JP2011150560A - System and method for protecting software, software conversion method and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To safely execute software on a terminal by cooperating the terminal storing the software with a tamper resistant device. <P>SOLUTION: The terminal processes only encoded data on a program and transmits a processing result to the tamper resistant device. The tamper resistant device verifies the received processing result, and when the processing result is valid, performs decoding processing and transmits the decoded result to the terminal. Then, the software in the terminal outputs a value received from the tamper resistant device as a result. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a software protection system, a software protection method, a software conversion method, and a program for protecting software stored in a terminal by linking a terminal that stores software and a tamper resistant device.

  The software may include information that should be kept secret to the user, such as valuable algorithms and content encryption keys. On the other hand, many techniques (RE: Reverse Engineering) for analyzing software have been developed. For this reason, when software is analyzed by these techniques, there is a threat that an unauthorized person obtains confidential information. For this threat, there is a technique called obfuscation that makes it difficult to analyze software while keeping the software specifications.

  As an example of this, there is an encoding method in which a variable in a program is linearly converted by an arithmetic unit and encoded, and n variables (where n is a positive integer) to be encoded are arbitrarily selected, and m An xn matrix (where m is a positive integer satisfying m ≧ n) and an arbitrary vector of m dimensions are generated. Then, using the generated matrix and vector as conversion keys, the n variables are linearly converted and simultaneously encoded into m integers. This makes it possible to conceal the number of variables used in the original program and the reference / substitution relationship between the variables and obfuscate highly resistant programs by increasing the number of secret key candidates. (For example, refer to Patent Document 1).

  It is also conceivable to obfuscate the program by controlling the execution order with an external tamper resistant device.

JP 2006-079347 A

  However, since the former method is a method of converting a single piece of software on a terminal, all the data necessary for execution is included in the software itself, and there is a problem that it is not effective in preventing unauthorized copying. On the other hand, in the latter method, the software alone does not operate, so it can be applied to prevent unauthorized copying. However, the execution order of the processing held by the tamper resistant device is fixed data, so it can be applied to any part of the software. By adding and executing a command for outputting a specific character string, the processing order may be exposed to the attacker.

  Accordingly, the present invention has been made in view of the above-described problems, and a software protection system and a software protection method capable of safely executing software on a terminal by linking a terminal that stores software and a tamper-resistant device. An object of the present invention is to provide a software conversion method and program.

  The present invention proposes the following items in order to solve the above problems.

  (1) The present invention is a software protection system for protecting software that includes a terminal and a tamper-proof device, operates on the terminal, and returns a calculation result as a numerical value. Processing means for processing only the converted data, and processing result transmission means for transmitting the processing result to the tamper resistant apparatus, and the tamper resistant apparatus verifies the received processing result, A decoding processing means for performing a decoding process when the processing result is valid, and a decoding process result transmitting means for transmitting the result of the decoding process to the terminal, wherein the software in the terminal includes A software protection system is proposed that outputs the value received from the tamper resistant device as a result.

  According to the present invention, the processing means of the terminal processes only the encoded data on the software. The processing result transmission means of the terminal transmits the processing result to the tamper resistant device. The verification means of the tamper resistant device verifies the received processing result. The decryption processing means of the tamper resistant apparatus performs decryption processing when the processing result is valid. The decoding process result transmission means of the tamper resistant apparatus transmits the result of the decoding process to the terminal. Then, the software in the terminal outputs the value received from the tamper resistant device as a result. Therefore, since the software on the terminal processes only the encoded data, the safety is improved. In addition, since the data exchanged between the software and the tamper-resistant device differs depending on the input, the data is resistant to an attack that eavesdrops on communication contents by operating the software. Furthermore, since the software alone does not operate, it is effective in preventing unauthorized copying of software.

  (2) In the software protection system according to (1), the verification means of the tamper resistant apparatus verifies whether or not the variable for storing the encoded data satisfies a predetermined relational expression. We propose a software protection system characterized by

  According to this invention, the verification means of the tamper resistant apparatus verifies whether or not the variable for storing the encoded data satisfies the predetermined relational expression. In general, a tamper resistant device needs to verify whether the input is valid or not. However, assuming that all data existing in the software on the terminal can be analyzed, the tamper resistant device is not connected between the software and the tamper resistant device. Thus, it is impossible to securely share the authentication key, but according to the present invention, it is possible to accurately verify the validity of the data input to the tamper resistant device.

  (3) The present invention is a software protection system for protecting software that includes a terminal and a tamper-proof device, operates on the terminal, and returns a calculation result as a numerical value. The terminal converts the software. Conversion means, and conversion software transmission means for transmitting the converted software, wherein the tamper resistant apparatus acquires all the encoded variables from the received software, and all the acquired encoded variables Depending on whether or not the non-trivial relational expression is satisfied, a verification means for verifying the correctness, a decoding means for decoding the value of the variable if it is valid, and the decoded value to the software in the terminal The present invention proposes a software protection system including a return means for returning.

  According to this invention, the conversion means of the terminal converts software. The converted software transmission means of the terminal transmits the converted software. The acquisition means of the tamper resistant device acquires all the encoding variables from the received software. The tamper resistant device verification means verifies the validity of all the obtained encoded variables depending on whether or not the non-trivial relational expression is satisfied. The decoding means of the tamper resistant device decodes the value of the variable when it is valid. The return means of the tamper resistant device returns the decrypted value to the software in the terminal. Therefore, by converting the software, the terminal storing the software and the tamper resistant apparatus can be linked to execute the software on the terminal safely.

  (4) According to the present invention, in the software protection system of (3), the converting unit selects a variable to be encoded, and determines m encoded variables from the selected encoded variable. An encoding variable determining means that performs encoding, a rule determining means that determines an encoding rule and a decoding rule, a replacement means that replaces the encoding variable in the software with another encoding variable, and the converted software so that it can be executed correctly The present invention proposes a software protection system including a correcting means for correcting.

  According to this invention, the selection means selects a variable to be encoded, and the encoding variable determination means determines m encoding variables from the selected encoding variable. Then, the rule determining unit determines the encoding rule and the decoding rule, and the replacing unit replaces the encoding variable in the software with another encoding variable, and the correction unit corrects the converted software so that it can be executed correctly. To do. Therefore, by converting the software, the terminal storing the software and the tamper resistant apparatus can be linked to execute the software on the terminal safely.

  (5) According to the present invention, in the software protection system of (4), the replacement unit replaces the first replacement unit that replaces the target variable to which the substitution is performed, and the target variable to which the reference is performed. And a software protection system characterized by comprising a second replacement means.

  According to this invention, the first replacement unit replaces the target variable for which substitution is performed, and the second replacement unit replaces the target variable for which reference is performed. Thereby, obfuscation can be performed effectively.

  (6) In the software protection system according to (4), the correction unit includes an adding unit that adds a definition of a primary variable for saving an encoding variable and values of these variables, and the first A conversion unit that converts the substitution instruction replaced by the replacement unit into an instruction sequence that can be executed, and an encoded variable value is sent to the tamper resistant device immediately before the instruction that outputs the execution result, and the decoded variable value is obtained And a software protection system characterized by comprising a command adding means for adding a command to be executed.

  According to this invention, the adding means adds the definitions of the primary variables for saving the encoded variables and the values of these variables, and the converting means is an instruction that can execute the assignment instruction replaced by the first replacing means. Convert to column. The instruction adding means sends the value of the encoded variable to the tamper resistant apparatus immediately before the instruction that outputs the execution result, and adds an instruction for acquiring the value of the decoded variable. Therefore, by this processing, it is possible to obtain executable software while obfuscating.

  (7) The present invention proposes a software protection system according to (1) to (6), wherein the tamper resistant device is a CPU.

  According to the present invention, the tamper resistant device is a CPU. Therefore, the CPU can be used as a tamper resistant device as the simplest device.

  (8) The present invention is a software protection method in a software protection system for protecting software that includes a terminal and a tamper-proof device, operates on the terminal, and returns a calculation result as a numerical value. A first step of processing only encoded data on a program; a second step of the terminal transmitting the processing result to the tamper resistant device; and a processing result received by the tamper resistant device. A third step of verifying the above, a fourth step in which the tamper resistant apparatus performs a decoding process when the processing result is valid, and a result of the decoding process performed by the tamper resistant apparatus in the A fifth step of transmitting to the terminal, and a fifth step in which the software in the terminal outputs the value received from the tamper resistant device as a result. It has proposed a software protection method that.

  According to the present invention, the terminal processes only the encoded data on the program, and the terminal transmits the processing result to the tamper resistant apparatus. The tamper resistant device verifies the received processing result, and when the processing result is valid, the tamper resistant device performs a decoding process, and the tamper resistant device transmits the result of the decoding process to the terminal. Then, the software in the terminal outputs the value received from the tamper resistant device as a result. Therefore, since the software on the terminal processes only the encoded data, the safety is improved. In addition, since the data exchanged between the software and the tamper-resistant device differs depending on the input, the data is resistant to an attack that eavesdrops on communication contents by operating the software. Furthermore, since the software alone does not operate, it is effective in preventing unauthorized copying of software.

  (9) The present invention is a software protection method in a software protection system for protecting software that includes a terminal and a tamper-proof device, operates on the terminal, and returns a calculation result as a numerical value. A first step of converting software; a second step in which the terminal transmits the converted software; and a third step in which the tamper resistant apparatus acquires all encoding variables from the received software. When the tamper resistant device is valid, a fourth step of verifying the validity of the tamper resistant device according to whether or not all the obtained encoded variables satisfy a non-trivial relational expression In addition, a fifth step of decoding the value of the variable, and a sixth step of the tamper resistant apparatus returning the decoded value to the software in the terminal, It has proposed a software protection method which is characterized in that there was example.

  According to the present invention, the terminal converts the software, and the terminal transmits the converted software. The tamper resistant device acquires all the encoded variables from the received software, verifies the validity by checking whether all the acquired encoded variables satisfy the non-trivial relational expression, and Decode the value of the variable. Then, the tamper resistant device returns the decrypted value to the software in the terminal. Therefore, by converting the software, the terminal storing the software and the tamper resistant apparatus can be linked to execute the software on the terminal safely.

  (10) The present invention is a program for causing a computer to execute a software protection method in a software protection system for protecting software that includes a terminal and a tamper-proof device and that operates on the terminal and returns a calculation result as a numerical value. A first step in which the terminal processes only the encoded data on the program; a second step in which the terminal transmits the processing result to the tamper resistant device; and the tamper resistant A third step in which the device verifies the received processing result, a fourth step in which the tamper resistant device performs a decoding process when the processing result is valid, and the tamper resistant device A fifth step of transmitting the result of the decoding process to the terminal, and the software in the terminal outputs the value received from the tamper resistant device as a result A fifth step, the proposed program to be executed by a computer.

  According to the present invention, the terminal processes only the encoded data on the program, and the terminal transmits the processing result to the tamper resistant apparatus. The tamper resistant device verifies the received processing result, and when the processing result is valid, the tamper resistant device performs a decoding process, and the tamper resistant device transmits the result of the decoding process to the terminal. Then, the software in the terminal outputs the value received from the tamper resistant device as a result. Therefore, since the software on the terminal processes only the encoded data, the safety is improved. In addition, since the data exchanged between the software and the tamper-resistant device differs depending on the input, the data is resistant to an attack that eavesdrops on communication contents by operating the software. Furthermore, since the software alone does not operate, it is effective in preventing unauthorized copying of software.

  (11) The present invention is a program for causing a computer to execute a software protection method in a software protection system for protecting software that includes a terminal and a tamper-proof device, and that operates on the terminal and returns a calculation result as a numerical value. A first step in which the terminal converts the software; a second step in which the terminal transmits the converted software; and the tamper resistant apparatus receives all encoded variables from the received software. A third step of acquiring the anti-tamper device, a fourth step of verifying the validity of the tamper-proof device according to whether or not all of the acquired encoded variables satisfy a non-trivial relational expression, A fifth step of decoding the value of the variable when the tamper device is valid, and the tamper resistant device sends the decoded value to the terminal We propose a program to execute a sixth step of returning to the software, to a computer.

  According to the present invention, the terminal converts the software, and the terminal transmits the converted software. The tamper resistant device acquires all the encoded variables from the received software, verifies the validity by checking whether all the acquired encoded variables satisfy the non-trivial relational expression, and Decode the value of the variable. Then, the tamper resistant device returns the decrypted value to the software in the terminal. Therefore, by converting the software, the terminal storing the software and the tamper resistant apparatus can be linked to execute the software on the terminal safely.

  According to the present invention, since the software on the terminal processes only encoded data, there is an effect that safety is improved. In addition, since the data exchanged between the software and the tamper-resistant device differs depending on the input, the data is resistant to an attack that eavesdrops on communication contents by operating the software. Furthermore, since the software alone does not operate, it is effective in preventing unauthorized copying of software.

It is a figure which shows the structure of the software protection system of this invention. It is a figure which shows the structure of the terminal which concerns on 1st Embodiment. It is a figure which shows the structure of the tamper resistant apparatus which concerns on 1st Embodiment. It is a processing flow of the software protection system which concerns on 1st Embodiment. It is a figure which shows the structure of the terminal which concerns on 2nd Embodiment. It is a figure which shows the structure of the tamper resistant apparatus which concerns on 2nd Embodiment. It is a figure which shows the detailed structure of the conversion part which concerns on 2nd Embodiment. It is a figure which shows the detailed structure of the replacement part which concerns on 2nd Embodiment. It is a figure which shows the detailed structure of the correction part which concerns on 2nd Embodiment. It is a processing flow of the software protection system which concerns on 2nd Embodiment. It is the figure which illustrated the source code of the original software which concerns on an Example. It is the figure which illustrated the source code of the converted software concerning an example. It is the figure which illustrated the processing content of the tamper resistant apparatus which concerns on an Example.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
Note that the constituent elements in the present embodiment can be appropriately replaced with existing constituent elements and the like, and various variations including combinations with other existing constituent elements are possible. Therefore, the description of the present embodiment does not limit the contents of the invention described in the claims.

<Configuration of software protection system>
As shown in FIG. 1, the software protection system according to the present invention includes a terminal 100, software 101 operating on the terminal, and a tamper resistant apparatus 200. In this system, the terminal 100 and the tamper resistant apparatus 200 cooperate to protect software. As the tamper resistant apparatus 200, for example, a CPU or the like may be used.

<First Embodiment>
A first embodiment of the present invention will be described with reference to FIGS.

<Terminal configuration>
As illustrated in FIG. 2, the terminal 100 according to the present embodiment includes a processing unit 102, a processing result transmission unit 103, a reception unit 104, and an output unit 105.

  The processing unit 102 processes only encoded data on software. The processing result transmission unit 103 transmits the processing result to the tamper resistant apparatus 200. The receiving unit 104 receives the decoding process result from the tamper resistant apparatus 200. The output unit 105 outputs the received value as a result.

<Configuration of tamper resistant device>
As shown in FIG. 3, the tamper resistant apparatus 200 according to the present embodiment includes a reception unit 201, a verification unit 202, a decryption processing unit 203, and a result transmission unit 204.

  The receiving unit 201 receives a processing result in the terminal 100. The verification unit 202 verifies the received processing result. The decryption processing unit 203 performs decryption processing when the processing result is valid. The result transmission unit 204 transmits the result of the decoding process to the terminal 100.

<Processing of software protection system>
Processing of the software protection system according to the present embodiment will be described with reference to FIG.

  The terminal 100 processes only the encoded data on the software (step S101), and transmits the processing result to the tamper resistant apparatus 200 (step S102).

  The tamper resistant apparatus 200 verifies the received processing result (step S103), and performs decryption processing when the processing result is valid (step S104). Further, the result of the decoding process is transmitted to the terminal 100 (step S105). On the other hand, the software 101 in the terminal 100 outputs the value received from the tamper resistant apparatus 200 as a result (step S106).

  Therefore, according to the present embodiment, the software on the terminal processes only the encoded data, so that safety is improved. In addition, since the data exchanged between the software and the tamper-resistant device differs depending on the input, the data is resistant to an attack that eavesdrops on communication contents by operating the software. Furthermore, since the software alone does not operate, it is effective in preventing unauthorized copying of software.

<Second Embodiment>
A second embodiment of the present invention will be described with reference to FIGS.

<Terminal configuration>
As illustrated in FIG. 5, the terminal 100 according to the present embodiment includes a conversion unit 301 and a transmission unit 302.

  The conversion unit 301 converts the software 101. The transmission unit 302 transmits the converted software. Details of the processing of the conversion unit 301 will be described later.

<Configuration of tamper resistant device>
As shown in FIG. 6, the tamper resistant apparatus 200 according to the present embodiment includes an acquisition unit 401, a verification unit 402, a decryption unit 403, and a return unit 404.

  The acquisition unit 401 acquires all the encoded variables from the received software. The verification unit 402 verifies the correctness depending on whether or not all the obtained encoded variables satisfy a non-trivial relational expression.

  The decrypting unit 403 decrypts the value of the variable when the verification result is valid. The return unit 404 returns the decrypted value to the software 101 in the terminal 100.

<Internal configuration of conversion unit>
As illustrated in FIG. 7, the conversion unit 301 further includes a selection unit 310, an encoding variable determination unit 320, a rule determination unit 330, a replacement unit 340, and a correction unit 350.

In the following, it is assumed that the target software includes N variables, x ₁ , x ₂ ,..., X _n, and the value stored in the variable x ₁ is output as the execution result. It is assumed that there is no loss of generality. Further, even when there are a plurality of variables for storing execution results, it is possible to treat each piece of software in the same way by assuming that there are a plurality of software for storing execution results in one variable. Furthermore, in the following, it is assumed that all the encoding targets are 32-bit variables.

The selection unit 310 selects n variables x ₁ , x ₂ ,..., X _n to be encoded. Here, the variable x ₁ to the execution result is stored, it is necessary to select as the encoding target. The number n is arbitrary, and a larger value is selected when the safety is increased, and a smaller value is selected when the execution efficiency is increased. However, the following variables are excluded from encoding targets. 1) Variable in which user input is directly written. 2) A variable whose address is obtained by an address operator.

The encoding variable determination unit 320 determines m encoding variables y ₁ , y ₂ ,..., Y _m . Here, the number m is set larger than the number n of encoding target variables. Note that a larger value is selected to increase safety, and a smaller value is selected to increase execution efficiency.

  The rule determining unit 330 arbitrarily determines an m-by-n pool matrix A and an m-dimensional integer vector b. However, the matrix A is selected so that the rank is n. The following relational expression number 1 is constituted by the matrix A and the integer type vector b.

  If each row of the above equation is an encoding rule, Equation 2 is obtained.

Next, the encoding rule is regarded as a simultaneous equation for unknown variables x ₁ , x ₂ ,..., X _n and solved to obtain Equation 3.

Each of these expressions is used as a decryption rule. In the process of solving the above simultaneous equations, n coding rules are used. By replacing the variables x ₁ , x ₂ ,..., X _{n included} in the coding rules that are not used with the coding variables using the decoding rules, mn non-trivial relational expressions are obtained. . Here, the encoding variables y ₁ , y ₂ ,..., Y _m always satisfy these relational expressions.

Replacement unit 340, coded variables _{x 1,} x 2 in the program, ..., and _{x n,} encoding the variable _{y 1,} y 2, ..., replaced by _{y m,} first, assignment is performed Is replaced with the encoded variable, and then the variable being referenced is replaced with the encoded variable. However, the instruction that outputs the execution result stored in the variable x ₁ is the target of replacement here. It is outside.

Specifically, the first replacement unit 341 shown in FIG. 8 replaces the assignment instruction x _i ← f with the instruction shown in Equation 4 below.

Thus, the right side of the function _{e 1,} e 2, · · ·, in _{e m,} target variable _{x i} which assignment is performed is replaced in equation f.

Also, the second replacement unit 342 shown in FIG. 8 converts the target variables x ₁ , x ₂ ,..., X _n referred to in the instruction sequence obtained by the above processing into the decryption rule d. _{1, d} 2, ···, replaced by _{d n,} to organize the expression.

The correction unit 350 corrects the converted software so that it can be executed correctly. Specifically, the adding unit 351 shown in FIG. 9 stores the encoded variables y ₁ , y ₂ ,..., Y _m and the values of these variables as temporary variables t ₁ , t ₂ ,. , T _m definition is added.

Also, the conversion unit 352 illustrated in FIG. 9 converts the instruction converted by the first replacement unit 341 into an instruction sequence that can be sequentially executed. That is, the instruction sequence shown in Equation 5 is changed to the instruction sequence shown in Equation 6. In this way, by saving the value of the encoded variable before update in the temporary variable, the value of the encoded variable after update can be calculated sequentially. Here, the function _{e 1 ', e 2',} ···, e m ' , respectively, the function _{e 1,} e 2, · · ·, in _{e m,} encoded variables _{y 1,} y 2, · · · , Y _m are replaced with temporary variables t ₁ , t ₂ ,..., T _m .

Furthermore, instruction adding unit 353 shown in FIG. 9, the execution result to the immediately preceding instruction for outputting, coding variables y _1, y 2 in the tamper-resistant _device, ..., and sends the value of y _m, decoded variable to add a command to retrieve the value of x _1.

<Processing of software protection system>
Processing of the software protection system according to the present embodiment will be described using FIG.

  The terminal 100 converts the software 101 (step S201), and transmits the converted software (step S202).

  The tamper resistant apparatus 200 acquires all the encoded variables from the received software (step S203), and verifies the correctness depending on whether or not all the acquired encoded variables satisfy the non-trivial relational expression. (Step S204). If it is valid, the value of the variable is decrypted (step S205), and the decrypted value is returned to the software 101 in the terminal 100 (step S206).

  Therefore, according to the present embodiment, by converting the software, the terminal storing the software and the tamper resistant device can be linked to execute the software on the terminal safely.

<Example>
As an embodiment, a source code conversion example will be shown for a program for obtaining the nth term of the Fibonacci sequence. Here, FIG. 11 shows the source code before conversion, FIG. 12 shows the source code after conversion, and FIG. 13 shows the processing content (pseudo code in C language) in the tamper resistant apparatus.

  Here, the rules used for encoding the variables are as shown in Expression 7, and the encoding variables satisfy the relational expression shown in Expression 8. Here, the tamper resistant apparatus confirms that the value of the encoding variable received from the software satisfies this relational expression, and performs a valid decoding process only when the relational expression is satisfied.

  Note that the software protection system of the present invention is realized by recording the processing of the software protection system on a computer-readable recording medium, causing the terminal and the tamper-proof device to read and execute the program recorded on the recording medium. Can do. The computer system here includes an OS and hardware such as peripheral devices.

  Further, the “computer system” includes a homepage providing environment (or display environment) if a WWW (World Wide Web) system is used. The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.

  The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

  The embodiments of the present invention have been described in detail with reference to the drawings. However, the specific configuration is not limited to the embodiments, and includes designs and the like that do not depart from the gist of the present invention.

DESCRIPTION OF SYMBOLS 100; Terminal 101; Software 102; Processing part 103; Processing result transmission part 104; Reception part 105; Output part 200; Tamper-proof device 201; Reception part 202; Verification part 203; Decoding processing part 204; Unit 302; transmission unit 310; selection unit 320; coding variable determination unit 330; rule determination unit 340; replacement unit 341; first replacement unit 342; second replacement unit 350; correction unit 351; addition unit 352; Unit 353; instruction addition unit 401; acquisition unit 402; verification unit 403; decryption unit 404; return unit

Claims (11)

A software protection system for protecting software that consists of a terminal and a tamper-proof device, operates on the terminal, and returns the calculation result as a numerical value.
The terminal is
Processing means for processing only encoded data on the software;
Processing result transmitting means for transmitting the processing result to the tamper resistant apparatus;
With
The tamper resistant device is
Verification means for verifying the received processing result;
Decryption processing means for performing decryption processing when the processing result is valid;
Decoding processing result transmitting means for transmitting the result of the decoding processing to the terminal;
With
The software in the terminal outputs the value received from the tamper resistant device as a result.   2. The software protection system according to claim 1, wherein the tamper resistant device verification means verifies whether or not a variable for storing encoded data satisfies a predetermined relational expression. A software protection system for protecting software that consists of a terminal and a tamper-proof device, operates on the terminal, and returns the calculation result as a numerical value.
The terminal is
Conversion means for converting the software;
Conversion software transmission means for transmitting the converted software;
With
The tamper resistant device is
An acquisition means for acquiring all encoding variables from the received software;
Verification means for verifying the correctness according to whether or not all the obtained encoded variables satisfy a non-trivial relational expression;
Decryption means for decrypting the value of the variable if it is valid;
Return means for returning the decrypted value to the software in the terminal;
A software protection system characterized by comprising: The converting means is
A selection means for selecting a variable to be encoded;
Encoding variable determining means for determining m encoding variables from the selected encoding variable;
Rule determining means for determining an encoding rule and a decoding rule;
Replacement means for replacing the encoded variable in the software with another encoded variable;
Correction means for correcting the converted software so that it can be executed correctly,
The software protection system according to claim 3, further comprising: The replacement means comprises:
First replacement means for replacing a target variable for which substitution is performed;
A second replacement means for replacing the target variable being referred to;
The software protection system according to claim 4, further comprising: The correcting means is
Additional means for adding encoding variables and primary variable definitions for saving the values of these variables;
Conversion means for converting the substitution instruction substituted by the first substitution means into an instruction sequence that can be executed;
Instruction adding means for sending an encoded variable value to the tamper resistant device and adding an instruction for acquiring a decoded variable value immediately before the instruction for outputting the execution result;
The software protection system according to claim 4, further comprising:   7. The software protection system according to claim 1, wherein the tamper resistant device is a CPU. A software protection method in a software protection system for protecting software consisting of a terminal and a tamper-proof device, operating on the terminal, and returning a calculation result as a numerical value,
A first step in which the terminal processes only encoded data on the software;
A second step in which the terminal transmits the processing result to the tamper resistant device;
A third step in which the tamper resistant device verifies the received processing result;
A fourth step in which the tamper resistant apparatus performs a decoding process when the processing result is valid;
A fifth step in which the tamper resistant apparatus transmits a result of the decoding process to the terminal;
A sixth step in which the software in the terminal outputs the value received from the tamper resistant device as a result;
A software protection method comprising: A software protection method in a software protection system for protecting software consisting of a terminal and a tamper-proof device, operating on the terminal, and returning a calculation result as a numerical value,
A first step in which the terminal converts the software;
A second step in which the terminal transmits the converted software;
A third step in which the tamper resistant device acquires all encoding variables from the received software;
A fourth step in which the tamper resistant apparatus verifies the correctness according to whether or not all the obtained encoded variables satisfy a non-trivial relational expression;
A fifth step of decoding the value of the variable if the tamper resistant device is valid;
A sixth step in which the tamper resistant device returns the decrypted value to software in the terminal;
A software protection method comprising: A program for causing a computer to execute a software protection method in a software protection system for protecting software that consists of a terminal and a tamper-proof device, operates on the terminal, and returns a calculation result as a numerical value,
A first step in which the terminal processes only encoded data on the program;
A second step in which the terminal transmits the processing result to the tamper resistant device;
A third step in which the tamper resistant device verifies the received processing result;
A fourth step in which the tamper resistant apparatus performs a decoding process when the processing result is valid;
A fifth step in which the tamper resistant apparatus transmits a result of the decoding process to the terminal;
A fifth step in which the software in the terminal outputs the value received from the tamper resistant device as a result;
A program that causes a computer to execute. A program for causing a computer to execute a software protection method in a software protection system for protecting software that consists of a terminal and a tamper-proof device, operates on the terminal, and returns a calculation result as a numerical value,
A first step in which the terminal converts the software;
A second step in which the terminal transmits the converted software;
A third step in which the tamper resistant device acquires all encoding variables from the received software;
A fourth step in which the tamper resistant apparatus verifies the correctness according to whether or not all the obtained encoded variables satisfy a non-trivial relational expression;
A fifth step of decoding the value of the variable if the tamper resistant device is valid;
A sixth step in which the tamper resistant device returns the decrypted value to software in the terminal;
A program that causes a computer to execute.

Images