within the application together with a corresponding pseudocode interpreter. The interpreter fetches, decrypts and executes the pseudocode when the function is called. Because no disassemblers or other development tools exist for analyzing the pseudocode, the task of analyzing the copy protection functions becomes significantly more complex. The third method involves the use of a special obfuscation tool to convert the code for selected copy-protection functions into unnecessarily long, inefficient sequences of machine code. In one implementation of the obfuscation tool, the developer can control the quantity of code that is generated by specifying one or more control parameters. The three methods can also be used to protect software license management systems from security attacks.

184 Citations

30 Claims

1. A software application which runs in conjunction with an electronic security device (ESD), the application comprising, on a computer-readable medium:
- application code which provides application-level functionality to a user of the application;
  
  security code which implements an ESD-based use restriction scheme to protect against an unauthorized use of the application, at least a portion of the security code being in pseudocode; and
  
  an interpreter module which includes executable code for retrieving and executing the pseudocode.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The software application as in claim 1, wherein the pseudocode is stored within a data table of the application.
  - 3. The software application as in claim 2, wherein the pseudocode is stored within the data table in an encrypted form.
  - 4. The software application as in claim 1, wherein the pseudocode implements at least a portion of a decryption engine which decrypts data that is necessary to the proper operation of the application.
  - 5. The software application as in claim 4, wherein the decryption engine decrypts the data using a value generated by at least one of an electronic security device (ESD) and a software-implemented ESD simulator.
  - 6. The software application as in claim 5, wherein the decryption engine decrypts user data that has been encrypted using an encryption engine of the application, the user data generated by the application code in response to actions of the user.
  - 7. The software application as in claim 5, wherein the decryption engine decrypts an authorization certificate that is dispatched over a network by a license management server.
  - 8. The software application as in claim 7, wherein the certificate is encrypted by the license management server using a value generated by the ESD, and is decrypted by the application using a value that is generated by the ESD simulator.
  - 9. The software application as in claim 1, wherein the pseudocode is in a machine-language of a non-existent processor.
  - 10. The software application as in claim 1, wherein the interpreter module emulates a bit-slice processor.
  - 11. The software application as in claim 1, wherein the application includes a pseudocode module which implements at least one copy-protection function and at least one non-copy-protection function.
  - 12. The software application as in claim 11, wherein the copy-protection function and the non-copy-protection function are intermingled within the pseudocode module.
  - 13. The software application as in claim 1, wherein the security code comprises obfuscated machine code, the obfuscated machine code generated using an obfuscation tool which increases a quantity of instructions within an input code module.
  - 14. The software application as in claim 1, in combination with the ESD.
  - 15. The software application as in claim 1, wherein the application code provides 3-D animation functionality.

16. A method of protecting a software application from unauthorized use, the method comprising:
- providing the application with a code module which communicates with an electronic security device (ESD), the ESD configured to generate and return numeric values in response to requests from the code module;
  
  imbedding a pseudocode module within the application, the pseudocode module including pseudocode which implements at least one function of an ESD-based security method; and
  
  providing the application with an interpreter module, the interpreter module including code for fetching and executing instructions of the pseudocode module.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The method as in claim 16, wherein the step of imbedding comprises imbedding the pseudocode within a data table of the application.
  - 18. The method as in claim 17, wherein the step of imbedding comprises imbedding the pseudocode within the data table in an encrypted form.
  - 19. The method as in claim 16, wherein the pseudocode module implements at least one copy protection function and at least one non-copy-protection function.
  - 20. The method as in claim 19, wherein the copy-protection function and the non-copy-protection function are intermingled within the pseudocode module.
  - 21. The method as in claim 16, further comprising the step of processing at least one coded function of the ESD-based security method with an obfuscation tool to generate obfuscated code, and imbedding the obfuscated code within the application.
  - 22. The method as in claim 21, wherein the step of processing the coded function comprises replacing individual instructions of the coded function with equivalent sequences of instructions to increase a quantity of instructions within the function.
  - 23. The method as in claim 16, wherein the pseudocode module includes encrypted pseudocode, and the method further comprising generating the encrypted pseudocode using an encrypting compiler that converts high-level code into encrypted pseudocode.
  - 24. The method as in claim 16, wherein the pseudocode module includes encrypted pseudocode, and the method further comprising generating the encrypted pseudocode using an encrypting pseudocode assembler that converts assembly code into encrypted pseudocode.

25. A software development kit for adding secure copy protection code to an application, the kit comprising:
- a pseudocode interpreter module that is adapted to be added to an application and called by other modules of the application, the pseudocode interpreter module configured to decrypt and execute encrypted pseudocode that is imbedded within the application; and
  
  a development tool which generates the encrypted pseudocode from source code.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. The software development kit as in claim 25, wherein the pseudocode interpreter retrieves the encrypted pseudocode from a data table of the application.
  - 27. The software development kit as in claim 25, wherein the development tool generates a data block that is adapted to be imbedded as data within the application, the data block including the encrypted pseudocode, and including information that is used by the pseudocode interpreter module to decrypt the encrypted pseudocode.
  - 28. The software development kit as in claim 25, wherein the development tool comprises an encrypting compiler which generates the encrypted pseudocode from high-level source code.
  - 29. The software development kit as in claim 25, wherein the development tool includes a user interface which allows a developer to specify an encryption method to be used to generate the encrypted pseudocode.
  - 30. The software development kit as in claim 25, wherein the pseudocode interpreter module supports self-modifying pseudocode.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tumbleweed Holdings LLC (Equitable IP Corporation)
Original Assignee
Jamama LLC
Inventors
Granger, Mark J., Smith, Cyrus E., Hoffman, Matthew I.
Primary Examiner(s)
Peeso, Thomas R.

Application Number

US09/196,056
Time in Patent Office

1,131 Days
Field of Search

713/200, 713/201, 380/255, 380/268
US Class Current

726/26
CPC Class Codes

G06F 21/109   by using specially-adapted ...

G06F 21/123   by using dedicated hardware...

G06F 21/125   by manipulating the program...

G06F 21/14   against software analysis o...

G06F 21/6209   to a single file or object,...

G06F 2221/2153   Using hardware token as a s...

Use of pseudocode to protect software from unauthorized use

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

184 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Use of pseudocode to protect software from unauthorized use

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

184 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links