WO2003079164A2 - Vorrichtung zum schutz gegen unauthorisierte benutzung von software - Google Patents
Vorrichtung zum schutz gegen unauthorisierte benutzung von software Download PDFInfo
- Publication number
- WO2003079164A2 WO2003079164A2 PCT/EP2003/002602 EP0302602W WO03079164A2 WO 2003079164 A2 WO2003079164 A2 WO 2003079164A2 EP 0302602 W EP0302602 W EP 0302602W WO 03079164 A2 WO03079164 A2 WO 03079164A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- processor
- key
- program code
- software
- receives
- Prior art date
Links
- 238000000034 method Methods 0.000 claims abstract description 10
- 230000002085 persistent effect Effects 0.000 claims description 3
- 230000002950 deficient Effects 0.000 abstract 1
- 230000006399 behavior Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45504—Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
Definitions
- the invention relates to a device for protection against the unauthorized use of software.
- the disadvantage of this copy protection device is that the copy protection manufacturer cannot change the processor type on the connector component without having to make significant changes to the protected applications and the secret program codes.
- the application manufacturer is limited to the use of the connector component of a certain copy protection manufacturer.
- the use of plug components from other copy protection manufacturers is generally not possible without changing the application if these are different processor types use.
- Another disadvantage is that the copy protection manufacturer can only use processors that enable the program code to be read from a RAM. Since the programs should be interchangeable, reading from a ROM or EPROM is prohibited. It is generally not possible to use smart card controllers that meet high security standards, since they usually only execute permanently stored program code.
- the creation of a standard for license transactions becomes impossible if copy protection manufacturers use different processor types with different instruction sets.
- the present invention is based on the object of enabling the execution of secret, interchangeable program codes to be independent of the processor type to protect against unauthorized use of an application and to enable the use of controllers with program memory, in particular smart card controllers, for execution.
- the creation of a standard for license transactions is also to be supported.
- a first processor (2) emulates a possibly fictitious, second processor (3).
- the architecture and instruction set of the second processor (3) can be published.
- a copy protection manufacturer has to implement the instruction set on the processor type of his choice in an instruction interpreter.
- a protected application is independent of the implementation of this instruction interpreter and independent of the specific properties of the first processor (2).
- the copy protection devices from different manufacturers are compatible with one another.
- a protected application can work together with copy protection devices from different manufacturers. This consequence is particularly important if the copy protection device is to be integrated into mobile telephones.
- Another consequence is that a copy protection manufacturer changes the first processor (2) at any time. can be if, for example, this is no longer available without an application manufacturer having to change the application.
- a smart card controller is described in claim 2. According to this claim, it is also possible to use a processor of the computing system (7), e.g. to have the processor of a PC executing the application or a security controller mounted on the PC motherboard emulate the second processor (3).
- the secret program codes (4) are transmitted in encrypted form to the first (2) or second processor (3), decrypted and executed. This can be done in one step or in several sub-steps.
- the secret program codes (4) are preferably transmitted from the computer system (7) to the first (2) or second processor (3). In order to keep the memory requirement for the emulation low, it can make sense to carry out the transfer in several steps.
- the first processor (2) informs the computing system which program code (4) is to be transmitted next, which depends on the status of the second processor (3), generally on the newly calculated program counter. In this way, a virtual program memory is implemented.
- a virtual data memory of the second processor (3) can also be implemented in a similar manner.
- the encryption and decryption is carried out in two steps.
- the program code (4) is encrypted with a key (8) of symmetrical encryption.
- the key (8) is then encrypted with a public key (9) and transmitted together with the program code (4) to the first (2) or second processor (3).
- the program code (4) is then decrypted using the key (8). This procedure enables an application developer to select process or processor types for executing the program code (4).
- the second processor (3) could according to claim 5 data, e.g. Read and write license information in persistent storage. If the instruction set of the second processor (3) contains cryptological instructions as described in claim 6, second processors (3) can exchange encrypted data with one another or e.g. a second processor (3) emulate other data generators that perform crypto functions.
- a further possibility, in addition to a plug component that can be connected to a PC, to emulate a second processor (3) is the use of cordless, preferably handy devices, such as mobile telephones, pocket computers, etc. This is described in claims 8 and 9.
- This possibility makes it easier for the user the protected application the handling of the copy protection.
- the user only needs to have his mobile phone with him, for example, and can then use a protected but licensed application even when changing locations without any further manipulation.
- the user can access a software license on his mobile phone via an Internet connection or by dialing a specific telephone number. Transfer fon what is claimed in claims 10 and 11. In the latter case, the license value could, for example, be invoiced via the telephone bill.
- the security controller which is generally present to emulate the second processor (3).
- a plug component connected to a computing system (7) contains a first processor (2) with an instruction set which contains an instruction for decoding.
- the first processor (2) also contains working registers and a RAM and is protected against reading memory contents and manipulation from the outside.
- a program stored in a ROM of the first processor (2) emulates a second processor (3) which also contains working registers and RAM. This RAM and these working registers are stored in the RAM of the first processor (2).
- the instructions of the second processor (3) are implemented with the aid of an interpreter which is also stored in the ROM of the first processor (2) and which detects the instruction opcodes of the programs intended for the second processor (3) and triggers specific actions for each instruction which is recognized, such as changing the register contents of the second processor (3) or sending or receiving data to or from the computing system (7).
- An application (1) is started in the computing system.
- the application (1) sends an encrypted program code (4) to the first processor (2).
- the first processor (2) decrypts the program code (4) with the aid of its decryption instruction. Now the first processor (2) begins to interpret the decrypted program code, which is equivalent to emulating the second processor (3).
- the program code (4) contains instructions with which data sent by the computing system (7) are received.
- This data is processed using the interpreted program code (4) and results are sent to the computing system (7) which the active application (1) requires.
- the process executing the application (1) goes into an error state, for example the application (1) deviates from its intended behavior. This prevents sensible use of the application (1) and thus protects the application (1) against unauthorized use.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Remote Sensing (AREA)
- Radar, Positioning & Navigation (AREA)
- Storage Device Security (AREA)
- Hardware Redundancy (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/507,880 US7913310B2 (en) | 2002-03-18 | 2003-03-13 | Device for protecting against unauthorized use of software |
DE10391022T DE10391022D2 (de) | 2002-03-18 | 2003-03-13 | Vorrichtung zum Schutz gegen unautorisierte Benutzung von Software |
AU2003212347A AU2003212347A1 (en) | 2002-03-18 | 2003-03-13 | Device for protection against unauthorized use of software |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE20204651.6 | 2002-03-18 | ||
DE20204651U DE20204651U1 (de) | 2002-03-18 | 2002-03-18 | Vorrichtung zum Schutz gegen unauthorisierte Benutzung von Software |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2003079164A2 true WO2003079164A2 (de) | 2003-09-25 |
WO2003079164A3 WO2003079164A3 (de) | 2004-09-02 |
Family
ID=27740788
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2003/002602 WO2003079164A2 (de) | 2002-03-18 | 2003-03-13 | Vorrichtung zum schutz gegen unauthorisierte benutzung von software |
Country Status (4)
Country | Link |
---|---|
US (1) | US7913310B2 (de) |
AU (1) | AU2003212347A1 (de) |
DE (2) | DE20204651U1 (de) |
WO (1) | WO2003079164A2 (de) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7761921B2 (en) * | 2003-10-31 | 2010-07-20 | Caterpillar Inc | Method and system of enabling a software option on a remote machine |
US8484632B2 (en) * | 2005-12-22 | 2013-07-09 | Sandisk Technologies Inc. | System for program code execution with memory storage controller participation |
US8479186B2 (en) * | 2005-12-22 | 2013-07-02 | Sandisk Technologies Inc. | Method for program code execution with memory storage controller participation |
US9767324B2 (en) * | 2014-11-22 | 2017-09-19 | Intel Corporation | Transparent execution of secret content |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5447322A (en) | 1990-12-14 | 1995-09-05 | Solomon, S.A. | Ski for winter sports comprising a stiffener and a base |
WO1999043397A1 (en) | 1998-02-24 | 1999-09-02 | K-2 Corporation | Ski board with geometrically controlled torsion and flex |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5088033A (en) * | 1986-04-28 | 1992-02-11 | Xerox Corporation | Data processing system emulation in a window with a coprocessor and I/O emulation |
US5093776A (en) | 1989-06-15 | 1992-03-03 | Wang Laboratories, Inc. | Information processing system emulation apparatus and method |
US5787305A (en) | 1995-04-25 | 1998-07-28 | Pc-Tel, Inc. | Host signal processing modem using a software simulation of a UART |
US5761499A (en) * | 1995-12-21 | 1998-06-02 | Novell, Inc. | Method for managing globally distributed software components |
US5854891A (en) * | 1996-08-09 | 1998-12-29 | Tritheim Technologies, Inc. | Smart card reader having multiple data enabling storage compartments |
US6229894B1 (en) * | 1997-07-14 | 2001-05-08 | Entrust Technologies, Ltd. | Method and apparatus for access to user-specific encryption information |
US6188995B1 (en) * | 1997-07-28 | 2001-02-13 | Apple Computer, Inc. | Method and apparatus for enforcing software licenses |
US6198941B1 (en) * | 1998-08-07 | 2001-03-06 | Lucent Technologies Inc. | Method of operating a portable communication device |
JP2002530772A (ja) * | 1998-11-24 | 2002-09-17 | テレフオンアクチーボラゲット エル エム エリクソン(パブル) | 移動電話による自動pcログオン |
US6564178B1 (en) * | 1999-04-13 | 2003-05-13 | Hewlett-Packard Company | Method and apparatus for evaluating processors for architectural compliance |
JP2001273135A (ja) | 2000-03-28 | 2001-10-05 | Nec Corp | 携帯電話を用いた個人認証方法と装置 |
US7921290B2 (en) * | 2001-04-18 | 2011-04-05 | Ipass Inc. | Method and system for securely authenticating network access credentials for users |
US20030115038A1 (en) * | 2001-12-18 | 2003-06-19 | Roy Want | Method and device for emulating electronic apparatus |
CA2417581C (en) * | 2002-01-28 | 2008-04-01 | Research In Motion Limited | Multiple-processor wireless mobile communication device |
-
2002
- 2002-03-18 DE DE20204651U patent/DE20204651U1/de not_active Expired - Lifetime
-
2003
- 2003-03-13 WO PCT/EP2003/002602 patent/WO2003079164A2/de not_active Application Discontinuation
- 2003-03-13 DE DE10391022T patent/DE10391022D2/de not_active Ceased
- 2003-03-13 US US10/507,880 patent/US7913310B2/en not_active Expired - Fee Related
- 2003-03-13 AU AU2003212347A patent/AU2003212347A1/en not_active Abandoned
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5447322A (en) | 1990-12-14 | 1995-09-05 | Solomon, S.A. | Ski for winter sports comprising a stiffener and a base |
WO1999043397A1 (en) | 1998-02-24 | 1999-09-02 | K-2 Corporation | Ski board with geometrically controlled torsion and flex |
Also Published As
Publication number | Publication date |
---|---|
DE10391022D2 (de) | 2005-02-17 |
DE20204651U1 (de) | 2003-08-07 |
AU2003212347A1 (en) | 2003-09-29 |
US7913310B2 (en) | 2011-03-22 |
US20050229259A1 (en) | 2005-10-13 |
WO2003079164A3 (de) | 2004-09-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2742643B1 (de) | Vorrichtung und verfahren zum entschlüsseln von daten | |
DE10319435B4 (de) | Verfahren zur Verarbeitung von Daten zum Schutz eines Softwareprogramms vor Rekonstruktion | |
DE102009041176B4 (de) | Compiler-System und Verfahren zum Kompilieren eines Quellencodes zu einem verschlüsselten Maschinensprachcode | |
DE602004005025T2 (de) | Instruktionen zur verarbeitung einer verschlusselten nachricht | |
DE60308990T2 (de) | Schutz eines gerätes gegen unerwünschte verwendung in einem sicheren umfeld | |
EP0520228A2 (de) | Datenverarbeitungsanlage mit Zugriffsschutz | |
EP1184771A1 (de) | Verfahren zum Schutz von Computer-Software und/oder computerlesbaren Daten sowie Schutzgerät | |
DE102005031629A1 (de) | System mit mehreren elektronischen Geräten und einem Sicherheitsmodul | |
DE3321910A1 (de) | Vorrichtung und verfahren zum schuetzen von software | |
EP2510475B1 (de) | Hardware-einrichtung | |
EP1980080B2 (de) | Verfahren und vorrichtung zur vereinbarung eines gemeinsamen schlüssels zwischen einem ersten kommunikationsgerät und einem zweiten kommunikationsgerät | |
DE102015201298A1 (de) | Verfahren zum kryptographischen Bearbeiten von Daten | |
DE102019110440A1 (de) | Replay-Schutz für Speicher auf der Basis eines Schlüsselauffrischens | |
DE112012007169T5 (de) | In einem Kabel eingebettete aktive Komponente | |
WO2003079164A2 (de) | Vorrichtung zum schutz gegen unauthorisierte benutzung von software | |
DE602004011965T2 (de) | Verfahren und schaltung zum identifizieren und/oder verifizieren von hardware und/oder software eines geräts und eines mit dem gerät arbeitenden datenträgers | |
EP2535834B1 (de) | Verfahren zur Durchführung eines Schreibzugriffs, Computerprogrammprodukt, Computersystem und Chipkarte | |
WO2006072568A1 (de) | Tragbarer datenträger mit wasserzeichen-funktionalität | |
EP3497606B1 (de) | Individuelles verschlüsseln von steuerbefehlen | |
DE102014208848A1 (de) | Verfahren zum Überwachen eines elektronischen Sicherheitsmoduls | |
EP3422234B1 (de) | Container-image, computerprogrammprodukt und verfahren | |
WO2007113163A1 (de) | Verbessertes digitales rechtemanagement für gruppen von geräten | |
EP1904980A1 (de) | Verfahren zum betreiben eines tragbaren datenträgers | |
DE102017011099A1 (de) | Sichere Speicheranordnung | |
DE102008051578A1 (de) | Datenkommunikation mit portablem Endgerät |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 10507880 Country of ref document: US |
|
REF | Corresponds to |
Ref document number: 10391022 Country of ref document: DE Date of ref document: 20050217 Kind code of ref document: P |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10391022 Country of ref document: DE |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: JP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8607 |