Summary of the invention
The object of the present invention is to provide a kind of based on the anti-piracy method of creditable calculation modules chip realization computer software; defective at existing software anti-theft platemaking technology; technical method of the present invention can fundamentally solve the software commodity can't realize preventing pirate problem fully; its core technology that adopts is to utilize the safety protection function and the cryptographic technique principle of creditable calculation modules (TPM) chip of installing on the computer motherboard, provides a kind of high security simultaneously cheap anti-piracy technique.
Technical scheme of the present invention is as follows:
A kind of based on creditable calculation modules chip realization software anti-theft version method, may further comprise the steps:
A., creditable calculation modules chip and support programs thereof are installed on the software users computing machine in advance, and are finished chip initiation;
B. the software copyright owner will choose one section or several sections critical datas and hide from the protected software product, and the software product that will not comprise hiding data passes to the legal user who obtains this software, provide a software registration tool software to the user simultaneously;
C. the user needed register at software copyright owner place before normal this software of use;
D. the user calls creditable calculation modules chip in the local computer by described software registration tool software to produce the login key of portable not right, and login key PKI and log-on message are issued the software copyright owner;
E. after the software copyright owner confirms user validation, use user's login key PKI that hiding data is encrypted and pass to the user again, the hiding data of encryption can only be deciphered use by this user;
F. the user uses at every turn and must call this machine creditable calculation modules chip before this software the hiding data of software is decrypted and can normally uses.
Described method, wherein, described hiding data by the described software copyright owner in the software that every suit is sold from core code one or more snippets picked at random, its total length is the arbitrary word joint number; Described hiding data is retained in the possessory database server of software copyright, does not comprise this hiding data in its formal software of selling.
Described method, wherein, the selection of described hiding data comprises at least and is used to judge that software is formal version or trial edition, and judges whether that the core logic that surpasses the term of validity on probation judges code, to prevent illegally cracking software.
Described method, wherein, described method also is included in will distribute one group of unique and numbering of having nothing in common with each other as its software identification when software dispatches from the factory, its length determines at random that by the software copyright owner this software identification and its hiding data corresponding stored are in described database server.
Described method, wherein, described method comprises that also every cover software is set is combined into cover software commodity with a software registration instrument, its corresponding software identification; And described software registration instrument can be downloaded from the website, and the validated user that is used for software is registered at software copyright owner place by the internet after obtaining software product.
Described method, wherein, the registration step of described software registration instrument comprises:
C1, software registration instrument will call and be installed in creditable calculation modules chip on the subscriber computer to produce RSA Algorithm or other asymmetric arithmetic keys of a pair of not portable at random right as user's login key;
C2, wherein the private key of this login key part is by creditable calculation modules chip " encapsulation ", that is: TPM father's key of using this key partly carries out RSA Algorithm to the private key of this key or other asymmetric arithmetics are encrypted, wherein said father's key need be specified when this key produces, only the private key ciphertext is derived and is stored on the subscriber computer hard disk then, and this encapsulation private key can only import the creditable calculation modules decryption chip of this machine and use at the TPM chip internal, and its PKI part mails to the software copyright owner by the software registration instrument together in company with user's log-on datas such as software identification;
After c3, the software copyright owner receive user's log-on data, user's registration information is registered and confirmed, mistake is returned in the refusal registration if information is undesirable; Information Authentication indexes the hiding data of this cover software according to software identification by the back, and the login key PKI that uses this user with these data " binding " on the computing machine of software users, that is: the software copyright owner uses user's login key PKI that hiding data execution RSA Algorithm or other asymmetric arithmetics are encrypted the hiding data ciphertext that obtains, this ciphertext is merely able to remove " binding " by the creditable calculation modules chip solution on the subscriber computer, promptly uses the private key of login key with decrypt ciphertext at the creditable calculation modules chip internal.
Described method, wherein, described registration step also comprises:
C4, by the software identification that the user submits to, it is formal version user or trial edition user that the software copyright owner distinguishes the user; If software trial edition user, then obtain software term of validity numerical value on probation, again software term of validity numerical value on probation is connected with software identification, and use user's login key PKI that this data execution " binding " operation is obtained term of validity ciphertext on probation, described hiding data ciphertext and term of validity ciphertext on probation are returned to subscriber computer as authorization data;
After c5, subscriber computer are received the authorization data that the software copyright owner beams back, the software registration instrument imports the creditable calculation modules chip with the term of validity ciphertext on probation in private key for user and the authorization data, and releasing " binding " function of calling creditable calculation modules will be tried out the reduction of term of validity decrypt ciphertext and be obtained software and try out term of validity numerical value;
If c6 software is formal software, then hiding data ciphertext and term of validity ciphertext on probation are kept on this machine hard disk, finish registration process; Otherwise calling function of creditable calculation modules creates the creditable calculation modules monotone counter of appointment and obtains the counter currency as the counter initial value, or the obtain computer system clock currency initial value of software enabling time and last service time on probation, creditable calculation modules monotone counter initial value or software enabling time were connected with software identification with last service time, and use user's login key PKI execution creditable calculation modules " binding " operation to obtain counter initial value ciphertext, by the software registration instrument with the hiding data ciphertext, term of validity ciphertext sum counter initial value ciphertext on probation is kept on this machine hard disk, finishes registration process.
Described method, wherein, described step f also comprises:
F1, during user's each run software, by the leader of software program packed user is registered private key and import the creditable calculation modules chip, when running into when needing code data that reduction hides, the unbind function of calling creditable calculation modules is reduced to clear data with the hiding data ciphertext, and be discharged in the internal memory and move by the routine data of encrypted transmission session with reduction, program is normally moved the code data of back this pre reduction of auto-destruct, can repeat above-mentioned reduction of data process when running into hiding data more later on, this process will run through software whole service life cycle;
Can will try out term of validity ciphertext after f2, described software program start and import the creditable calculation modules chip, and the unbind function of calling creditable calculation modules will try out term of validity ciphertext and be reduced to software term of validity numerical value on probation, judge that according to software term of validity numerical value on probation software is formal version or trial edition;
F3 is if formal version software, then normally operation; If trial edition software, by software counter initial value ciphertext is imported the creditable calculation modules chip, and the creditable calculation modules chip of the unbind function of calling creditable calculation modules when counter initial value ciphertext is reduced to registed authorization specified the initial value of monotone counter, call function of creditable calculation modules again and obtain the currency of specifying monotone counter, by relatively counter initial value and currency can judge whether software is expired; Or according to current computer system clock value be kept at enabling time and last service time in the term of validity ciphertext on probation, judge the deceptive practices that software is whether expired and whether have the malicious modification system clock.
F4, then continue operation,, then also need to send monotone counter and add 1 instruction, upgrade the monotone counter currency to the creditable calculation modules chip if this moment, software adopted is the number of times restriction strategy on probation that monotone counter is realized as software is not out of date; Stop operation immediately as the expired then software of software, and auto-destruct is stored in the hiding data in the subscriber computer.
Provided by the present invention a kind of based on the anti-piracy method of creditable calculation modules chip realization computer software, owing to utilized the security features such as data encapsulation, platform binding and encrypted transmission session of the TPM chip that is welded on the computer motherboard, guarantee the legal use on the subscriber computer of appointment of shielded program, the software of bootlegging can't move on any personal computer beyond the subscriber computer; And because crucial logical code is " hiding data " in the protected software, stowed position is fixing, and " hiding data " can only reduction when concrete use the in the subscriber computer internal memory, also will check software integrity before the reduction of data; Software also can be implemented internal storage code dynamic protection mechanism such as special " mixing out of order ", " scrambling " and multilayer nest in addition, can't succeed so any decompiling of software implementation or tracking, deception etc. are cracked means; The inventive method makes the user to register at the software vendor place before using software, otherwise can't use, the therefore behavior that any use same software sign is registered, and this information can be known very accurately in software vendor, and takes corresponding measure or countermeasure.Use the technology of the present invention and can guarantee user's legal use software on designated computer, thereby prevent that effectively computer software is by piracy, by bootlegging with by the illegal activities of unauthorized installation.Because the TPM safety chip that this software anti-theft platemaking technology uses has embedded user personal computer and has been sold to the user; therefore the user is when use is subjected to the software of the technology of the present invention protection; need not supplementary payments TPM chip expense again, help the popularization of this invention technology.
Embodiment:
Below in conjunction with accompanying drawing in detail, each embodiment of software anti-pirate method of the present invention will be described.
Provided by the present invention a kind of based on creditable calculation modules chip realization software anti-theft version method, be to utilize cryptographic technique and creditable calculation modules chip (hereinafter to be referred as the TPM chip) function to realize, it comprises that following basic step: a. installs the creditable calculation modules chip in advance and finishes chip initiation on the software users computing machine; B. after the software copyright owner will choose critical data in the software product that is subjected to this method protection and intercept, form hiding data, to not comprise the software product sale of hiding data or pass to the legal user who obtains this software, a cover software registration tool software is provided simultaneously; C. the user need register at software copyright owner place before normal this software of use; D. the user is right by the login key that software registration tool software invoke user computing machine TPM chip produces portable not, and login key PKI and other log-on message are issued the software copyright owner; E. the software copyright owner passes to the user after using user's login key that the hiding data of software is encrypted again, and ciphered data can only be used by this software users deciphering; Can normally use after all needing to utilize subscriber computer TPM chip that the hiding data of software is decrypted when f. the user uses this software at every turn.Use the technology of the present invention and can guarantee user's legal use software on designated computer, and can prevent effectively that computer software is by piracy with by illegal activities such as bootlegging, unauthorized installations.
Concrete grammar step of the present invention is as follows:
The software copyright owner chooses in its software kernels code one or more snippets information as hiding data for certain software commodity of its issue, the code data section total quantity m that is hidden (decide according to the software product data of selling m 〉=1) fixes, but be sold to for every suit in final user's the software, from the m section, choose n section (1≤n≤at random m) as the unique hiding data of this cover software by the permutation and combination principle.And calculate the completeness check code that this cover software does not comprise the hiding data part.This hiding data and completeness check code will be retained in the possessory database server of software copyright, will not comprise hiding data and check code in formal every cover software of selling.
The selection of hiding data should comprise at least and be used for the software integrity inspection, judges that software is formal version or trial edition; and judge whether to surpass responsive programmed logic code such as the term of validity on probation, and the software copyright owner thinks and is necessary other core code of protecting.The software copyright owner will distribute one group of unique and numbering of having nothing in common with each other as software identification when every cover software dispatches from the factory, and its length L determined voluntarily by the software business man, and the hiding data of software identification and software is corresponding one by one and be stored in this database server.
An every cover software and a cover software registration instrument, software identification etc. are combined into cover software commodity, can sell to software users, software registration tool software wherein also can be downloaded up-to-date upgraded version from software business man's open website, and the validated user that is used for software is registered at the software business man place by the internet after obtaining software product.
The inventive method in the software normal mounting after on the subscriber computer, the user must utilize described software registration instrument to carry out the registration operating process before using software, at this moment, the software registration instrument will call the TPM chip that is installed on the subscriber computer produce at random the RSA Algorithm of a pair of not portable or other asymmetric arithmetic keys as login key to RegKeyPair, wherein private key part PriKey by TPM chip " encapsulation " (Wrap), that is: after PriKey is encrypted by his father's key SK or SRK, only private key ciphertext PriKey ' is stored on the subscriber computer hard disk, and can only imports the TPM decryption chip of subscriber computer and use at chip internal; Note, the inventive method is utilized the technical characterstic of TPM chip, and all carry out at the TPM chip internal the encryption and decryption operation of user's login key, therefore, the bootlegger can't be by common technological means as reading keyboard, and rdma read or hard disk information search etc. is known key plain and algorithmic procedure.The PKI part PubKey of login key (public key data will with covert special format series arrangement) will be in company with software identification, user's registration information as comprising: the organization of user's name, service etc., subscriber computer platform information are as comprising: TPM chip id, CPU ID, BIOS ID and computer type, mainboard model etc. mail to the software copyright owner by the software registration instrument together.
After the software copyright owner receives user's log-on data, at first user's registration information is registered and confirm, error message is returned in the refusal registration if information is undesirable; Information Authentication indexes the hiding data M0 of this cover software according to software identification by the back, and obtain the completeness check code M1 that this cover software does not comprise hiding data part, hiding data M0 is connected with software check code M1, and use user's login key PKI part PubKey execution data " binding " (Bind) to operate, with software hiding data and check code " binding " on the computing machine of software users, that is: use user's login key PKI to carry out RSA Algorithm or other asymmetric arithmetics are encrypted the data ciphertext m1 that obtains, m1 is merely able to remove " binding " by the TPM chip solution on the subscriber computer, promptly at the TPM of subscriber computer chip internal ciphertext m1 deciphering is reduced to M0 and M1.
By the software identification that the user submits to, it is formal version user or trial edition user that the software copyright owner can distinguish the user.If software trial edition user then obtains software term of validity numerical value M2 on probation: formal version software M2=0 or other certain negative numerical value, trial edition software can be set the numerical value of M2 greater than zero; Again software term of validity numerical value M2 on probation is connected with software identification SN, and uses the PKI part of user's login key that these data execution " binding " are obtained term of validity ciphertext m2 on probation, above-mentioned m1 and m2 are returned to subscriber computer as authorization data.
The software term of validity on probation can be from software beginning back M2 fate or hourage to be installed on subscriber computer for the first time, promptly adopts time restriction; Can be meant that also the back starts software and M2 number of use from installing, and promptly uses the number of times restriction.The policy selection of the software term of validity on probation is by software copyright owner decision, and every type software commodity can only be specified and be used a kind of in above-mentioned two kinds of strategies.The software trial edition will cease to be in force automatically after arriving the valid period of using.
After subscriber computer is received the authorization data that the software copyright owner beams back, the software registration instrument imports the TPM chip with the term of validity ciphertext m2 on probation in private key for user PriKey ' and the authorization data automatically, and the decipher function that calls TPM is reduced to term of validity numerical value M2 on probation with ciphertext m2 and obtains the software term of validity, if M2≤0 explanation is formal version software, then hiding data and software check code ciphertext m1 and term of validity ciphertext m2 on probation are kept on the subscriber computer hard disk, finish registration process; Otherwise illustrate it is trial edition software, registration software calls the TPM function automatically and creates the TPM monotone counter of appointment and obtain counter initial value C0 (number of times restriction strategy), or obtain computer system clock currency T0 (is unit with the millisecond), phase initial value and last T1 service time (time restriction strategy) on probation, again C0 or T0 are connected with T1 and software identification SN and use client public key PubKey to carry out " binding " and obtain counter initial value ciphertext m3, at last by the software registration instrument with hiding data and software check code ciphertext m1, term of validity ciphertext m2 sum counter initial value ciphertext m3 on probation is kept on the subscriber computer hard disk, finishes whole registration process.
After built-in monotone counter is created by the user in the TPM chip of the inventive method, can only be triggered and monotone increasing by user instruction, the amplitude that increases progressively is for add 1 at every turn.Monotone counter and currency thereof all are kept in the physical protection zone of TPM chip, and the external world can't survey also can not hold and change and disturb counter works.
During user's each run software, at first will be imported the TPM chip by the private key for user ciphertext PriKey ' of " encapsulation " and the ciphertext m1 that includes software hiding data and check code automatically by the leader of software program, and releasing " binding " function of calling TPM obtains software check code M1 with data ciphertext m1 reduction, in internal memory, the software that does not comprise hiding data is carried out the check code checking subsequently, confirm its integrality, checking by after give software kernels with control, the checking not by then stopping running software.Run in the running software when needing to recover hidden code data, releasing " binding " function of calling TPM again obtains certain section hiding data M0s (s represents a certain section of hiding data) with the m1 reduction.At this moment, because the original kernel program section that lacks of running software is added in the internal memory on the relevant position, thereby make this software possess the condition of normal operation, operation M0s data meeting later auto-destruct can repeat above-mentioned reduction hiding data process (this process runs through the whole operation life cycle of software) when calling once more.
Simultaneously, can will try out term of validity ciphertext m2 behind the software kernels program start immediately automatically and import the TPM chip, this moment, the private key ciphertext PriKey ' of user's login key imported the TPM chip, and releasing " binding " function of calling TPM will be tried out term of validity ciphertext m2 and will be reduced to term of validity numerical value M2 on probation, obtain the effective time value of software, whether judge that smaller or equal to 0 software is formal version or trial edition according to M2.If formal version software, then software normally moves.
If trial edition software, automatically counter initial value ciphertext m3 is imported the TPM chip by software, this moment, user's login key private key ciphertext PriKey ' imported the TPM chip, and TPM monotone counter initial value C0 or T0 and the T1 of releasing " binding " function of calling TPM when counter initial value ciphertext m3 is reduced to the soft ware authorization registration, call the TPM function again and obtain appointment TPM monotone counter currency C1, computing formula E=M2-[(C1-C0)+1] ([] expression rounding operation), or obtain computer system clock currency T2 (is unit with the millisecond), computing formula E=M2-[(T2-T0)/1000/3600/24], whether judge result of calculation E≤0, if≤0 the explanation software expired, software will be stopped execution; Judge that else if T2<T1 then illustrates the behavior that has the malicious modification system clock and illegally use trial edition software, then software can be carried out the self-destruction program, and the user can not continue operating software again.If T2>T1 then software normally move, when software fair termination, can obtain computer system clock currency T2 ' once more, and use T2 ' to replace the T1 value to upgrade last service time, regenerate encrypt data m3 then.If software adopts number of times restriction strategy on probation, then software also will add 1 instruction from trend TPM chip transmitting counter, so that upgrade the currency C1 of monotone counter.
Data transmission will take place in the process of calling TPM in the inventive method, and this class process all uses the encrypted transmission interactive function of TPM to realize the data interaction and the transmission of TPM and application software.Even being reduced in TPM inside expressly, encrypt data need return to upper layer software (applications) by physics or logic communication line; the process of its whole data transmission also all is subjected to the protection of TPM encrypted transmission conversation mechanism, and the data in the transmission all can't be intercepted and captured or decode to any monitoring for communication line, the means of spying upon.
On the whole, a kind of software anti-theft version method that the present invention realized is to provide database server, software commodity initialize routine by the software copyright owner; The software users end provides personal computer and creditable calculation modules (TPM) chip; By software registration instrument and protected software product, call the defencive function that the TPM chip provides, and protected software product carried out following control:
As shown in Figure 1, need carry out initialization operation at the software vendor place before the software commercial articles vending.The software commodity of at first formally being sold for every cover by software commodity initialize routine are numbered, produce software identification, be numbered the numeral of length L position 0~9, in this type of software product, choose m section in its core code (decide according to the software product data of selling m 〉=1) data then as candidate data (can before initialization procedure or at software design stage, finish), by the permutation and combination principle from candidate data picked at random n section (1≤n≤m) is as " hiding data " of this cover software, every segment data length is designated as DL with byte number, be software identification with the software goods number again, in the database server that " hiding data " information stores is held to software vendor, at last the DL byte core data of this cover position, software product Central Plains " hiding data " is deleted, n aforesaid operations carried out in circulation, calculates the program part completeness check code that this cover software does not comprise " hiding data " then.Should overlap software " hiding data " and completeness check code is stored in software vendor's database.And the software that will handle is burnt on CD or the DVD CD.So promptly finish software product initialization and manufacturing process.Because above-mentioned production run adopts the data of randomly drawing in the kernel program and the method for hiding, and at different software identification different hiding datas is arranged, so the bootlegger carries out pirate copies to the software product that does not comprise hiding data and has just lost meaning.
Shown in Fig. 2 a, the user obtains must carry out the software registration Authorized operation behind the software commodity by legal means.The user uses software registration instrument (also can download from the software vendor website) subsidiary on the optical disk of software, at first 2048 modulus RSA Algorithm of not portable of the TPM chip functions of invoke user computing machine generation user or other asymmetric arithmetic keys are to RegKeyPair, as user's login key, wherein private key PriKey is stored on the hard disc of computer for private key ciphertext PriKey ' by TPM encryption " encapsulation ", and PKI PubKey and software identification and user's registration information then send to software vendor.It more than is exactly software application for registration process.In said process, because user's login key produces and the cryptographic algorithm implementation is all finished in the hardware of TPM chip, the data that export to the use of TPM chip exterior all are the data of encrypting through TPM, therefore can't be in the TPM chip exterior by the plaintext of sensitive datas such as certain means acquisition key, the software cracker will seek out user's login key, the unique method that may use just only goes to attack the RSA cryptographic algorithms of 2048 moduluses, and this is hardly may be successful in the reality.
Shown in Fig. 2 b, the software copyright owner at first registers user's registration information and confirms after receiving the application for registration data of software users, and log-on message is undesirable will refuse to authorize and withdraw from the registration receiving procedure; After Information Authentication is passed through, from software copyright owner database server, index " hiding data " M0 of this cover software and the completeness check code M1 that this cover software does not comprise " hiding data " part according to software identification, hiding data M0 is connected with software check code M1, and the registered public keys of using software users with this data encryption " binding " on subscriber computer, obtain hiding data ciphertext m1.
The software copyright owner can learn that according to software identification the software users type is formal version or trial edition user, obtain software commodity term of validity numerical value M2 on probation (supposing formal version software M2=0) then, again M2 is connected with software identification, and the login key PKI that uses the user carries out " binding " to these data and obtains trying out term of validity ciphertext m2, and above-mentioned hiding data and software check code ciphertext m1 and term of validity ciphertext m2 on probation are returned to subscriber computer as authorization data.It more than is exactly the soft ware authorization process.
Shown in Fig. 2 c, after subscriber computer is received the authorization data m1 and m2 that the software copyright owner beams back, the software registration instrument imports the TPM chip with the term of validity ciphertext m2 on probation in user's login key private key ciphertext PriKey ' and the authorization data automatically, and releasing " binding " function of calling TPM will be tried out term of validity ciphertext m2 and is reduced to term of validity numerical value M2 on probation and obtain the software term of validity, if judging M2=0 software is formal version, then hiding data and software check code ciphertext m1 and term of validity ciphertext m2 on probation are kept on the hard disk of subscriber computer, finish registration process; Otherwise be trial edition (is that the number of times restriction comes for example with term of validity strategy), the software registration instrument calls the TPM function automatically and creates the TPM monotone counter of appointment and obtain counter initial value C0, C0 is connected with software identification SN, and use user's registered public keys PubKey execution " binding " to obtain counter initial value ciphertext m3, by the software registration instrument hiding data and software check code ciphertext m1, term of validity ciphertext m2 sum counter initial value ciphertext m3 on probation are kept on this machine hard disk at last, finish whole local registration process.Because the critical data of transmitting in the whole registration process all adopts the RSA asymmetric key algorithm to encrypt, solved the data security in the communication process, the bootlegger can't be come software implementation piracy by intercepting software registration process intercepting and capturing decoding log-on data.
As shown in Figure 3, when the user uses software at every turn, the software boot is at first automatically with user's login key private key ciphertext PriKey ' with include hiding data and the ciphertext m1 of software check code imports the TPM chip, and releasing " binding " function of calling TPM obtains software check code M1 with encrypt data m1 reduction, in internal memory, the software that does not comprise hiding data is carried out its integrality of check code demonstration validation subsequently, checking by after give software kernels with control, the checking not by then stopping running software.Run in the running software when needing to recover hidden code data, releasing " binding " function of calling TPM again obtains certain section hiding data M0s (s represents a certain section of hiding data) with the m1 reduction, and running software M0s data later can auto-destruct (this process runs through the whole operation life cycle of software).Can will try out term of validity ciphertext m2 behind the software kernels program start automatically and import the TPM chip, and releasing " binding " function of calling TPM will be tried out term of validity ciphertext m2 and will be reduced to software term of validity numerical value M2 on probation, obtain the effective time value of software, whether equal 0 (supposing that M2=0 is formal version) according to term of validity numerical value M2 on probation and judge that software is formal version or trial edition.If formal version software then continues operation, start-up course finishes.If trial edition, then software imports to the TPM chip with monotone counter initial value ciphertext m3 automatically, and releasing " binding " function of calling TPM is reduced to TPM monotone counter initial value C0 when authorizing registration with counter initial value ciphertext m3, call the TPM function again and obtain appointment TPM monotone counter currency C1, computing formula E=M2-[(C1-C0)+1], and whether judge result of calculation E≤0, if≤0 then the explanation software expired, software will be stopped execution; Otherwise software continues operation, and start-up course finishes.
The inventive method is owing to utilized the security function characteristics such as data encapsulation, binding and encrypted transmission session of TPM chip, make and can guarantee legal use on the subscriber computer of appointment by the software commodity of the inventive method protection, the software of bootlegging can't move on any personal computer beyond the subscriber computer; Secondly, because logical code crucial in the protected software is that " hiding data " and stowed position are all inequality to every suit software product, and " hiding data " can only reduce in the subscriber computer internal memory, internal storage code dynamic protection mechanism such as protected in addition software also can be implemented special " mixing out of order ", " scrambling " and multilayer nest can't be succeeded so any decompiling of software implementation or tracking etc. are cracked means; Also have, the technology of the present invention method makes that the user must be in software vendor's place's registration before using software, otherwise can't use, therefore the behavior that any use same software sign is registered, this information can be known very accurately in software vendor, and takes corresponding measure or countermeasure.
The present invention utilizes the monotone counter of TPM built-in chip type in the protection zone in addition; do not rely on the counter data that is stored in the computer standard storage medium (as: flexible plastic disc, hard disk or USB flash disk etc.), can guarantee that trial edition software can only legal operation in the software term of validity.
Because the TPM chip is a safety chip that is welded on the computer motherboard; the user obtains this chip when buying computing machine; the user buys any software commodity that are subjected to the technology of the present invention protection all need not be hardware chip supplementary payments expense again; and the security of TPM chip definitely can match in excellence or beauty even surmount the anti-piracy product of any a hardware of present use; so use the present technique invention, software business man and user can both benefited from it aspect security and the economy.
Authority's prediction according to IDC, the TPM chip will become the standard configuration product of personal computer, the personal computer that the TPM chip was installed by 2007 will account for more than 80% of market recoverable amount, and the software anti-pirate method based on TPM chip and cryptographic technique therefore of the present invention is with a wide range of applications in software industry.
Should be noted that simultaneously; above-mentioned description at specific embodiment is comparatively detailed; technical terms may be comparatively concrete; the software copyright owner one speech that is for example adopted in the foregoing description should refer to the proprietorial seller of selling of software; in a word; description to concrete technical term is only convenient for describing; for a person skilled in the art; obviously can have more to be equal to according to technical scheme of the present invention and replace design, these designs all should belong within the constructed scope of patent protection of claim of the present invention.