Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software

US 5,935,246 A
Filed: 04/11/1997
Issued: 08/10/1999
Est. Priority Date: 04/26/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A computer system comprising a copy protection mechanism for protecting software against unauthorized execution, the copy protection mechanism comprising challenge means associated with a protected item of software, and response means in which a customer'"'"'s private keying material is securely stored, wherein:

(a) the challenge means has no access to the customer'"'"'s private keying material, and comprises means for generating a challenge and sending said challenge to the reponse means;

(b) the response means comprises means for signing said challenge using the customer'"'"'s private keying material and then returning the signed challenge to the challenge means, and(c) the challenge means comprises means for verifying said signed challenge, using the customer'"'"'s public keying material, and for preventing some or all of said item of software from being executed unless said verification is successful.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A copy protection mechanism for protecting software against copying, consists of a challenge mechanism embedded in each protected item of software. The challenge mechanism has no access to the customer'"'"'s private keying material. In operation, the challenge mechanism sends a random challenge to the customer'"'"'s signature server. The signature server signs the challenge, using the customer'"'"'s private keying material and then returns the signed challenge to the challenge mechanism. The challenge mechanism then verifies the signed challenge, using the customer'"'"'s public keying material, and prohibits the customer from using some or all of the protected item of software unless the verification is successful. The mechanism permits every customer to receive an identical copy of the copy protected program with the embedded challenge mechanism.

98 Citations

View as Search Results

25 Claims

1. A computer system comprising a copy protection mechanism for protecting software against unauthorized execution, the copy protection mechanism comprising challenge means associated with a protected item of software, and response means in which a customer'"'"'s private keying material is securely stored, wherein:
- (a) the challenge means has no access to the customer'"'"'s private keying material, and comprises means for generating a challenge and sending said challenge to the reponse means;
  
  (b) the response means comprises means for signing said challenge using the customer'"'"'s private keying material and then returning the signed challenge to the challenge means, and(c) the challenge means comprises means for verifying said signed challenge, using the customer'"'"'s public keying material, and for preventing some or all of said item of software from being executed unless said verification is successful.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A computer system according to claim 1 wherein said challenge means comprises means for issuing a random challenge.
  - 3. A computer system according to claim 2 wherein said means for issuing a random challenge includes means for generating a random challenge by repeatedly timing responses to disk accesses.
  - 4. A computer system according to claim 3 wherein said means for generating a random challenge includes means for forking new threads in such a manner as to introduce an additional degree of randomness into said random challenges by exploiting unpredictabilities in the operating system'"'"'s scheduler.
  - 5. A computer system according to claim 3 wherein said means for generating a random challenge includes means for performing a statistical test to determine the number of random bits obtained by each of said disk accesses, and means for causing said disk accesses to be repeated until a predetermined number of random bits has been obtained.
  - 6. A computer system according to claim 1 wherein said challenge means is embedded in said protected item of software.
  - 7. A computer system according to claim 1 wherein the system includes a keyfile for holding the customer'"'"'s public keying material.
  - 8. A computer system according to claim 7 wherein the customer'"'"'s public keying material held in said keyfile is digitally signed, whereby it is computationally infeasible to alter any portion of the keyfile, including the public keying material, without altering the challenge means.
  - 9. A computer system according to claim 8 wherein said keyfile includes information identifying the customer to which the protected item of software has been supplied, to assist in identifying the source of pirate copies of the protected item of software.
  - 10. A computer system according to claim 8 wherein the keyfile includes decoy bits for disguising the customer'"'"'s public keying material held therein.
  - 11. A computer system according to claim 8 wherein the keyfile includes information concerning selective activation of services of the copy protected program.
  - 12. A computer system according to claim 1, including a plurality of protected items of software, each having its own challenge means, and a single response means, shared between all of said protected items.
  - 13. A method of distributing software to a plurality of customers wherein each customer has a computer system according to claim 1, and wherein every customer receives an identical copy of said copy protected program and of said challenge means.

14. A computer system comprising:
- (a) means for inputting a program to be copy-protected, and for embedding a challenge means in that program; and
  
  (b) means for inputting a plurality of units of public keying material from a plurality of customers, and for generating, for each of said customers, a keyfile containing that customer'"'"'s public keying material;
  
  (c) wherein said challenge means comprises means for verifying signed information, using a customer'"'"'s public keying material held in the relevant keyfile, but without access to the customer'"'"'s private keying material, and for preventing some or all of said item of software from being executed unless said verification is successful.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
- - 15. A computer system according to claim 14 wherein said challenge means further comprises means for issuing a random challenge.
  - 16. A computer system according to claim 15 wherein said means for issuing a random challenge comprises means for generating a random challenge by repeatedly timing responses to disk accesses.
  - 17. A computer system according to claim 16 wherein said means for generating a random challenge includes means for forking new threads in such a manner as to introduce an additional degree of randomness into said random challenges by exploiting unpredictabilities in the operating system'"'"'s scheduler.
  - 18. A computer system according to claim 16 wherein said means for generating a random challenge includes means for performing a statistical test to determine the number of random bits obtained by each of said disk accesses, and means for causing said disk accesses to be repeated until a predetermined number of random bits has been obtained.
  - 19. A system according to claim 14 wherein the customer'"'"'s public keying material held in said keyfile is digitally signed, whereby it is computationally infeasible to alter any portion of the keyfile, including the public keying material, without altering the challenge means.
  - 20. A computer system according to claim 19 wherein said keyfile includes information identifying the customer to which the protected item of software has been supplied, to assist in identifying the source of pirate copies of the protected item of software.
  - 21. A system according to claim 19 wherein the keyfile includes decoy bits for disguising the customer'"'"'s public keying material held therein.
  - 22. A computer system according to claim 19 wherein the keyfile includes information concerning selective activation of services of the copy protected program.

23. A computer system including a random number generator for generating random numbers by timing responses to disk accesses, wherein said random number generator is embedded in a program and runs in that program'"'"'s address space.
- View Dependent Claims (24, 25)
- - 24. A computer system according to claim 23 wherein random number generator includes means for forking new threads in such a manner as to introduce an additional degree of randomness into said random numbers by exploiting unpredictabilities in the operating system'"'"'s scheduler.
  - 25. A computer system according to claim 23, including means for performing a statistical test to determine the number of random bits obtained by each of said disk accesses, and means for causing said disk accesses to be repeated until a predetermined number of random bits has been obtained.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Computers Limited (Fujitsu Limited)
Original Assignee
International Computers Limited (Fujitsu Limited)
Inventors
Benson, Glenn Stuart
Primary Examiner(s)
Kizou, Hassan
Assistant Examiner(s)
Mai, Rijue

Application Number

US08/838,620
Time in Patent Office

851 Days
Field of Search

395/186, 395/387, 395/860, 395/187.01, 380/25, 380/4, 380/21, 380/23, 380/30, 713/200
US Class Current

726/28
CPC Class Codes

G06F 21/1011   to devices

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2211/008   Public Key, Asymmetric Key,...

G06F 2221/2103   Challenge-response

Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

98 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

98 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others