JPH09185501A - Software execution control system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a software execution control system which executes software obtained by means of executing decoding with a software key and prevents the illegal use of the software key and the frequencies of execution when the frequency of execution satisfies a prescribed condition. SOLUTION: An execution unit 2 stores random numbers in a random number storage part 3 where reading and writing are difficult and a recording medium 1 stores ciphering software and ciphering software key execution frequencies. The execution unit 2 acquires the ciphering software key execution frequencies decodes them with the random numbers, decodes ciphering software with the software key, and executes software when the execution frequency satisfies the prescribed condition. The execution unit 2 updates the execution frequencies and the random numbers, ciphers the software key and the updated number of execution times with the updated random numbers and stores them in the recording medium 1. Thus, the copied ciphering software key execution frequency cannot be decoded by updating the random numbers whenever software is executed.

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a software execution control system, and more particularly to a software execution control system for preventing unauthorized use of software.

[0002]

2. Description of the Related Art In recent years, various multimedia devices have been developed and many paid multimedia software such as games and educational software have been sold. However, the protection of such software is incomplete, and there is a lot of illegally copied software in the current situation. In order to prevent unauthorized use of software, there are legal restrictions such as patent law and copyright law,
At the same time, execution control systems are being developed that prevent the execution of illegally copied software.

For example, Japanese Unexamined Patent Publication No. 61-145642 proposes a method for preventing unauthorized use of software by encrypting a soft key necessary for executing the software with information unique to the executor. . A part of the configuration disclosed here is modified to be a first conventional example. Furthermore, in this first conventional example, a method for preventing unauthorized use of software whose execution count is limited will be referred to as a second conventional example. Further, for example, Japanese Patent Publication No. 3-32813 discloses a method of connecting a coprocessor for controlling execution of software to an executor. This method was modified by changing part of the configuration to limit the number of executions.
The conventional example of

(First Conventional Example) FIG. 9 is a block diagram showing the configuration of a software execution control system according to the first conventional example. In FIG. 9, an executor 101 is a specific executor who is permitted to execute a certain software SoftA. The executor 101 has a unique key storage unit 102 for storing the private information Sx (unique key) unique to itself.
Built-in. The unique key storage unit 102 cannot be read or written from outside the executor 101. In the figure, these regions are represented by hatching. The recording medium 103 is a recording medium for storing software executed by the executor 101. When the encryption of the data D by the key K is expressed as E (K, D), the recording medium 103 includes the encryption software E (K, SoftA) encrypted by the soft key K, and the execution unit. Encrypted soft key E encrypted with the unique key Sx of 101
(Sx, K) is stored. Software Soft
When executing A, the executor 101 first obtains the encrypted soft key E (Sx, K) from the recording medium 103, and uses the obtained encrypted soft key E (Sx, K) in the decryption unit 104. At, the soft key K is obtained by decrypting with the unique key Sx obtained from the unique key storage unit 102. Next, the executor 101 obtains the encrypted software E (K, SoftA) from the recording medium 103, decrypts it with the obtained soft key K in the decryption unit 105 to obtain the software SoftA, and executes this.

In the conventional example, even if the encryption software E (K, SoftA) and the encryption software key E (Sx, K) stored in the recording medium are copied, the execution is still carried out with the unique key Sx. The software cannot be executed because the encrypted soft key E (Sx, K) cannot be decrypted by other devices. Further, the unique key storage unit 102 storing the unique key Sx.
Is an area that cannot be read or written except by the executor 101, so the unique key Sx cannot be duplicated.
This prevents the execution of illegally copied software.

By the way, in this conventional example, if the paying fee is first paid to obtain the encrypted soft key for the executor 101, the executor 101 can execute the software any number of times. . In addition to the so-called "purchase system", there are other forms of software purchase that include a "pay-as-you-go" system in which a fee is paid according to the amount of software used. Furthermore, there are roughly two methods for realizing this "pay-as-you-go" system. The first is to contract the software seller and the user in advance for conditions such as the number of times the software is executed and the expiration date. This is an "execution control method" that permits execution within that range, and the second is a method of accumulating information about the execution history of software in the executor and paying a fee according to it at a later date.

The fraud prevention method of the conventional example does not have a function corresponding to the above-mentioned "pay-as-you-go" software. Therefore, the second conventional example described below is a method for preventing unauthorized use of software in a "pay-as-you-go" form. However, the second conventional example adopts the “execution control method” of the above two methods, and for the sake of simplicity, it is limited to the case where the number of times software is executed is limited. In the third conventional example and the first and second embodiments, which will be described later, similarly, the limitation on the execution of software is limited to the limitation on the number of times of execution. In addition, a contract is signed between the software seller and the user, and the information obtained by the user is "execution permission information".
It is assumed that the user can execute the software within the range of the execution permission information.
Therefore, in the following, “execution permission information” means the right to execute the software a predetermined number of times.

(Second Conventional Example) FIG. 10 is a block diagram showing the configuration of a software execution control system according to the second conventional example. In FIG. 10, the encrypted soft key / execution count E (Sx, (K, n)) obtained by encrypting the soft key K and the execution count n with the unique key Sx of the executor 101 is the encryption software E (K, SoftA ) Are stored in the recording medium 103. Here, the number of times of execution means the remaining number of times of execution (the same applies to the following). When executing the software SoftA, the execution unit 101
First obtains the encrypted soft key / number of executions E (Sx, (K, n)) from the recording medium 103, and decrypts this.
In step 4, the soft key K and the execution count n are obtained by decrypting with the unique key Sx. Next, the executor 101 includes the decoding unit 10
5, the encryption software E (K, S
While software (AftA) is decoded to obtain software SoftA, the execution count inspecting unit 106 inspects whether or not the execution count n is 1 or more. If n is 1 or more,
The executor 101 executes the decrypted software SoftA. After executing the software SoftA, the executor 10
1, the execution count updating unit 107 reduces the execution count n by 1 to update to n ′ (= n−1), and then the encryption unit 10
At 8, the n'is encrypted with the soft key K by the unique key Sx. Then, the executor 101 stores the updated encrypted soft key / number of executions E (Sx, (K, n ′)) in the recording medium 103 again.

(Third Conventional Example) FIG. 11 is a block diagram showing the configuration of a software execution control system according to the third conventional example. In FIG. 11, the software execution system includes a read-only recording medium 110, an executing unit 111 that executes software, an execution unit 111 that is connected to the executing unit 111 to control execution of the software, and read out information from the outside. And a coprocessor 112 that is difficult to write. The unique key storage unit 113 included in the coprocessor 112 stores the unique key Sy of the executor 111, and the recording medium 110 is encrypted with the soft key K as in the second conventional example. Encryption software E
(K, SoftA) and the encrypted soft key encrypted with the unique key Sy / number of executions E (Sy, (K, n)) are stored.

In this conventional example, first, the user installs the information stored in the recording medium 110 in the coprocessor 112. Coprocessor 112 is the installed encrypted soft key / number of executions E (Sy, (K, n))
Is decrypted with the unique key Sy in the decryption unit 114 to obtain the soft key K and the execution count n. Store each. Next, the coprocessor 112 uses the installed encryption software E.
(K, SoftA) is decrypted with the soft key K obtained by the decryption unit 117, and the execution count inspection unit 119 inspects that the execution count n is 1 or more. If the execution count n is 1 or more, the execution unit 111 determines that the software Sof
Perform tA. At this time, in the coprocessor 112, the execution count updating unit 118 decrements the execution count n by 1 to n ′, and stores this n ′ in the execution count storage unit 116. By this installation, the portion related to the encrypted soft key / execution count E (Sy, (K, n)) of the recording medium 110 is invalidated and cannot be installed again.

[0011]

DISCLOSURE OF THE INVENTION Problems to be Solved by the Invention
The above-mentioned second conventional example in which the function of limiting the number of executions is added has the following two problems. The first problem is that if the user copies a recording medium before the execution count n becomes 0, the copy software can be executed by the execution count at the time of copying. It is also possible to perform a copy of a copy, thus allowing the software to be executed virtually indefinitely (hereinafter referred to as the first attack).

Secondly, the number of executions n is decreased by 1 each time it is executed to n ', and the encrypted soft key / the number of executions E (Sx, (K, n')) updated accordingly is updated. Writing on the recording medium is a problem that the limitation of the number of executions can be substantially invalidated by interfering with the writing. That is, the number of executions n included in the execution permission information stored in the recording medium does not decrease even if it is executed (hereinafter, this will be referred to as a second attack).

In order to prevent the above-mentioned first and second attacks, in the above-mentioned third conventional example, the components related to the execution control of the second conventional example are provided in the coprocessor which cannot be read or written from the outside. I am trying. However, the provision of such a dedicated coprocessor raises the cost. Moreover, in the second conventional example,
The place where the soft key and the execution count are stored is the recording medium that stores the software, whereas the third conventional example stores the soft key and the execution count in addition to the components of the second conventional example. It is necessary to further provide a storage area for storing in the coprocessor. In particular, when a plurality of pieces of software are handled at the same time, such a storage area must be secured for each piece of software, which causes a problem of higher cost.

Therefore, an object of the present invention is to prevent the above-mentioned first and second attacks on software whose execution frequency is limited. Further, another object of the present invention is to prevent the above first and second attacks even when a plurality of pieces of software whose execution times are limited are handled at the same time, and at the same time, it is necessary to provide a memory that is difficult to read and write. The area should be as small as possible.

[0015]

Means for Solving the Problems and Effects of the Invention The structure of the present invention for achieving the above object will be described below.
In order to clarify the correspondence relationship with the embodiments described later, each constituent element adopted in the present invention is provided with the corresponding reference numeral. However, it should be pointed out in advance that the reference numbers are given only for easy understanding and for reference, and do not limit the scope of the claims of the present invention.

A first aspect of the present invention is a software execution control system for controlling execution of software according to predetermined execution permission information and preventing unauthorized use of the execution permission information. A recording medium (1) that stores the executed execution permission information and is capable of reading and writing information is connected to an executor (2) that executes software so that information can be transmitted, and the executor (2) is a random number. Random number storage means (3) that stores information and is difficult to read and write information from outside
And a decryption means (4) for obtaining the encrypted execution permission information from the recording medium (1) and decrypting it with the random number obtained from the random number storage means (3), and the software from the recording medium (1). And software execution means (7) for executing according to the execution permission information obtained by the decryption by the decryption means (4),
In connection with the execution of the software, the random number updating means (9) for updating the random number stored in the random number storage means (3) and the execution permission information obtained by the decoding of the decoding means (4) are stored in the software execution means ( After the software 7) executes the software, it is provided with an encryption means (10) for encrypting with the random number updated by the random number updating means (9) and storing it in the recording medium (1).

As described above, the first aspect of the invention comprises the executor for executing the software and the recording medium storing the software and the encrypted execution permission information. First, the decryption unit included in the executor obtains the encrypted execution permission information from the recording medium and decrypts the encrypted execution permission information with the random number stored in the random number storage unit to obtain the execution permission information. Next, the software executing means executes the software according to the requested execution permission information. In connection with the execution of software, the random number updating means updates the random number stored in the random number storing means. Next, the encryption means encrypts the updated execution permission information with the updated random number and stores it in the recording medium.

As described above, the random number is stored in the random number storage means in the execution unit where it is difficult to read and write information, and the execution permission information is encrypted with this random number. By updating the random number in connection with the execution of the software, it is possible to prevent the software from being illegally executed by an execution unit other than the regular execution unit. Further, in the first aspect of the invention, the random number storage means that is difficult to read and write only needs to prepare an area large enough to store one random number, and the cost for realizing it can be minimized. .

A second aspect of the present invention further comprises an execution permission information updating means (8) for updating the execution permission information obtained by the decryption of the decryption means (4) as the software is executed. The encryption means (10) encrypts the execution permission information updated by the execution permission information updating means (8) with the random number updated by the random number updating means (9) and stores it in the recording medium (2). It is characterized by that.

As described above, the second aspect of the present invention further includes the execution permission information updating means in the first aspect of the invention.
The execution permission information updating means updates the execution permission information as the software is executed, and the encryption means encrypts the execution permission information updated by the execution permission information updating means and stores it in the recording medium. As a result, the second aspect of the present invention can prevent unauthorized use of the copied execution permission information. That is, the encrypted execution permission information stored in the recording medium is copied and saved at a certain point of time.
After the software is executed more than once, the encrypted execution permission information stored in the recording medium is replaced with the copied execution permission information. At this time,
Since the random number held by the executor is updated in association with the execution, the executor cannot decrypt the copied encrypted execution permission information. The second aspect of the present invention can prevent an attack that obstructs the writing of the updated execution permission information to the recording medium to effectively invalidate the update. That is, since the executor updates the random number held by itself when executing the software, it can no longer decrypt the encrypted execution permission information before the update.

A third invention is characterized in that in the first or second invention, the random number updating means (9) updates the random number stored in the random number storing means (3) every time the software is executed. There is.

As described above, in the third invention, the random number updating means updates the random number stored in the random number storing means every time the software executing means executes the software. As a result, the effect of preventing unauthorized use of software can be maximized.

In a fourth aspect based on the first or second aspect, the random number updating means (9) stores the random number stored in the random number storing means (3) once every predetermined plural times of execution of the software. It is characterized by updating.

As described above, in the fourth aspect, the random number updating means updates the random number stored in the random number storing means once every time the software executing means executes the software a plurality of predetermined times. As a result, it is possible to effectively prevent unauthorized use of software while reducing the processing load required for execution control.

In a fifth aspect based on the first or second aspect, the random number updating means (9) is stored in the random number storing means (3) once every predetermined variable number of times the software is executed. The feature is that the random number is updated and the information about the interval for updating the random number is kept secret to the software user.

As described above, in the fifth aspect of the invention, the random number updating means updates the random number stored in the random number storing means once every time the software executing means executes the software a predetermined number of times. As a result, the effect of preventing fraud with respect to the frequency of updating the random numbers can be enhanced.

A sixth invention is characterized in that, in the first or second invention, the random number storage means (3) is provided in the recording medium (1) instead of being provided in the executor (2). .

As described above, in the sixth aspect of the present invention, the recording medium includes the random number storage means, and the executor acquires the random number stored in the random number storage means when executing the software. The executor decrypts the execution permission information encrypted with the acquired random number to obtain the execution permission information, and executes the software according to the obtained execution permission information. Next, the executor updates the random number and stores the updated random number in the random number storage means in the recording medium. In this way, since the encrypted execution permission information stored in the recording medium is decrypted by the random number stored in the recording medium, execution control can be performed without specifying the executor that executes the software. it can.

A seventh aspect of the invention is the read-only first aspect of the first or second aspect of the invention, instead of the recording medium (1).
Recording medium and a readable and writable second recording medium are connected to an executor (2), the first recording medium stores software, and the second recording medium is an encrypted execution permission. It is characterized by storing information.

As described above, in the seventh invention, the software is stored in the read-only recording medium, and the encrypted execution permission information is stored in the readable and writable recording medium. As a result, the execution permission information that needs to be rewritten when the random number is updated is stored in a readable and writable recording medium, but a read-only recording medium should be used for storing software that does not need updating. You can

In an eighth aspect based on the first or second aspect, the software stored in the recording medium (1) is encrypted, and the software executing means (7) operates from the recording medium (1). It is characterized in that the encrypted software is acquired, decrypted according to the execution permission information obtained by the decryption of the decryption means (4), and the decrypted software is executed.

As described above, in the eighth invention, the software stored in the recording medium is encrypted, and the software executing means is encrypted according to the execution permission information obtained by the decryption of the decrypting means. Decrypt the software and execute the decrypted software. By thus encrypting the software, the security can be further enhanced.

A ninth invention is a software execution control system for controlling execution of software according to predetermined execution permission information and preventing illegal use of the execution permission information. An executor (21) that executes software by a recording medium (20) that stores encrypted execution permission information and an encrypted auxiliary key and is readable and writable of information.
And a recording medium (2). The execution unit (21) stores a random number, and the random number storage unit (22) is difficult to read and write information from the outside.
0) to obtain the encrypted auxiliary key, and the first decryption means (23) to decrypt with the random number obtained from the random number storage means (22), and the execution permission information encrypted from the recording medium (20). Second decryption means (24) that obtains and decrypts with the auxiliary key obtained by the decryption of the first decryption means (23).
And software execution means (29) for acquiring the corresponding software from the recording medium (20) and executing it according to the execution permission information obtained by the decryption of the second decryption means (24).
And the execution permission information obtained by the decryption of the second decryption means (24) is obtained by the decryption of the first decryption means (23) after the software execution means (29) executes the corresponding software. Encrypt with the auxiliary key,
0) for storing the first encryption means (28) and all the encrypted auxiliary keys from the recording medium (20) in connection with the execution of the software, and store them in the random number storage means (22). Third decoding means (30) for decoding with the stored random number,
It is obtained by the random number updating means (31) for updating the random number stored in the random number storing means (22) in cooperation with the decoding by the third decoding means (30) and the decoding by the third decoding means (30). The auxiliary key is encrypted with the random number updated by the random number updating means (31) and is stored in the recording medium (20), and the second encryption means (32) is provided.

As described above, the ninth invention comprises an executor for executing software, and a plurality of recording media in which software, encrypted execution permission information and encrypted auxiliary keys are stored. To be done. First, the first decryption means provided in the executor obtains the encrypted auxiliary key corresponding to the software to be executed from the recording medium, decrypts it with the random number stored in the random number storage means, and then the auxiliary key. Ask for. Next, the second decryption means acquires the encrypted execution permission information corresponding to the software from the recording medium, and decrypts it with the auxiliary key obtained by the decryption of the first decryption means,
Get execution permission information. The software executing means executes the software according to the obtained execution permission information. Then, the first encryption means encrypts the obtained execution permission information with the auxiliary key obtained by the decryption of the first decryption means and stores it in the recording medium. Further, the third decryption means obtains all the encrypted auxiliary keys from the recording medium in association with the execution of the software, and decrypts them with the random number stored in the random number storage means to obtain the auxiliary key. The random number updating means updates the random number stored in the random number storing means in cooperation with the decoding by the third decoding means. The second encryption means encrypts the auxiliary key obtained by the decryption of the third decryption means with the updated random number and stores it in the recording medium.

As described above, when a plurality of software is handled by a single executor, the execution permission information for each software is encrypted with a dedicated auxiliary key for each software, and further, these auxiliary keys are encrypted with random numbers. . Then, by updating the random number in association with the execution of the software, it is possible to prevent the software from being illegally executed by an execution device other than the regular execution device, as in the first invention. Also, since only one random number is used, regardless of the number of software handled, the storage area for storing random numbers that is difficult to read and write must be large enough to store one random number. Good.

In a tenth aspect based on the ninth aspect, the second decoding means (2
4) further comprises execution permission information updating means (27) for updating the execution permission information obtained, and the first encryption means (28) executes the execution permission information updating means (27). The permission information is transferred to the first decryption means (2
It is characterized in that it is encrypted with the auxiliary key obtained by the decryption of 3) and stored in the recording medium (20).

As described above, in the tenth invention, the execution permission information updating means updates the execution permission information as the software is executed, and the first encryption means is updated by the execution permission information updating means. The execution permission information is encrypted with the auxiliary key. Thus, in the tenth invention, even when a plurality of software is handled by one executor, similar to the second invention, the illegal use of the copied execution permission information and the updated execution permission information are performed. It is possible to prevent the write interference to the recording medium.

An eleventh invention is the ninth or tenth invention, wherein the third decryption means (30) acquires all the encrypted auxiliary keys from the recording medium (20) every time the software is executed. Then, the decoding is performed by using the random number stored in the random number storage means (22).

As described above, in the eleventh aspect of the invention, each time the software execution means executes the software, the third decryption means acquires the encrypted auxiliary key from the recording medium and stores it in the random number new means. Decrypt with random numbers. As a result, the effect of preventing unauthorized use of software can be maximized.

A twelfth invention is the recording medium (20) according to the ninth or tenth invention, wherein the third decryption means (30) executes the software once a predetermined plurality of times.
It is characterized in that all the encrypted auxiliary keys are acquired from and decrypted with the random numbers stored in the random number storage means (22).

As described above, in the twelfth aspect of the invention, the third decryption means removes all encrypted auxiliary keys from the recording medium once every time the software execution means executes the software a plurality of predetermined times. It is acquired and decrypted by the random number stored in the random number storage means. This makes it possible to effectively prevent unauthorized use of software while reducing the processing load required for execution control.

In a thirteenth invention based on the ninth or tenth invention, the third decoding means (30) is arranged so that the recording medium (2) is executed once every predetermined variable number of times of software execution.
0) obtains all encrypted auxiliary keys, decrypts them with the random numbers stored in the random number storage means (22), and keeps information about the decryption interval of the encrypted auxiliary keys secret to the software user. It is characterized by doing.

As described above, in the thirteenth invention, once every time the software execution means executes the software a predetermined number of times, the third decryption means causes all the encrypted auxiliary data from the recording medium. The key is obtained and decrypted with the random number stored in the random number storage means. Also, the information regarding the decryption of the auxiliary key is kept secret to the software user. As a result, the effect of preventing fraud with respect to the frequency of updating the random numbers can be enhanced.

The fourteenth invention is characterized in that, in the ninth or tenth invention, the random number storage means (22) is provided in the recording medium (20) instead of being provided in the executor (21). .

As described above, in the fourteenth aspect, the recording medium includes the random number storage means, and the executor acquires the random number from the recording medium when executing the software. The executor decrypts the encrypted execution permission information with the acquired random number to obtain the execution permission information, and executes the software according to the obtained execution permission information. The executor updates the random number in association with the execution of the software, and after the execution, stores the updated random number in the random number storage means in the recording medium. In this way, since the encrypted execution permission information stored in the recording medium is decrypted by the random number stored in the recording medium, execution control can be performed without specifying the executor that executes the software. .

A fifteenth aspect of the invention is the ninth or tenth aspect of the invention, in which, instead of the recording medium (20), there is provided a read-only first recording medium and a readable and writable second recording medium. Connected to the executor, the first recording medium stores software, the second recording medium stores encrypted execution permission information, and the random number storage means (22) is provided in the executor (21). Instead, it is characterized in that it is provided in the second recording medium.

As described above, in the fifteenth invention, the software is stored in the read-only recording medium, and the encrypted execution permission information is stored in the readable and writable recording medium. As a result, the execution permission information that needs to be rewritten when the random number is updated is stored in a readable and writable recording medium, but a read-only recording medium should be used for storing software that does not need updating. You can Further, by providing the second recording medium with the random number storage means, the encrypted execution permission information stored in the second recording medium is decrypted by the random number stored in the recording medium, and the software is Execution control can be performed without specifying the executor to be executed.

A sixteenth invention is the ninth or tenth invention, wherein the software stored in the recording medium (20) is encrypted and the software executing means (2
9) is software obtained by acquiring the corresponding encrypted software from the recording medium (20), decrypting it according to the execution permission information obtained by the decryption of the second decrypting means (24), and decrypting it. It is characterized by performing.

As described above, in the sixteenth invention, the software stored in the recording medium is encrypted, and the software execution means follows the execution permission information obtained by the decryption of the second decryption means. Decrypt the corresponding encrypted software and execute the decrypted software. In this way, the security can be further enhanced by encrypting each software.

A seventeenth aspect of the present invention is an executor (2 or 21) for executing software, and the executor (2 or 2).
1) A recording medium (1 or 20) which is connected to be capable of transmitting information and capable of reading and writing information, and a software distributor (which distributes execution permission information in response to a request from an executor (2 or 21) ( And a software execution control system for preventing unauthorized use of the execution permission information distributed from the software distributor (11),
The software distributor (11) holds the execution permission information, the recording medium (1 or 20) stores the software, and the execution unit (2 or 21) reads the information from outside of itself. And storage areas that are difficult to write (3
Or 22) stores a random number, and when requesting distribution of the execution permission information, the executor (2 or 21) notifies the software distributor (11) of the stored random number, and The distributor (11) encrypts the execution permission information with the notified random number and distributes it to the executor (2 or 21), and the executor (2 or 21) distributes the encrypted execution permission information. When received, the distributed encrypted execution permission information is decrypted by the stored random number, and the stored random number is updated in cooperation with the decryption.

As described above, the seventeenth aspect of the present invention is an execution unit that executes software, a recording medium that is connected to the execution unit and that can read and write information, and a software distribution unit that distributes execution permission information. It consists of and. The executor has a storage area in which it is difficult to read and write information from outside the executor, and stores random numbers in this storage area. The recording medium stores software, and the software distributor holds execution permission information. The execution unit notifies the software distribution unit of the stored random number in order to obtain the execution permission information. Upon receiving the notification of the random number, the software distributor encrypts the execution permission information that it holds with the notified random number and distributes it to the executor. The executor first decrypts the distributed encrypted execution permission information with the stored random number to obtain the execution permission information, and then updates the stored random number.

As described above, by encrypting the execution permission information distributed from the software distributor with the random number, the execution device other than the execution device having the random number cannot execute the software. In addition, since the random number is updated for each distribution, if the execution permission information includes a limit regarding the execution amount, it is possible to prevent fraudulent use of the copied execution permission information by a legitimate execution device. it can.

The eighteenth invention is an executor (2 or 21) for executing software, and the executor (2 or 2).
1) A recording medium (1 or 20) which is connected to be capable of transmitting information and is capable of reading and writing information, and a software distributor (which distributes execution permission information in response to a request from an executing device (2 or 21) 11), and the execution permission information additionally distributed from the software distributor (11) is added to the execution permission information held by the execution unit (2 or 21),
A software execution control system for preventing unauthorized use of the execution permission information, the execution device (2 or 2
1) stores the first and second random numbers in a storage area (3 or 22) in which it is difficult to read and write information from outside the storage medium (1 or 20).
Stores the software and the first encrypted execution permission information, the software distributor (11) holds the second execution permission information, and the execution unit (2 or 21)
Notifies the software distributor (11) of the second random number when requesting the distribution of the second execution permission information, and the software distributor (11) uses the notified second random number to generate the second random number. The execution permission information of is encrypted and distributed to the executor (2 or 21),
When the execution unit (2 or 21) receives the second encrypted execution permission information, the execution unit (2 or 21) decrypts the received second execution permission information with the stored second random number, Obtaining the second execution permission information, updating the stored second random number in cooperation with the decryption of the second encrypted execution permission information, and executing the first encryption from the recording medium (1 or 20). The encrypted execution permission information is acquired, decrypted with the first random number, and the first
Based on the obtained first and second execution permission information, in cooperation with the decryption of the first encrypted execution permission information, the stored first random number is updated. ,
It is characterized in that the third execution permission information is created, the created third execution permission information is encrypted with the updated first random number, and is stored in the recording medium (1 or 20).

As described above, the eighteenth aspect of the present invention is an executor that executes software, a recording medium that is connected to the executor and that can read and write information, and a software distributor that distributes execution permission information. It consists of and. The executor has a storage area in which it is difficult to read and write information from the outside of the executor, and the first and second random numbers are stored in this storage area. The recording medium is
The software and the first execution permission information are stored, and the software distributor holds the second execution permission information. The executor obtains the second execution permission information by
Notify the software distributor of the held second random number. Upon receiving the notification of the second random number, the software distributor encrypts the held execution permission information with the notified second random number and distributes it to the execution unit. The executor first decrypts the distributed second encrypted execution permission information with the stored second random number to obtain the second execution permission information, and holds the second execution permission information. Update the random number of. Next, the executor obtains the first encrypted execution permission information from the recording medium, decrypts it with the stored first random number to obtain the first execution permission information, and holds it. Update the first random number. Next, the executor creates third execution permission information based on the obtained first and second execution permission information, and encrypts the created third execution permission information with the updated first random number. And store it in a recording medium. This causes the executor to
Create new execution permission information by adding the other execution permission information obtained from the software distributor to the existing execution permission information.
The software can be executed based on the execution permission information.

A nineteenth aspect of the present invention is directed to first and second executors (2 or 21) for executing software and a recording medium (1 or 2) capable of reading and writing information.
0) and the execution permission information held by the first executor (2 or 21) is stored in the second executor (2 or 21).
It is a software execution control system for transferring to the user and preventing the unauthorized use of the execution permission information, and it is difficult for the first executor (2 or 21) to read and write the information from outside of itself. Storage area (3 or 22)
The random number is stored in the recording medium (1 or 20)
Stores software and encrypted execution permission information, and the first executor (2 or 21) transfers the first executor (2 or 21) to the second executor (2 or 21). 21) when transferring the execution permission information held by the first execution device (2 or 21) and the second execution device (2).
Alternatively, the first executor (2 or 21) notifies the second executor (2 or 21) of the random number stored therein, and cooperates with the notification. When the second executor (2 or 21) receives the notification of the random number, it is difficult to read and write information from the outside of itself. It is characterized in that it is stored in a different storage area (3 or 22).

As described above, the nineteenth aspect of the present invention provides first and second execution units that execute software, and a recording medium that is connected to the execution units so that information can be transmitted and that can read and write information. It is composed of. Each of the first and second executors has a storage area in which it is difficult to read and write information from outside the executor, and the first executor stores a random number in this storage area. There is. The recording medium stores software and encrypted execution permission information, and is connected to the first executor. Now, the first executor can execute the software by decrypting the encrypted execution permission information with the stored random number. When the first executor transfers this execution permission information to the second executor, the first executor first notifies the second executor of the random number it holds and then holds the random number. Update the random number. In response to the notification, the second executor stores the notified random number in its own storage area. As a result, the second executor connects the recording medium connected to the first executor to itself, obtains the encrypted execution permission information from the recording medium, decrypts it, and executes the software. You can

A twentieth aspect of the invention is connected to the first and second executors (2 or 21) for executing software and the respective executors (2 or 21) so that information can be transmitted.
And a part of the execution permission information held by the first executor (2 or 21), which is composed of the first and second recording media (1 or 20) capable of reading and writing information. A software execution control system for transferring to the execution unit (2 or 21) of the first execution unit and preventing unauthorized use of the execution permission information, the first execution unit (2 or 2)
1) stores the first and second random numbers in a storage area (3 or 22) from which it is difficult to read and write information from outside, and the first recording medium (1 or 2).
0) stores software and encrypted execution permission information, and the second recording medium (1 or 20) is
Execution permission information that stores software and that the first executor (2 or 21) holds from the first executor (2 or 21) to the second executor (2 or 21) When transferring a part of the
1) and the second executor (2 or 21) are communicatively connected to each other, and the first executor (2 or 21) executes the encrypted execution from the first recording medium (1 or 20). The permission information is acquired, decrypted with the stored first random number, the stored first random number is updated in cooperation with the decryption, and the execution permission information obtained by the decryption is transferred to the first random number. It is divided into the execution permission information and the second execution permission information, the first execution permission information obtained by the division is encrypted with the updated first random number, and is encrypted in the first recording medium (1 or 20). The second execution permission information stored and divided and obtained is encrypted with the stored second random number, and the second execution permission information is encrypted.
Of the random number and the second encrypted execution permission information
Notify the executor (2 or 21) of
When the second executor (2 or 21) updates the stored second random number and receives the second random number and the second encrypted execution permission information, the second executor self-generates the second random number. The second encrypted execution permission information is stored in the storage area (3 or 22) where it is difficult to read and write information from outside.
It is characterized in that they are respectively stored in the recording medium (1 or 20).

As described above, the twentieth aspect of the present invention is the first and second executors that execute software, and the first and second executors that are connected to the respective executors so as to be capable of transmitting information and capable of writing and reading information. It is composed of a first recording medium and a second recording medium. Each of the first and second executors has a storage area in which it is difficult to read and write information from outside the executor, and the first executor stores the first and second storage areas in this storage area. Stores the random number of. First
The recording medium stores software and encrypted execution permission information, and the second executor stores software. Now, the first executor can execute the software by decrypting the encrypted execution permission information with the stored random number. When the first execution unit transfers a part of the execution permission information to the second execution unit, first, the first execution unit acquires and holds the encrypted execution permission information from the first recording medium. To obtain the execution permission information by decrypting with a random number of
The held first random number is updated, and the obtained execution permission information is divided into first and second execution permission information. Next, the first executor encrypts the first execution permission information with the updated first random number, stores it in the first recording medium, and holds the second execution permission information. It is encrypted with the second random number and notified to the second executor together with the second random number. At this time, the first executor updates the second random number.
Upon receiving the notification, the second executor stores the second random number in a storage area in which it is difficult to read and write information, the second encrypted execution permission information in the second recording medium, Store each. As a result, the first encrypted execution permission information and the second encrypted execution permission information obtained by division are decrypted by the first execution unit and the second execution unit, respectively. You can

The twenty-first aspect of the present invention is a software execution control system that requires a soft key to execute software, and prevents unauthorized use of the soft key. A recording medium (1) that stores a soft key and is capable of reading and writing information is connected to an execution unit (2) that executes software so that information can be transmitted, and the execution unit (2) stores a random number. In addition, the random number storage means (3) which makes it difficult to read and write information from the outside of itself and the encrypted soft key from the recording medium (1) are acquired from the random number storage means (3). First decryption means (4) for decrypting with a random number and encrypted software from the recording medium (1), and decryption with the soft key obtained by decryption by the first decryption means (4) Second decryption means (6), software execution means (7) for executing the software obtained by the decryption of the second decryption means (6), and random number storage means (3) in connection with the execution of the software. ). The random number updating means (9) for updating the random number stored in) and the soft key obtained by the decryption of the first decrypting means (4) are encrypted with the updated random number and recorded on the recording medium (1). And an encryption means (10) for storing.

As described above, the twenty-first aspect of the invention comprises an executor that executes software, and a recording medium that stores encrypted software and an encrypted soft key. When executing the software, the first decryption unit included in the execution unit obtains the encrypted soft key from the recording medium and decrypts it with the random number stored in the random number storage unit to obtain the soft key. Next, the second decryption means obtains the encrypted software from the recording medium and decrypts it with the obtained soft key to obtain the software. Next, the software executing means executes the obtained software. At this time, the random number updating means updates the random number stored in the random number storing means. Then, the encryption means encrypts the soft key with the updated random number and stores it in the recording medium. In this way, by using a random number as the key for encrypting the soft key and updating it every time, it is possible to prevent the encrypted soft key from being decrypted even if the key is known to a third party. it can.

A twenty-second aspect of the present invention is a software execution control system for executing software when the number of executions satisfies a predetermined condition and preventing unauthorized use of the number of executions. A recording medium (1) that stores the number of times of execution that has been converted and is capable of reading and writing information is connected to an execution unit (2) that executes software in an information-transmittable manner, and the execution unit (2)
Is a random number storing means (3) that stores random numbers and in which it is difficult to read and write information from the outside of itself, and obtains the encrypted execution count from the recording medium (1) to obtain the random number storing means ( It is checked whether the decoding means (4) for decoding with the random number acquired from 3) and the number of execution times obtained by the decoding of the decoding means (4) satisfy a predetermined condition, and the predetermined condition is satisfied. In this case, the execution number inspection means (5) for instructing the execution of the software, the software execution means (7) for executing the software in response to the instruction from the execution number inspection means (5), and the execution of the software. And an execution number updating means (8) for updating the execution number obtained by decryption, and a random number updating means (9) for updating the random number stored in the random number storage means (3) in cooperation with the execution of software. ,It has been updated Line number information, encrypted with the updated random number and an encryption means (10) for storing the recording medium (1).

As described above, the twenty-second aspect of the invention comprises an executor that executes software, and a recording medium that stores the software and the encrypted execution count. First, the decryption unit included in the executor obtains the encrypted execution count from the recording medium, and decrypts the encrypted execution count with the random number stored in the random number storage unit to obtain the execution count. Next, the execution number inspection means inspects whether or not the obtained execution number satisfies a predetermined condition, and if so, instructs the software execution means to execute the software. The software execution means executes the software in response to the instruction from the execution frequency inspection means, and the random number updating means updates the random number as the software is executed. Next, the encryption means encrypts the updated number of times of execution with the updated random number and stores it in the recording medium. In this way, the number of executions is encrypted with a random number,
By updating the random number for each execution, the copied and encrypted execution count can be made undecipherable. It is also possible to prevent an attack that prevents the updated execution count from being written to the recording medium.

A twenty-third aspect of the invention is to execute software obtained by decrypting with a soft key when the number of executions satisfies a predetermined condition, and to prevent unauthorized use of the number of executions and the soft key. A software execution control system, wherein a recording medium (1) storing encrypted software and encrypted soft key / execution count, and capable of reading and writing information (executor) executes software ( The executor (2) is connected to 2) so that information can be transmitted, and the executor (2) stores random numbers, and it is difficult to read and write information from outside thereof.
A first decryption means (4) for obtaining the encrypted soft key / execution count from the recording medium (1) and decrypting it with the random number obtained from the random number storage means (3); and the recording medium (1) A second step of obtaining the encrypted software from the second step and decrypting it with the soft key obtained by the first decryption means (4);
It is checked whether the number of executions obtained by the decoding means (6) and the first decoding means (4) satisfies a predetermined condition. Execution frequency inspection means (5) for instructing execution, and software execution means (for executing the software obtained by the decryption of the second decryption means (6) in response to the instruction from the execution frequency inspection means (5) ( 7), the execution count updating means (8) for updating the execution count obtained by decryption as the software is executed, and the random number stored in the random number storage means (3) in cooperation with the execution of the software. A random number updating means (9) for updating, and an encryption means (10) for encrypting the soft key obtained by the decryption and the updated number of times of execution with the updated random number and storing it in the recording medium (1). I have it.

As described above, the twenty-third aspect of the invention comprises an executor for executing software and a recording medium storing the software and the encrypted soft key / execution count. First, the first decryption unit included in the executor obtains the encrypted soft key / execution number from the recording medium and decrypts it with the random number stored in the random number storage unit to obtain the soft key and the execution number. Next, the second decryption means obtains the encrypted software from the recording medium and decrypts it with the obtained soft key, and the execution count inspection means satisfies the predetermined execution count. If it is satisfied, the software execution means is instructed to execute the software. The software execution means executes the software in response to the instruction from the execution frequency inspection means.
With the execution of the software, the execution count updating means updates the execution count, and the random number updating means updates the random number stored in the random number storage means. Subsequently, the encryption unit encrypts the soft key and the updated execution count with the updated random number and stores the encrypted encryption key in the recording medium.

In this way, by encrypting the number of executions with a random number and updating the random number for each execution, the copied and encrypted number of executions cannot be decrypted, and the updated number of executions It is possible to prevent an attack that obstructs writing by writing the number of times to the recording medium. In addition, software is encrypted with a soft key, and the soft key is encrypted with a random number, and the random number is updated each time the software is executed, preventing unauthorized use of the software due to the soft key being known to a third party. You can also do it.

A twenty-fourth aspect of the present invention is for executing software obtained by decryption with a soft key when the execution count satisfies a predetermined condition, and for preventing unauthorized use of the soft key and the execution count. A software execution control system for storing a plurality of encrypted software, an encrypted soft key / execution count and an encrypted auxiliary key, and capable of reading and writing information (20 ) Is an executor (2) that executes software.
1) is communicatively connected, and the execution unit (21) stores random numbers, and a random number storage means (22) from which it is difficult to read and write information from outside, and a recording medium (20). , A first decryption means (23) for obtaining an encrypted auxiliary key dedicated to the software and decrypting it with a random number obtained from the random number storage means (22), and a recording medium (20) The exclusive encrypted soft key / execution count is acquired, and the first decryption means (2
By the second decryption means (24) for decryption by the auxiliary key obtained by the decryption of 3) and the encrypted software from the recording medium (20), the decryption by the second decryption means (24) It is checked whether the number of executions obtained by the third decryption means (25) for decryption with the obtained soft key and the second decryption means (24) satisfies a predetermined condition, and When the condition (4) is satisfied, the execution count inspection means (26) for instructing the execution of the software and the decryption by the third decryption means (25) in response to the instruction from the execution count inspection means (26). A software execution means (29) for executing the obtained software, and an execution count updating means (27) for updating the execution count obtained by the decoding of the second decoding means (24) along with the execution of the software; Two
The soft key obtained by decryption by the decryption means (24) and the execution count updated by the execution count update means (27) are encrypted with the auxiliary key obtained by the decryption by the first decryption means (23). And a random number storage means (28) that obtains all the encrypted auxiliary keys from the recording medium (20) at a predetermined timing with the first encryption means (28) that stores the encrypted auxiliary key in the recording medium (20). 22) and a fourth decoding means (30) for decoding with the random number acquired from 22), and a random number update for updating the random number stored in the random number storage means (22) in cooperation with the decoding of the fourth decoding means (30). Second means for encrypting the auxiliary key obtained by the decryption of the means (31) and the fourth decryption means (30) with the random number updated by the random number update means (31) and storing it in the recording medium (20). Encryption means (32).

As described above, the twenty-fourth aspect of the present invention is an executor that executes software, and a recording medium that stores a plurality of software, an encrypted soft key / execution count and an encrypted auxiliary key. It consists of and. The first decryption unit included in the execution unit first obtains the encrypted auxiliary key corresponding to the software from the recording medium, decrypts it with the random number stored in the random number storage unit, and obtains the auxiliary key. Next, the second decryption unit obtains the encrypted soft key execution count from the recording medium and decrypts it with the obtained auxiliary key to obtain the soft key and the execution count. Next, the third decryption means obtains the encrypted software from the recording medium, decrypts it with the obtained soft key to obtain the software, and the execution count inspection means determines the obtained execution count under a predetermined condition. Is inspected, and if so, the software execution means is instructed to execute the software. The software executing means executes the requested software in response to the instruction from the execution frequency checking means. The execution count updating means updates the execution count as the software is executed. Subsequently, the first encryption means encrypts the updated execution count with the obtained auxiliary key and stores it in the recording medium. The fourth decryption means obtains all the encrypted auxiliary keys from the recording medium at a predetermined timing and decrypts them with the random numbers stored in the random number storage means to obtain the auxiliary keys. The random number updating means is
The random number stored in the random number storage means is updated in cooperation with the decryption of the fourth decryption means. The second encryption means encrypts the auxiliary key obtained by the decryption by the fourth decryption means with the updated random number and stores it in the recording medium.

As described above, when a plurality of pieces of software are handled, each soft key and the number of times of execution are encrypted with a dedicated auxiliary key, and further, these auxiliary keys are encrypted with random numbers. Then, by updating the random number at a predetermined timing, it becomes impossible to decrypt the copied and encrypted execution count, and an attack that prevents the updated execution count from being written to the recording medium is performed. Can be prevented. It is also possible to prevent unauthorized use of software due to the soft key being known to a third party. Furthermore, it is difficult to read and write information from the outside of the execution unit, regardless of the number of software.
It is only necessary to have an area of a size for storing one random number, and the cost can be kept low.

[0069]

BEST MODE FOR CARRYING OUT THE INVENTION

(First Embodiment) FIG. 1 is a block diagram showing the configuration of a software execution control system according to the first embodiment of the present invention. In FIG. 1, the present system includes a recording medium 1 that stores software and an executor 2 that executes software. The executor 2 includes a random number storage unit 3,
It includes a first decryption unit 4, an execution count inspection unit 5, a second decryption unit 6, a software execution unit 7, an execution count update unit 8, a random number update unit 9, and an encryption unit 10.

FIG. 2 is a flow chart showing the operation of the software execution control system of FIG. The operation of the system shown in FIG. 1 will be described below with reference to FIG.
Now, the random number R is stored in the random number storage unit 3, and a certain software SoftA is stored in the recording medium 1 as the soft key K.
The encrypted software E (K, SoftA) encrypted by and the encrypted soft key / execution count E (R, (K, n)) in which the soft key K and the execution count n are encrypted by the random number R are stored. ing. When the recording medium 1 is connected to the executor 2 and the software SoftA is executed, the executor 2 sets the recording medium 1
The encryption software E (K, SoftA) and the encryption software key / number of times of execution E (R, (K, n)) are acquired from (step S101). Next, the first decoding unit 4 in the executor 2
Determines the soft key K and the execution count n by decrypting the encrypted soft key / execution count E (R, (K, n)) with a random number R (step S102). Next, the execution count inspection unit 5
It is checked whether or not the obtained number of executions n is 1 or more (step S103). If n is 1 or more, the software execution unit 7 is notified of execution OK, and if n is 0, the system is executed. End the operation of. When n is 1 or more, the second decryption unit 6 decrypts the encrypted software E (K, SoftA) with the obtained soft key K to obtain the software SoftA (step S104). Next, the software execution unit 7 receives the notification of execution OK from the execution number inspection unit 5 and executes the obtained software SoftA (step S105).
When the software SoftA is executed, the execution count updating unit 8 decreases the execution count n by 1 and updates it to n '(= n-1) (step S106), and the random number updating unit 9 causes the random number R in the random number storage unit 3 to operate. To R '(step S107). Next, the encryption unit 10 uses the updated random number R ′ and the soft key K
And the number of executions n ′ is encrypted (step S108),
This updated encryption key / execution count E (R ', (K,
n ′)) is stored again in the recording medium 1 (step S10).
9).

Here, it is assumed that the recording medium 1 and the executor 2 satisfy the following conditions. (1) The recording medium can read and write information. (2) Information can be read and written between the recording medium and the executor. (3) Information that moves between the operating units in the executor cannot be read or written from outside the executor. Further, the information obtained and used by each unit during operation is stored in the internal RAM of the executor and used, and is erased after the operation. (4) The random number storage unit in the executor cannot read or write information from other than a special system program that controls execution.

At this time, the software execution control system of FIG. 1 can prevent the first attack as follows. The recording medium 1 is copied before the number of executions n becomes 0. Encryption software E (K,
SoftA), and the encrypted soft key / number of executions E (R, (K, n)) at the time of copying are stored.
To decrypt this encrypted soft key / number of executions E (R, (K, n)), a random number R that is an encryption key is required. When the number of executions n of the execution permission information stored in the recording medium 1 becomes small, even if the copy execution is replaced with a copy and the execution is tried again, the random number in the executor 2 is already updated to a value different from R. And the encrypted softkey stored in the copy /
The soft key K cannot be obtained by decrypting the execution count E (R, (K, n)), and therefore the software SoftA cannot be executed.

At the same time, the software execution control system of FIG. 1 can prevent the second attack as follows. Updated encrypted soft key / number of executions E (R ',
The writing of (K, n ′)) to the recording medium 1 is disturbed between the recording medium and the executor. Even though the random number in the executor 2 is updated from R to R ′, the encrypted soft key encrypted by the random number R before update / the number of executions E (R, (K , N)) is still stored. Therefore, even if the next execution is attempted, the encrypted soft key / execution count E (R, (K, n)) cannot be decrypted with the random number R ′, and therefore the software SoftA cannot be executed. ..

In the present embodiment, the number of times execution is possible is used as a parameter for execution control, and this is decreased by one. However, the upper limit number of executions is set beforehand,
The number of executions may be used as a parameter, and the number may be increased by one. Alternatively, it can be controlled by the execution time. As described above, the parameter for execution control may be an amount that can represent the amount of execution. Further, not only the number of times the software is executed, but also items within one software can be limited to extend the number of times the software is executed. Of course, not only computer software but also games and various other multimedia software may be targeted.

By the way, in the present embodiment, the random number is updated every time the software is executed. However, if the random number is updated every several times of execution, the processing load required for execution control can be reduced. it can. In this case, while the same random number R is used, the above-mentioned first and second attacks are possible,
By appropriately setting the frequency of updating the random numbers, these can be effectively prevented.

In this embodiment, the random number R is updated at different intervals and kept secret to the user, so that the effect of preventing the first and second attacks on the update frequency can be enhanced. .

Furthermore, in the present embodiment, the storage area for storing the random numbers is provided in the recording medium 1 rather than in the executor 2.
By preparing for, it is possible to control only the number of times software is executed without limiting the executor.

Alternatively, in the present embodiment, instead of the recording medium 1, a read-only first recording medium and a readable and writable second recording medium are provided, and the encryption software is the first. It is also possible to store the encrypted soft key / number of executions in the second recording medium. At this time, for example, a CD-ROM may be used as the first recording medium and an expansion memory may be used as the second recording medium.

FIG. 3 is a block diagram showing the configuration of the software execution control system according to this embodiment when the executor receives the distribution of software from the software distributor.
In FIG. 3, the present system includes a recording medium 1 and an executor 2.
And a software distributor 11. Soft distributor 1
1 includes an encryption unit 12, and the executor 2 further includes a third decryption unit 13 in addition to the one in FIG. 1, but here, only necessary portions are displayed.

FIG. 4 is a flow chart showing the operation of the system shown in FIG. The operation of the system shown in FIG. 3 will be described with reference to FIG. In addition to the random number R for execution control, the random number storage unit 3 in the executor 2 stores a random number r for controlling movement of the execution permission information. The executor 2 is required to order the distribution of the software SoftA.
The software distributor 11 is notified of the random number r (step S201). The software distributor 11 notified of the random number r
First, the encryption unit 12 encrypts the soft key K and the execution count n with this random number r. Next, software distributor 11
Is the encrypted soft key / number of executions E (r, (K,
n)) and the encryption software E (K, SoftA) are stored in the recording medium 1 and sent to the executor 2, or sent via a communication line (step S202). Upon receiving these, the execution device 2 first decrypts the encrypted soft key / execution count E (r, (K, n)) with the random number r stored in the random number storage unit 3 in the third decryption unit 13. , The soft key K and the execution count n are obtained (step S203). At this time, the random number updating unit 9 uses the random number r stored in the random number storage unit 3.
To r '(step S204). Subsequently, the execution unit 2 encrypts the soft key K and the execution count n with the random number R stored in the random number storage unit 3 in the encryption unit 10 (step S205), and the encrypted soft key / execution count E ( R, (K, n)) is stored in the recording medium 1 (step S206).

The software distributed as described above cannot be executed by an executor other than the one holding the random number r. Further, when the random number r is used as the encryption key, the random number r is updated every time the software is purchased, so that the execution permission information obtained once can be prevented from being copied and repeatedly used.

In the above procedure, the executor 2 notifies the software distributor 11 of the random number r as it is.
By encrypting, the security can be further enhanced. Moreover, the security is further improved by adding the information of the authentication and the signature.

By the way, in the first embodiment, the software execution control method for the following three cases involving movement of execution permission information between a plurality of execution units or between a software distribution unit and an execution unit. Will be explained. (1) In the case of additionally purchasing execution permission information that allows the software SoftA to be executed N times. The executor 2 internally holds the random numbers R and r. First, the executor 2 notifies the software distributor 11 of the random number r. The soft distributor 11 uses the soft key K and the execution count N.
Is encrypted with the notified random number r and sent to the executor 2. The executor 2 decrypts the sent encrypted soft key / execution count E (r, (K, N)) with the random number r to obtain the soft key K and the execution count N, and at the same time, the internal random number r To r ′. Next, the executor 2 reads from the recording medium 1
Previously purchased encryption soft key / number of executions E (R, (K,
n)) is obtained and decrypted with the random number R to obtain the soft key K and the number of executions n, and the random number R is updated to R ′.
Subsequently, the executor 2 executes the number of executions n + N in which N is added to N.
And the soft key K with the updated random number R ', and this encrypted soft key / number of executions E (R', (K, n + N))
Are stored in the recording medium 1. In this way, the executor 2
Gets permission to run n more times.

(2) When the execution permission information possessed by the first executor is transferred to the second executor. The second executor is connected to the first executor which internally holds the random number R. The first executor notifies the second executor of the random number R and, at the same time, updates the random number R held by itself to R ′. The second executor internally stores the random number R notified from the first executor. The second executor uses the encrypted soft key / execution count E (R, (K,
n)) can be decrypted and the software SoftA can be executed. In this way, the execution permission information held by the first executor is transferred to the second executor,
Executor loses the right to execute.

(3) When the execution permission information owned by the first executor is divided and a part of the information is transferred to the second executor. The first executor internally holds the random numbers R and r. When the first executor decrypts the execution permission information acquired from the recording medium with the random number R to obtain the soft key K and the execution count n, it divides n into n1 and n2. At this time, the first executor updates the random number R to R ′. Next, the soft key K and the number of executions n1 are encrypted by the updated random number R ', and this encrypted soft key / number of executions E (R', (K,
n1)) is stored in a recording medium connected to itself. At the same time, the first executor encrypts the soft key K and the execution count n2 with the random number r, and the encrypted soft key / execution count E
After notifying (r, (K, n2)) and the random number r to the second executor, the internal random number r is updated to r '. Upon receiving these, the second executor stores the random number r in itself inside the encrypted soft key / execution count E (r, (K, n2)).
Is stored in a recording medium connected to itself. In this way, among the execution permission information held by the first execution unit and capable of executing the software SoftA n times, the execution permission information for n2 times is transferred to the second execution unit. The execution permission information for n1 times is left in the executor.

Although the software is encrypted with the soft key in this embodiment, the object can be achieved even if the software is not encrypted.

By the way, the software execution control system of the present embodiment handles one software for one executor. In this system, in order for one execution unit to handle multiple software, it is necessary to prepare a random number for execution control for each software and store it inside the execution unit. Therefore, it is necessary to provide the executor with a storage area having a size capable of storing a plurality of random numbers. Therefore, in the second embodiment described below, even when one execution unit handles a plurality of software at the same time, the execution unit needs to be provided with a storage area capable of storing only one random number. Provide an execution control system.

(Second Embodiment) FIG. 5 shows a second embodiment of the present invention.
3 is a block diagram showing a configuration of a software execution control system according to the exemplary embodiment. FIG. In FIG. 5, the system includes a recording medium 20 that stores software and an executor 21 that executes software. Executor 21
Is a random number storage unit 22, a first decryption unit 23, a second decryption unit 24, a third decryption unit 25, and an execution count inspection unit 26.
An execution count updating unit 27, a first encryption unit 28, and a software execution unit 29.

FIG. 6 is a flow chart showing the operation of the software execution control system of FIG. The operation of the system shown in FIG. 5 will be described with reference to FIG. Recording medium 2
In 0, as information about software SoftA,
The encryption software E (KA, SoftA), the encryption software key / number of executions E (RA, (KA, nA)), and the encryption auxiliary key E (R, RA) are encrypted as information about the software SoftB. Software E (KB, SoftB)
And the encryption soft key / number of executions E (RB, (KB, n
B)) and the encryption auxiliary key E (R, RB) are stored. Here, RA and RB are auxiliary keys dedicated to the software SoftA and software SoftB, respectively, and are E (R, RA) and E (R, RB).
Are each encrypted with a random number R.

Like the random number storage unit 3 in FIG. 1, the random number storage unit 22 is an area that is difficult to read and write, and stores the random number R. When the executor 21 obtains the information about the software SoftA from the recording medium 20 (step S301), the first decryption unit 23 decrypts the encrypted auxiliary key E (R, RA) with the random number R, and the auxiliary key RA. Is obtained (step S302). Subsequently, in the second decryption unit 24, the executor 21 uses the auxiliary key RA to execute the encrypted soft key / execution count E (RA,
(KA, nA)) is decrypted to obtain the soft key KA and the execution count nA (step S303). Furthermore, the executor 2
The first decryption unit 1 decrypts the encrypted software E (KA, SoftA) with the soft key KA in the third decryption unit 25 to obtain the software SoftA (step S304). At the same time, the executor 21 checks whether the number of executions nA is 1 or more in the number-of-executions inspection unit 26 (step S
305), if nA is 1 or more, the software execution unit 29 is notified of execution OK, and in response to this notification, the software execution unit 29 executes the software SoftA (step S306). After that, the execution count updating unit 27 decrements the execution count nA by 1 and updates it to nA ′ (= nA−1) (step S307). The number of executions nA ′ is determined by the first encryption unit 2
In step 8, the data is encrypted with the auxiliary key RA together with the soft key KA (step S308), and the encrypted soft key / number of executions E (RA, (KA, nA ')) is stored again in the recording medium 20 (step S308). S309). Software So
The same applies to ftB.

FIG. 7 is a block diagram showing the configuration of the software execution system when the random number R is updated at a predetermined timing in this embodiment. In FIG. 7, the recording medium 20 stores the same information as that in FIG. The executor 21 includes the fourth decryption unit 30, the random number update unit 31, and the second encryption unit 3 in addition to those in FIG.
2 is included, but only the necessary parts are shown in the figure.

FIG. 8 is a flowchart showing the operation of the system shown in FIG. 7 when updating the random number R at a predetermined timing. The operation of the system shown in FIG. 7 will be described with reference to FIG. When the executor 21 obtains the encrypted auxiliary keys E (R, RA) and B (R, RB) from the recording medium 20 (step S401), the fourth decryption unit 30 decrypts the auxiliary keys by the random number R. RA and RB are obtained (step S402). At this time, the executor 21 updates the random number R stored in the random number storage unit 22 to R ′ in the random number update unit 31 (step S403). Then, the executor 21
In the second encryption unit 32, the auxiliary keys RA and RB are each encrypted with the random number R ′ (step S404), and these encrypted auxiliary keys E (R ′, RA) and E (R ′, R) are encrypted.
B) is stored again in the recording medium 20 (step S40).
5).

As described above, in the second embodiment, the auxiliary key for each software for encrypting the soft key and the number of executions, and the random number R for bundling the auxiliary keys and performing the encryption respectively. Only the random number R is stored in the random number storage section prepared. Therefore, the size of the unreadable and writable area can be minimized and the implementation cost can be kept low.

It is to be noted that updating the random number R as frequently as possible has a greater effect of protecting against the above-mentioned first and second attacks, but when the number of software stored in the recording medium is large. Especially, the processing load becomes large. Therefore, the update frequency is determined in consideration of the trade-off. Also, as described in the first embodiment, the update interval can be made variable and secret,
It is effective in improving safety.

Further, in the present embodiment, the software is configured to be encrypted with the soft key, but the object can be achieved even if the software is not encrypted.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a configuration when executing software of a software execution control system according to a first embodiment of the present invention.

FIG. 2 is a flowchart showing an operation of the software execution control system of FIG.

FIG. 3 is a block diagram showing a configuration of the software execution control system according to the first exemplary embodiment of the present invention when an executor receives distribution of software from a software distributor.

FIG. 4 is a flowchart showing an operation of the software execution control system of FIG.

FIG. 5 is a block diagram showing a configuration when executing software of a software execution control system according to a second exemplary embodiment of the present invention.

6 is a flowchart showing the operation of the software execution control system of FIG.

FIG. 7 is a block diagram showing a configuration of a software execution control system according to a second embodiment of the present invention when updating a random number.

8 is a flowchart showing an operation of the software execution control system of FIG.

FIG. 9 is a block diagram showing a configuration of a software execution control system according to a first conventional example.

FIG. 10 is a block diagram showing a configuration of a software execution control system according to a second conventional example.

FIG. 11 is a block diagram showing a configuration of a software execution control system according to a third conventional example.

[Explanation of symbols]

 1, 20, 103, 110 recording medium 2, 21, 101, 111 executor 3, 22 random number storage unit 4, 23 first decoding unit 5, 26, 106, 119 execution count checking unit 6, 24 second decoding Part 7, 29 Software execution unit 8, 27, 107, 118 Execution count update unit 9, 31 Random number update unit 10, 108 Cryptographic unit 11 Soft distributor 13, 25 Third decryption unit 28 First cryptographic unit 30 Fourth Decryption unit 32 Second encryption unit 102, 113 Unique key storage unit 104, 105, 114, 117 Decryption unit 112 Coprocessor 115 Soft key storage unit 116 Execution count storage unit

Claims (24)

[Claims] 1. A software execution control system for controlling execution of software according to predetermined execution permission information and preventing unauthorized use of the execution permission information, wherein the software and encrypted execution permission are included. A recording medium that stores information and is capable of reading and writing information is connected to an execution unit that executes software so that information can be transmitted. The execution unit stores random numbers and stores information from outside of itself. Random number storage means that is difficult to read and write, decryption means that obtains encrypted execution permission information from the recording medium, and decrypts with the random number obtained from the random number storage means, and software is obtained from the recording medium. And software execution means for executing according to the execution permission information obtained by decryption by the decryption means, and execution of software In connection with, the random number updating means for updating the random number stored in the random number storage means, and the execution permission information obtained by the decoding of the decoding means,
After the software executing means executes the software, the software is encrypted with the random number updated by the random number updating means,
A software execution control system, comprising: an encryption means for storing in the recording medium. 2. The apparatus further comprises execution permission information updating means for updating the execution permission information obtained by the decryption of the decryption means as the software is executed, and the encryption means is updated by the execution permission information updating means. The software execution control system according to claim 1, wherein the executed permission information is encrypted by the random number updated by the random number updating unit and stored in the recording medium. 3. The software execution control system according to claim 1, wherein the random number updating means updates the random number stored in the random number storing means every time the software is executed. 4. The random number updating means updates the random number stored in the random number storing means once every predetermined plural times of execution of the software.
Alternatively, the software execution control system described in 2. 5. The random number updating means updates the random number stored in the random number storing means once every time a predetermined number of times of execution of the software is executed, and the information about the update interval of the random number is provided to the software user. The software execution control system according to claim 1, wherein the software execution control system is kept secret. 6. The software execution control system according to claim 1, wherein the random number storage means is provided in the recording medium instead of being provided in the executor. 7. A read-only first recording medium and a readable / writable second recording medium are connected to the executor instead of the recording medium, and the first recording medium is software. Store the second
The software execution control system according to claim 1 or 2, wherein the recording medium stores the encrypted execution permission information. 8. The software stored in the recording medium is encrypted, and the software executing means obtains the encrypted software from the recording medium and is obtained by decryption by the decrypting means. 3. The software execution control system according to claim 1, wherein the software execution control system decrypts the software according to the execution permission information and executes the software obtained by the decryption. 9. A software execution control system for controlling execution of software according to predetermined execution permission information, and preventing unauthorized use of the execution permission information, comprising a plurality of software, encrypted A recording medium that stores the execution permission information and the encrypted auxiliary key and is capable of reading and writing information is connected to an execution unit that executes software in an information transferable manner, and the execution unit stores a random number. In addition, the first random number storing means that is difficult to read and write information from outside the self and the encrypted auxiliary key are obtained from the recording medium and are decrypted by the random number obtained from the random number storing means. A decryption unit, and a first decryption unit that obtains encrypted execution permission information from the recording medium and decrypts with the auxiliary key obtained by the decryption of the first decryption unit. Decryption means, software execution means for obtaining corresponding software from the recording medium, and executing the software according to the execution permission information obtained by the decryption by the second decryption means, and decryption means for the second decryption means. A first encryption unit that encrypts the obtained execution permission information with the auxiliary key obtained by the decryption of the first decryption unit after the software execution unit executes the software, and stores the encrypted information in the recording medium. A third decryption unit that obtains all encrypted auxiliary keys from the recording medium and decrypts them with the random number stored in the random number storage unit in association with execution of software; A random number updating means for updating the random number stored in the random number storage means in cooperation with the decryption by the means, and an auxiliary key obtained by the decryption by the third decryption means,
A software execution control system comprising: a second encryption unit that encrypts the random number updated by the random number updating unit and stores the encrypted random number in the recording medium. 10. The apparatus further comprises execution permission information updating means for updating the execution permission information obtained by the decryption of the second decryption means as the software is executed, and the first encryption means is adapted to execute the execution. 10. The execution permission information updated by the permission information updating unit is encrypted with the auxiliary key obtained by the decryption of the first decryption unit and stored in the recording medium. Software execution control system. 11. The third decryption means obtains all encrypted auxiliary keys from the recording medium every time the software is executed, and decrypts them with the random number stored in the random number storage means. Software execution control system according to claim 9 or 10, characterized in that 12. The third decryption means obtains all encrypted auxiliary keys from the recording medium once every predetermined plural times of software execution, and stores them in the random number storage means. 11. The software execution control system according to claim 9, wherein the software execution control system is configured to perform decoding with a random number. 13. The third decryption means obtains all encrypted auxiliary keys from the recording medium once for execution of a predetermined variable number of times of software, and stores them in the random number storage means. 10. The information is decrypted with the generated random number, and information regarding the decryption interval of the encrypted auxiliary key is kept secret to the software user.
Alternatively, the software execution control system according to item 10. 14. The software execution control system according to claim 9, wherein the random number storage means is provided in the recording medium instead of being provided in the executor. 15. A read-only first recording medium and a readable / writable second recording medium are connected to the execution unit instead of the recording medium, and the first recording medium is software. Store the second
11. The recording medium according to claim 9 stores encrypted execution permission information, and the random number storage means is provided in the second recording medium instead of being provided in the executor. The software execution control system described in. 16. The software stored in the recording medium is encrypted, and the software executing means obtains the corresponding encrypted software from the recording medium to perform the second decryption. 11. The software execution control system according to claim 9 or 10, wherein the software is decrypted according to the execution permission information obtained by the decryption by the means, and the software obtained by the decryption is executed. 17. An execution unit that executes software, a recording medium that is connected to the execution unit so that information can be transmitted, and is capable of reading and writing information, and execution permission information is distributed in response to a request from the execution unit. A software execution control system comprising a software distributor for preventing unauthorized use of execution permission information distributed from the software distributor, wherein the software distributor holds execution permission information, and The recording medium stores software, the executor stores random numbers in a storage area where it is difficult to read and write information from outside, and when the execution permission information is requested to be distributed, The execution unit notifies the software distribution unit of the stored random number, and the software distribution unit encrypts the execution permission information with the notified random number, Upon distribution of the encrypted execution permission information, the execution unit decrypts the distributed execution permission information with the stored random number, and stores it in cooperation with the decryption. A software execution control system characterized by updating a random number being generated. 18. An execution unit that executes software, a recording medium that is connected to the execution unit so that information can be transmitted, and is capable of reading and writing information, and execution permission information is distributed according to the request of the execution unit. The software execution is performed by adding the execution permission information additionally distributed from the software distributor to the execution permission information held by the execution unit, and preventing the unauthorized use of the execution permission information. In the control system, the executor stores the first and second random numbers in a storage area where it is difficult to read and write information from outside the self, and the recording medium is software and the first random number. Encrypted execution permission information is stored, the software distributor holds second execution permission information, and the execution unit distributes the second execution permission information. In determining the soft notifies the second random number with respect to distributor, the soft distributor is notified the second with the second random number
Of the execution permission information is distributed to the execution unit, and when the execution unit receives the second encrypted execution permission information, the execution unit stores the received second encrypted execution permission information. The second random number being stored is decrypted to obtain the second execution permission information, and the stored second random number is updated in cooperation with the decryption of the second encrypted execution permission information. The first encrypted execution permission information is obtained from the recording medium, decrypted with the stored first random number to obtain the first execution permission information, and the first encrypted execution permission information is obtained. In cooperation with the decryption of information, the stored first random number is updated, and the third random number is updated based on the obtained first and second execution permission information.
The software execution control system is characterized in that the execution permission information is created, the created third execution permission information is encrypted with the updated first random number, and is stored in the recording medium. 19. The first and second execution units for executing software, and a recording medium capable of reading and writing information, wherein the execution permission information held by the first execution unit is stored in the second execution unit. A software execution control system for transferring to an execution unit and preventing unauthorized use of execution permission information, wherein the first execution unit is a storage area in which it is difficult to read and write information from outside of itself. A random number is stored in the recording medium, the recording medium stores software and encrypted execution permission information, and the first execution unit sends the first execution unit to the second execution unit. When the execution permission information held by the executor is transferred, the first executor and the second executor are connected to each other so that information can be transmitted, and the first executor stores its own information. Random number that is the second execution When the second execution unit receives the notification of the random number, the second execution unit receives the notification of the random number and reads the information from the outside of itself. And a software execution control system characterized by storing in a storage area where writing is difficult. 20. First and second executors that execute software, and a first readable and writable information connected to each executor so that information can be transmitted.
And a second recording medium, part of the execution permission information held by the first execution device is transferred to the second execution device, and unauthorized use of the execution permission information is prevented. The first execution unit stores the first and second random numbers in a storage area in which it is difficult to read and write information from outside, and the first execution unit stores the first and second random numbers. The first recording medium stores software and encrypted execution permission information, the second recording medium stores software, and the first execution unit changes from the second execution unit to the second execution unit. On the other hand, when a part of the execution permission information held by the first execution unit is transferred, the first execution unit and the second execution unit are connected so that information can be transmitted, 1 execution unit is encrypted from the first recording medium. Obtained execution permission information, and decrypts it with the stored first random number. In cooperation with the decryption, the stored first random number is updated, and the obtained execution permission information is decrypted. The first execution permission information is divided into the first execution permission information and the second execution permission information, and the first execution permission information obtained by the division is encrypted with the updated first random number and stored in the first recording medium. , The second execution permission information obtained by division is stored in the second
The second random number and the second encrypted execution permission information are notified to the second executor, and the stored second random number is linked to the notification. And the second executor receives the second random number and the second encrypted execution permission information, it is difficult to read and write the second random number from outside the self. Software execution control system, wherein the second encrypted execution permission information is stored in the second recording medium in each storage area. 21. A software execution control system which requires a soft key to execute software, and which prevents unauthorized use of the soft key, the encrypted software and the encrypted soft key. A recording medium that is capable of storing and reading and writing information is connected to an execution unit that executes software so that information can be transmitted. The execution unit stores a random number and can read and write information from outside of itself. A random number storage means that is difficult to write; a first decryption means that obtains an encrypted soft key from the recording medium and decrypts it with the random number obtained from the random number storage means; Second decryption means for obtaining software and decrypting with the soft key obtained by decryption by the first decryption means; Software executing means for executing the software obtained by the program, a random number updating means for updating the random number stored in the random number storing means in association with the execution of the software, and A software execution control system, comprising: an encryption unit that encrypts the soft key with an updated random number and stores the encrypted soft key in the recording medium. 22. A software execution control system for executing software when the number of executions satisfies a predetermined condition, and preventing unauthorized use of the number of executions. A recording medium that can store the number of times and read and write information is
Information is communicatively connected to an execution unit that executes software, and the execution unit stores random numbers, and random number storage means that makes it difficult to read and write information from outside the self, and is encrypted from the recording medium. And a decoding unit for decoding the random number obtained from the random number storage unit and the number of executions obtained by the decoding of the decoding unit to check whether a predetermined condition is satisfied, When the condition of is satisfied, execution count checking means for instructing execution of software, software execution means for executing software in response to the instruction from the execution count checking means, and decoding for software execution And a random number for updating the random number stored in the random number storage means in cooperation with execution of software A software execution control system comprising: an updating unit; and an encrypting unit that encrypts updated execution count information with an updated random number and stores the encrypted execution number information in the recording medium. 23. A software execution control system for executing software obtained by decryption with a soft key and preventing unauthorized use of the execution count and soft key when the execution count satisfies a predetermined condition. A recording medium that stores encrypted software and encrypted soft key / execution count, and is capable of reading and writing information is connected to an execution unit that executes software in an information transferable manner. The executor stores a random number and stores a random number in which it is difficult to read and write information from outside, and an encrypted soft key / execution count is acquired from the recording medium to store the random number. First decryption means for decrypting the random number obtained from the means, and decryption of the first decryption means by obtaining encrypted software from the recording medium. Therefore, it is checked whether the second decryption means for decrypting with the obtained soft key and the number of execution times obtained by the decryption by the first decryption means satisfy a predetermined condition, and the predetermined condition is satisfied. In the case of performing, the execution count inspecting means for instructing execution of the software, and the second count in response to the instruction from the execution count inspecting means.
The software execution means for executing the software obtained by the decryption of the decryption means, the execution count updating means for updating the execution count obtained by the decryption as the software is executed, and the software execution means Random number updating means for updating the random number stored in the random number storage means, and encryption means for encrypting the soft key obtained by decryption and the updated number of executions with the updated random number and storing it in the recording medium. A software execution control system including. 24. A software execution control system for executing software obtained by decrypting with a soft key when the number of executions satisfies a predetermined condition, and preventing unauthorized use of the soft key and the number of executions. Where a plurality of encrypted software, encrypted soft keys / execution times and encrypted auxiliary keys are stored,
In addition, a recording medium capable of reading and writing information is connected to an execution unit that executes software so that information can be transmitted, and the execution unit stores random numbers, and it is difficult to read and write information from outside of itself. A random number storage unit, a first decryption unit that obtains an encrypted auxiliary key dedicated to the software from the recording medium, and decrypts with the random number obtained from the random number storage unit; and from the recording medium, A second decryption unit that obtains an encrypted soft key / execution count dedicated to the software, and decrypts it with the auxiliary key obtained by the decryption of the first decryption unit; Third decryption means for obtaining the software and decrypting it with the soft key obtained by the decryption by the second decryption means; and decryption by the second decryption means. The number of executions checks whether or not a predetermined condition is satisfied, and when the predetermined number of times is satisfied, an execution count inspection means for instructing execution of the software, and a response to the instruction from the execution count inspection means And the third
Software execution means for executing the software obtained by the decryption of the decryption means, and execution count updating means for updating the execution count obtained by the decryption of the second decryption means in association with the execution of the software; The soft key obtained by the decryption of the decryption means and the execution count updated by the execution count update means are encrypted by the auxiliary key obtained by the decryption of the first decryption means, and are recorded on the recording medium. A first encryption means for storing; a fourth decryption means for acquiring all the encrypted auxiliary keys from the recording medium at a predetermined timing and decrypting them with the random number acquired from the random number storage means; A random number updating means for updating the random number stored in the random number storing means in cooperation with the decryption by the fourth decrypting means, and an auxiliary key obtained by the decrypting by the fourth decrypting means,
A software execution control system comprising: a second encryption unit that encrypts the random number updated by the random number updating unit and stores the encrypted random number in the recording medium.