Electrical computers and digital processing systems: support – Data processing protection using cryptography – Computer instruction/address encryption
Reexamination Certificate
1998-12-30
2002-10-08
Smithers, Matthew (Department: 2131)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Computer instruction/address encryption
Reexamination Certificate
active
06463538
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates generally to the field of computer software protection against unauthorized use, and more particularly to an improved method for protection of vendor's computer software uniquely and unpredictably, to deter unauthorized use.
2. Related Art
The field of computer software protection is developing rapidly and there is presently a variety of means for protecting computer software from unauthorized use, including hardware and software protection. The need for protecting computer software arises for several reasons. Some individuals and institutions may attempt to use computer software without proper licensing. Others may try to gain unauthorized access to computers.
Some protection methods used by computer security vendors require insertion, within the protected software, of specific software security modules, commonly referred to as callable security checks. The software security modules, in the course of protected software execution, verify whether the protected software is properly licensed. The methods employed in order to enable execution of protected software applications without proper licensing include disabling or removal of protection code, such as license verification modules, from the protected computer software. The adversaries who specialize in disabling or removal of the protection code are often referred to as “crackers”, and successful disabling or removal of the protection code, such as a license verification module, is referred to as a “hack”.
Another protection method includes performing an automatic security or code protection check, by wrapping the original software application in a protective layer code, commonly referred to as shelling technology, and executing the protective layer code before executing the original application code. Therefore, the protective layer code verifies for proper licensing of the computer software and performs code protection. The shelling technology often has additional routines for encrypting the original application code for code protection. However, the shelling protective layer code is the same for all users of the particular original software application, and it is not hard to hack by cutting off the protective layer code or only the first few instructions of the start up code.
In order to be able to disable or remove the protection code, such as the license verification module, the crackers first have to understand the protection code operation and then to employ the necessary means and techniques to hack the code. To understand the protection code, such as license verification module, it is usually necessary to debug and then disassemble or decompile the protected computer software or its particular part.
Mutating code is used in some computer viruses. Usually, the mutating code is limited to a small initial portion of the virus code, which self-decrypts the embedded, fixed virus code. Then, an anti-virus software application tries to execute the small initial portion of the mutating code, and, if successful, the fixed virus code is exposed and compared with a list of known virus codes. The software application of Software Security, Inc., named UniKey ToolBox library (versions prior to version
4
), utilizes a small startup section generated uniquely for each of its customers. The startup code is used to decrypt the remaining, fixed library code. The purpose of the startup code is similar to the mutating virus code, to make it harder to identify the code using a simple comparison.
When security vendors make their software protection software applications commercially available, they distribute copies of the same software protection software application, which realizes a particular method of software protection, such as a decryption key, to many or all their customers. The pitfall of this approach is that a cracker has to analyze and understand the security software application only once, and then the disabling or removal of the license verification module can be performed on all application software modules protected by this particular vendor's security software application.
This hacking approach is commonly referred to as a “generic hack”. It disables the security vendor's software protection software application by distribution of the hack procedure or the now-unprotected version of the software to many individuals. In the past, the effect of such a generic hack only had limited impact, within a particular local market where the cracker operating and a local market where the software was distributed. However, in the age of global networks, such as Internet, a generic hack technique, or a decryption code, can easily and effectively be distributed worldwide by means of e-mail, hacker discussion forums or Web sites, resulting in a severe impact on security vendors, their software protection software applications and customers.
Another hack technique includes protecting a whole package of application software with the same tool routine. For example, the tool routine may XOR a parameter value with the code. The parameter value may be different for each program, but the technique is the same and the code execution pattern is the same. Therefore, when a cracker breaks one application, it is easy to hack the others.
Yet another approach is to use a library (fixed set) of protection tool routines. When a protection software runs, it picks randomly a library tool routine from the fixed set of tool routines and applies it. However, a hacker can get the library of protection tool routines easily, e.g., from a demo version of the tool routines or as a valid purchaser of the tool routine library.
Still another approach is to randomize the parameter values used in the particular protection tool, to be added to the protective software algorithm. However, the tool algorithm remains the same every time the software runs, and if hacked, the technique can be easily distributed.
Accordingly, there is a need in the art for a security software application, using a method for protection of vendors' computer software uniquely and unpredictably, to deter unauthorized use.
SUMMARY OF THE DISCLOSURE
Therefore, preferred embodiments of the present invention provide an advantage of improving the security features of protection computer software in such a way that prevents hacks, more particularly generic hacks. According to preferred embodiments of the present invention, this advantage is achieved by thoroughly randomizing the protection code.
Some embodiments of the present invention include a computer-based software protection system using a method for run-time randomization and creation of a new algorithm and code each time an original software application is protected. A random source code generator is used for generating a plurality of randomized shelling include source files and a plurality of randomized run-time include files. A compiler and a linker are used for compiling and linking a shelling source code containing the randomized shelling include source files to create a shelling program binary code, and for compiling and linking a runtime source code including the randomized run-time include files to create a run-time binary code, whereby the created shelling program is useable to read the generated run-time binary code and the original software application, for creating a deliverable randomly protected software application executable code.
Other embodiments include a computer-based software protection system using a method for run-time randomization. The system has a shelling program, having a random binary code generator, for generating a random run-time shelling code and a random binary run-time code, whereby the created random run-time shelling code is useable to read the generated random run-time binary code and an original software application, for creating a randomly protected software application.
Other embodiments include a computer-based software protection system, useable by a language interpreter software, using a method for
Rainbow Technologies, Inc.
Smithers Matthew
LandOfFree
Method of software protection using a random code generator does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method of software protection using a random code generator, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method of software protection using a random code generator will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2984224