Digital data protection arrangement

US 7,162,735 B2
Filed: 07/13/2001
Issued: 01/09/2007
Est. Priority Date: 07/18/2000
Status: Expired due to Term

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. Computer software operable to provide protection for a second item of computer software, the protection software comprising security means operable to authorise execution of the protected software in response to successful completion of one or more security checks, and having at least one block of executable code which is stored in non-executable form and which requires execution to authorise execution of the protected software, and the protection software further comprising conversion means operable to convert the said block of code to an executable form by means of an algorithm which requires at least one conversion key, the conversion means being further operable to derive a conversion key, for use in the algorithm, by reference to a target block of code in executable or non-executable form, whereby an appropriate conversion key will be derived only if the target block is unmodified.

View all claims

4 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

When software is initially loaded to RAM 20, an engine 30A is installed at the beginning of an otherwise empty area of RAM 20. When the protected application is called, the engine first creates a series of steps (FIG. 3D), including a CALL command to a protection block 38. On reaching the call 36, the protection block 38 is executed, to complete various security checks. If these are successful, step 2 is created and written over the call 36 so that execution of steps 2 and 3 can continue as normal. Consequently, the protected software (steps 1, 2 and 3) is not exposed to scrutiny unless the security checks have successfully been completed.

25 Citations

View as Search Results

40 Claims

1. Computer software operable to provide protection for a second item of computer software, the protection software comprising security means operable to authorise execution of the protected software in response to successful completion of one or more security checks, and having at least one block of executable code which is stored in non-executable form and which requires execution to authorise execution of the protected software, and the protection software further comprising conversion means operable to convert the said block of code to an executable form by means of an algorithm which requires at least one conversion key, the conversion means being further operable to derive a conversion key, for use in the algorithm, by reference to a target block of code in executable or non-executable form, whereby an appropriate conversion key will be derived only if the target block is unmodified.
- View Dependent Claims (2, 3)
- - 2. A computer memory device containing computer software in accordance with claim 1.
  - 3. A computer system containing an item of computer software protected by means of computer software in accordance with claim 1.

4. A digital data arrangement comprising protected code and security code, wherein the protected code comprises incomplete executable code, the executable code including one or more call instructions to the security code, and the security code, when executed, replaces a respective call instruction with executable code such that the executable code of the protected code is completed upon execution of all call instructions.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 5. A computer system comprising memory means containing a digital protection arrangement according to claim 4.
  - 6. A data carrier containing software which, when installed on a computer system, is operable as a digital data protection arrangement in accordance with claim 4.
  - 7. Computer software which, when installed on a computer system, is operable as a digital data protection arrangement in accordance with claim 4.
  - 8. The arrangement of claim 4, wherein the security code, when executed, is operable to detect corruption of the protected code.
  - 9. The arrangement of claim 8, wherein the security code is operable to delete the protected code in the event that any corruption is detected.
  - 10. The arrangement of claim 4, wherein the protected code comprises encrypted code associated with each call instruction and the security code, upon execution by a call instruction, is operable to decrypt the associated encrypted code and to replace the call instruction and encrypted code with corresponding decrypted code.
  - 11. The arrangement of claim 4, wherein the security code is embedded within the protected code.
  - 12. The arrangement of claim 11, wherein the security code is embedded at locations which are unused by the protected code.
  - 13. The arrangement of claim 12, wherein at least one embedding location is identified when the protected code is executed, the security means is written to the embedding location.
  - 14. The arrangement of claim 13, wherein an embedding location is identified by decompiling the protected code, and analyzing the decompiled code.
  - 15. The arrangement of claim 4, the arrangement further comprising relocation code operable to change the location of the security code and to modify the call instruction to refer to the new location.
  - 16. The arrangement of claim 15, wherein the relocation code is contained within the protected code, to operate repeatedly while the protected code is in use.
  - 17. The arrangement of claim 4, wherein the protected code is provided in encrypted form, and the arrangement further comprises executable instructions for decryption.

18. A digital data arrangement comprising:
- protected data provided in encrypted form;
  
  decryption instructions for decrypting the protected data, the decryption instructions being provided in a non-executable form; and
  
  executable conversion code operable to;
  
  derive a conversion key from a target block of data of the arrangement;
  
  convert the decryption instructions into an executable form by means of an algorithm that employs the conversion key; and
  
  execute the decryption instructions to decrypt the protected data, wherein the decryption instructions are converted into an executable form only in the event that the target block of data is unmodified.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 19. The arrangement of claim 18, wherein the decryption instructions comprise a plurality of blocks of executable code stored in non-executable form, each of which requires execution to decrypt the protected data, and the conversion code is operable to convert each block into an executable form.
  - 20. The arrangement of claim 19, wherein conversion of each block is achieved by a respective conversion key derived from a respective target block.
  - 21. The arrangement of claim 19, wherein at least one block is operable, upon execution, to convert another block into an executable form for subsequent execution.
  - 22. The arrangement of claim 21, wherein each block is operable, upon execution, to convert another block to an executable form for subsequent execution.
  - 23. The arrangement of claim 18, wherein the or each target block is contained within the protected data.
  - 24. The arrangement of claim 18, wherein the or each target block is contained within the decryption instructions.
  - 25. The arrangement of claim 18, wherein the or each algorithm for converting code is a CRC algorithm.
  - 26. The arrangement of claim 18, wherein the protected data contains executable code and/or a data file.
  - 27. The arrangement of claim 18, comprising processing means operable to execute code, and memory means storing the protected data, decryption instructions and conversion code with a start point at a memory location indicated within the arrangement as the start point for the protected data, whereby the processor means will cause the executable conversion code to be executed when seeking to access the protected data.
  - 28. A data carrier containing software which, when installed on a computer system, is operable as a digital data protection arrangement in accordance with claim 18.

29. A digital data arrangement comprising executable code executable to create protected data, wherein the protected data contains at least one executable instruction which contains a plurality of steps, the steps being executable in more than one order to implement the instruction, and the executable code being operable to create the protected data by creating the steps in an order which changes on each execution of the executable code.
- View Dependent Claims (30, 31, 32, 33)
- - 30. A data carrier containing software which, when installed on a computer system, is operable as a digital data protection arrangement in accordance with claim 29.
  - 31. The arrangement of claim 29, wherein the order of the steps is chosen substantially at random on each execution.
  - 32. The arrangement of claim 29, wherein the steps include at least one step which initiates operation of security means operable to detect corruption of the protected data.
  - 33. The arrangement of claim 29, wherein the executable code is executable to create the steps on each occasion that the executable instruction is to be executed.

34. A digital data arrangement comprising executable code executable to create a first part of protected code and to execute the first part of protected code, and to subsequently create a second part of protected code and to execute the second part of protected code, wherein the first part of protected code is corrupted upon creation of the second part of protected code.
- View Dependent Claims (35, 36, 37)
- - 35. The arrangement of claim 34, wherein each part corresponds to a complete executable routine within the protected code.
  - 36. The arrangement of claim 34, wherein the executable code is executable to create corrupt data in addition to each part of protected code.
  - 37. A data carrier containing software which, when installed on a computer system, is operable as a digital data protection arrangement in accordance with claim 34.

38. A digital data arrangement comprising protected code, security code and relocation code, wherein:
- the protected code comprises at least one call instruction to the security code;
  
  the security code, when executed, detects corruption of the protected code and executes the relocation code in the event that no corruption is detected; and
  
  the relocation code, when executed, changes the location of the security code and modifies the call instruction to refer to the new location.
- View Dependent Claims (39, 40)
- - 39. The arrangement of claim 38, wherein:
    - the protected code comprises a plurality of call instructions to the security code;
      
      the security code, when called by a call instruction, detects corruption of the protected code and, in the event that no corruption is detected, replaces the call instruction with executable code and executes the relocation code; and
      
      the relocation code, when executed, changes the location of the security code and modifies the remaining call instructions to refer to the new location.
  - 40. A data carrier containing software which, when installed on a computer system, is operable as a digital data protection arrangement in accordance with claim 38.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Simplex Patents Corporation
Original Assignee
Simplex Major
Inventors
Safa, John Aram
Primary Examiner(s)
JUNG, DAVID YIUK

Application Number

US09/905,571
Publication Number

US 20020038428A1
Time in Patent Office

2,006 Days
Field of Search

713/200, 713190-193, 726/3, 726/21, 726/27, 726/6
US Class Current

726/6
CPC Class Codes

G06F 21/125 by manipulating the program...

Digital data protection arrangement

First Claim

4 Assignments

Litigations

0 Petitions

Accused Products

Abstract

25 Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Digital data protection arrangement

First Claim

4 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links