Electrical computers and digital processing systems: support – Data processing protection using cryptography – Computer instruction/address encryption
Reexamination Certificate
1999-08-18
2003-07-22
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Computer instruction/address encryption
C713S189000, C713S152000, C713S152000
Reexamination Certificate
active
06598166
ABSTRACT:
FIELD OF THE INVENTION
This invention relates to microprocessor systems for processing encrypted computer program instructions, wherein execution of the encrypted program is performed by digital logic hardware. More specifically, the invention relates to logic configuration changes in microprocessor systems for the purpose of processing encrypted software programs without prior decryption.
BACKGROUND OF THE INVENTION
Software, being processed by a microprocessor or other computer system, can be analyzed to determine its otherwise hidden functionality. In addition to observing the output performance of the software, it is often desirable to analyze internal functions of the software. This is particularly so if the analysis extends to detection of such things as internal processor logic states. If some of the observed internal functions are designed to prevent use of unauthorized copies of the software, these safeguards can be overcome by the unauthorized observers.
To protect computer software, there is often a need to restrict its use. This may be accomplished by end user agreements, wherein the user agrees to only use the software on one or more agreed upon computers. In other cases, the software can be freely copied, so that piracy restrictions are accomplished either by end user agreement or by simple techniques such as the requirement to use a product serial number to enable use of the software. While this may discourage software piracy and copying, it does not completely prevent a determined software pirate from reproducing the program along with one or more enabling serial numbers or keys.
It is often desired to provide software and updates of software to end users in such a manner that the software is transferred through public channels, such as the Internet. To provide such software in restricted form, it is desired to provide security to the distributor of the software so that the software is not subject to unauthorized use. In particular, if software is shipped via public or private channels, it is desired that the end user of the software can only use the software on the end user's specified computer, and that the software not be willingly or unwillingly shared by the end user. By computer, it is intended that this includes personal computers, smart cards, work stations, dedicated CPUs embedded in hardware appliances, and any other device in which integrated circuit (IC) microprocessors may be used.
In some programs, the cost of the programs to the end user is such that it becomes economical for third parties to determine what is necessary to circumvent restrictions on use by unauthorized persons. Therefore, it is desired to make the unauthorized duplication or use of a program uneconomical. In order to do that, it is desired to provide an encryption scheme which prevents unauthorized persons from “attacking” the encryption of the software through analysis of the input and output of user commands and instruction sets from the software. It is further desired to provide a software encryption technique in which there are no external indicia of a decryption technique which can be used to analyze the encryption of the software. It is further desired that software be encrypted in such a manner that it is unnecessary to decrypt the software in order to accomplish execution of the software.
SUMMARY OF THE INVENTION
According to the present invention, a microprocessor including reconfigurable logic circuitry processes encrypted or scrambled computer programs without first decrypting or descrambling the code to be executed. The microprocessor includes an instruction decoder which is programmable to execute encrypted instruction op codes derived from the programs under direction of a control circuit which manages program execution. The reconfigurable logic circuitry on the microprocessor is configured to immediately process, without decryption, the instruction op codes received without intervening steps, and a control circuit changes representations of the instruction op codes according to the present invention. In particular, the control circuit is able to change the op code representations during program execution so that an undesired external analysis of the execution of the program becomes more difficult. During execution, the control circuit modifies the op codes being executed and corresponding reconfigurable logic in coordination, to ensure that the reconfigurable logic operably executes the correspondingly modified op codes.
More particularly according to the invention, a microprocessor includes a capability of changing logic representations of the op codes being processed during the execution of a program. A programmable instruction decoder receives encrypted instruction op codes and sends the op codes to logic circuitry in order to execute the instructions. A control circuit provides the capability of changing logic representations of the op codes during the program execution. This has the effect of securing the program from decryption analysis.
According to the present invention, a microprocessor CPU is provided with an ability to modify its operation in accordance with an encryption key. When a program is compiled, the program is modified in order that execution may be performed with the CPU with its operation modified to accommodate the encrypted states of the program to be processed. Logic architecture elements established in the microprocessor are then able to shift the basic op code execution function, and the logic circuitry permits modifying operation of the microprocessor in accordance with logic instruction op codes stored in predetermined memory stores. This logic circuitry is configurable in accordance with the received logic instructions during the execution of a program, and so it is unnecessary to decrypt the program into standard op codes prior to execution.
In one embodiment, a microprocessor uses a programmable instruction decoder to decode encrypted instruction op codes. The decoding is accomplished without decrypting the op codes and the logic gates of the logic circuitry immediately process data upon receipt without prior decryption. The data representation of the op codes is changeable during the execution.
According to one aspect of the invention, a selected microprocessor is able to process computer programs which are operable on the selected processors. An instruction decoder is programmable so that it executes instruction op codes encrypted for the processor and is able to perform such execution without decryption. Logic gates on the microprocessor are configured to immediately process received data, and the data representation is able to change during the execution of a program. This varies encodings of input data operands and output data results. Configurable logic gates process the data and provide results from instruction execution. The representation of the data is able to change during the execution of a program, and this ability is used to vary the representations of input data and output data results.
A custom instruction set is provided for each CPU chip or groups of CPU chips. That custom instruction set is used by the software manufacturer to provide a unique version of a mass produced program to a customer for program operation with a microprocessor chip. The CPU is therefore programmed for that custom instruction set. The length of each instruction, and the other features of this invention are configurable to have according to the present invention cryptographically significant level of security when viewed from the IC pins. Pirates who examine signals inside the IC will accordingly be deterred from success by the inventive features described herein.
A secure key is used in configuring both the encrypted software with a compiler and the microprocessor system executing the encrypted software so that the instructions provided by the compiler are only executable by an IC which use the same key. This key is stored on the IC in non-volatile memory, and it controls the instruction decoder, the reconfigurable logic, the signal ro
Martine & Penilla LLP
Peeso Thomas R.
LandOfFree
Microprocessor in which logic changes during execution does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Microprocessor in which logic changes during execution, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Microprocessor in which logic changes during execution will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3087720