Digital data protection arrangement
DCFirst Claim
1. Computer software operable to provide protection for a second item of computer software, the protection software comprising security means operable to authorise execution of the protected software in response to successful completion of one or more security checks, and having at least one block of executable code which is stored in non-executable form and which requires execution to authorise execution of the protected software, and the protection software further comprising conversion means operable to convert the said block of code to an executable form by means of an algorithm which requires at least one conversion key, the conversion means being further operable to derive a conversion key, for use in the algorithm, by reference to a target block of code in executable or non-executable form, whereby an appropriate conversion key will be derived only if the target block is unmodified.
4 Assignments
Litigations
0 Petitions
Accused Products
Abstract
When software is initially loaded to RAM 20, an engine 30A is installed at the beginning of an otherwise empty area of RAM 20. When the protected application is called, the engine first creates a series of steps (FIG. 3D), including a CALL command to a protection block 38. On reaching the call 36, the protection block 38 is executed, to complete various security checks. If these are successful, step 2 is created and written over the call 36 so that execution of steps 2 and 3 can continue as normal. Consequently, the protected software (steps 1, 2 and 3) is not exposed to scrutiny unless the security checks have successfully been completed.
25 Citations
40 Claims
- 1. Computer software operable to provide protection for a second item of computer software, the protection software comprising security means operable to authorise execution of the protected software in response to successful completion of one or more security checks, and having at least one block of executable code which is stored in non-executable form and which requires execution to authorise execution of the protected software, and the protection software further comprising conversion means operable to convert the said block of code to an executable form by means of an algorithm which requires at least one conversion key, the conversion means being further operable to derive a conversion key, for use in the algorithm, by reference to a target block of code in executable or non-executable form, whereby an appropriate conversion key will be derived only if the target block is unmodified.
- 4. A digital data arrangement comprising protected code and security code, wherein the protected code comprises incomplete executable code, the executable code including one or more call instructions to the security code, and the security code, when executed, replaces a respective call instruction with executable code such that the executable code of the protected code is completed upon execution of all call instructions.
-
18. A digital data arrangement comprising:
-
protected data provided in encrypted form; decryption instructions for decrypting the protected data, the decryption instructions being provided in a non-executable form; and executable conversion code operable to;
derive a conversion key from a target block of data of the arrangement;
convert the decryption instructions into an executable form by means of an algorithm that employs the conversion key; and
execute the decryption instructions to decrypt the protected data, wherein the decryption instructions are converted into an executable form only in the event that the target block of data is unmodified. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
-
- 29. A digital data arrangement comprising executable code executable to create protected data, wherein the protected data contains at least one executable instruction which contains a plurality of steps, the steps being executable in more than one order to implement the instruction, and the executable code being operable to create the protected data by creating the steps in an order which changes on each execution of the executable code.
- 34. A digital data arrangement comprising executable code executable to create a first part of protected code and to execute the first part of protected code, and to subsequently create a second part of protected code and to execute the second part of protected code, wherein the first part of protected code is corrupted upon creation of the second part of protected code.
-
38. A digital data arrangement comprising protected code, security code and relocation code, wherein:
-
the protected code comprises at least one call instruction to the security code; the security code, when executed, detects corruption of the protected code and executes the relocation code in the event that no corruption is detected; and the relocation code, when executed, changes the location of the security code and modifies the call instruction to refer to the new location. - View Dependent Claims (39, 40)
-
Specification