System and method for preventing unauthorized use of protected software utilizing a portable security device
First Claim
1. A method for protecting software from unauthorized use on a computer system using an external security device, the method comprising the steps of:
- (a) encrypting the software to be protected using an encryption key, creating encrypted software, wherein the encryption key is derived from a dynamic key, which is assigned to the software to be protected and does not change between copies of the software;
(b) in response to the security device being coupled to the computer system, sending information identifying the protected software from the computer system to the security device;
(c) using information supplied from the software to determine if the dynamic key assigned to the software is present in the security device, and if so, generating the encryption key within the security device using the dynamic key; and
(d) authorizing use of the software on the computer system by sending the encryption key from the security device to the computer system for decryption of the software.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for protecting software from unauthorized use on a computer system using an external security device is disclosed. The method and system include encrypting the software to be protected using an encryption key. The use of the software on the computer system is then authorized by generating the encryption key within the security device using information supplied from the software. Once the encryption key generated by the security device is received on the computer system, the encryption key used to decrypt the encrypted software for execution on the computer system.
-
Citations
42 Claims
-
1. A method for protecting software from unauthorized use on a computer system using an external security device, the method comprising the steps of:
-
(a) encrypting the software to be protected using an encryption key, creating encrypted software, wherein the encryption key is derived from a dynamic key, which is assigned to the software to be protected and does not change between copies of the software;
(b) in response to the security device being coupled to the computer system, sending information identifying the protected software from the computer system to the security device;
(c) using information supplied from the software to determine if the dynamic key assigned to the software is present in the security device, and if so, generating the encryption key within the security device using the dynamic key; and
(d) authorizing use of the software on the computer system by sending the encryption key from the security device to the computer system for decryption of the software. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for protecting software from unauthorized use on a computer system, the method comprising the steps of:
-
(a) using at least a dynamic key and a first piece of information to generate an encryption key, wherein the dynamic key is assigned to the software to be protected and does not change between copies of the software;
(b) encrypting the software using the encryption key;
(c) providing the first piece of information with the encrypted software, wherein at least a portion of the first piece of information identifies the protected software;
(d) storing the dynamic key in a security device; and
(e) authorizing use of the software after the encrypted software is loaded on the computer system and the security device is coupled to the computer system by, (i) sending the first piece of information provided with the encrypted software to the security device, (ii) if the dynamic key assigned to the software is present in the security device, using the first piece of information and the dynamic key to generate the encryption key in the security device, (iii) transmitting the encryption key from the security device to the computer system, and (iv) decrypting the encrypted software with the encryption key for use on the computer system. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A method for protecting software from unauthorized use on a computer system, the method comprising the steps of:
-
(a) creating an initialization vector and a dynamic key, wherein the is assigned to the software to be protected and does not change between copies of the software;
(b) using the initialization vector and the dynamic key to generate a security key;
(c) using the security key and the initialization vector to generate a communication key;
(d) encrypting software using the security key to create encrypted software;
(e) creating a software package comprising the initialization vector, the encrypted software, the communications key, and an authentication program;
(f) storing the dynamic key in a security device;
(g) authorizing use of the software after the software package has been loaded on the computer system and the security device coupled to the computer system by (i) sending the initialization vector to the security device, (ii) in the security device, using the initialization vector and the stored dynamic key to generate the security key and communication key if the dynamic key assigned to the software is present in the security device, (iii) encrypting the security key using the communication key, (iv) sending the encrypted security key to the computer system as a response, (v) using the communications key in the software package to decrypt encrypted security key, and (vi) using the security key to decrypt the encrypted software for use on the computer system. - View Dependent Claims (23)
-
-
24. A computer-readable medium containing program instructions for protecting software from unauthorized use on a computer system using an external security device, the program instructions for:
-
(a) encrypting the software to be protected using an encryption key, creating encrypted software, wherein the encryption key is derived from a dynamic key, which is assigned to the software to be protected and does not change between copies of the software;
(b) in response to the security device being coupled to the computer system, sending information identifying the protected software from the computer system to the security device;
(c) using information supplied from the software to determine if the dynamic key assigned to the software is present in the security device, and if so, generating the encryption key within the security device using the dynamic key; and
(d) authorizing use of the software on the computer system by sending the encryption key from the security device to the computer system for decryption of the software. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A computer software authentication system comprising:
-
a computer system;
a software package loaded on the computer system that includes, an encrypted software program encrypted with a first encryption key, an authorization program, a first key of a keyset, and a second encryption key; and
a security device in communication with the computer system that includes a second key of the keyset and mathematical algorithms, wherein when the software package is executed the computer system, the encrypted software program is authenticated by, transferring the first key of the keyset from the authorization program to the security device, generating in the security device the first and second encryption keys using the keyset and the mathematical algorithms, encrypting the first encryption key using the second encryption key, transferring the encrypted first encryption key from the security device to the computer system, decrypting the encrypted first encryption key on the computer system using the second encryption key included in the software package, and using the first encryption key to decrypt the encrypted software for execution on the computer system.
-
-
40. A method for protecting software from unauthorized use on a computer system as using an external security device, the method comprising the steps of:
-
(a) encrypting the software to be protected using an encryption key that is mathematically derived from an dynamic key;
(b) imbedding in the protected software a communications key that is also derived from an dynamic key;
(c) authorizing the use of the software, only if the dynamic key is present in the security device, by generating the encryption key from the dynamic key within the security device;
(d) encrypting the encryption key with the communications key within the security device and sending the encrypted encryption key from the security device to the computer system; and
(e) with the communications key imbedded in the software, decrypting the encryption key and using the encryption key to decrypt the software. - View Dependent Claims (41, 42)
-
Specification