Data processing: financial – business practice – management – or co – Business processing using cryptography – Usage protection of distributed data files
Reexamination Certificate
1999-10-25
2003-05-20
Trammell, James P. (Department: 3621)
Data processing: financial, business practice, management, or co
Business processing using cryptography
Usage protection of distributed data files
C380S279000, C380S001000, C380S001000, C380S029000, C380S029000, C380S030000, C380S044000, C707S793000
Reexamination Certificate
active
06567793
ABSTRACT:
BACKGROUND OF THE INVENTION
This present invention provides a method and system for remotely authorizing, the unlocking of electronic data, and more particularly, for authorizing the unlocking of data using cryptographic authentication.
DESCRIPTION OF THE RELEVANT ART
The distribution of software from vendors to authorized users is susceptible to abuse in that the authorized users may share the software with unauthorized users. Attempts have been made to restrict software use through encryption. When a user purchases the software, the vendor provides a decryption key. If the decryption key is the same for all users, this approach will not protect the software in that one user can share the key with many others with no accountability. Therefore other systems generate a unique key for each user. One such system, described by U.S. Pat. No. 5,586,186 to Yuval et al., restores the distributable (encrypted) software to its original form (decrypted) upon installation. The user's decryption key is unique to that particular user. However, this system does not protect the software once it is installed.
SUMMARY OF THE INVENTION
A general object of the invention is software that executes a user key verifier at run-time to determine run-state as a means of protecting the software from unauthorized use.
Another object of the invention is a user key verifier that uses a public key signature verification algorithm to determine the validity of a user key.
An additional object of the invention is the use of digital signatures to generate user keys in a system for controlling unauthorized use of software distributed to users.
A further object of the invention is a system using the presence of a valid digital signature on licensing information to determine a program's mode of execution.
The present invention, as broadly described herein, provides a method and system for controlling unauthorized use of software distributed to users. The main components of the system of the present invention include a product key generator, a user key generator, and a user key verifier.
The product key generator is responsible for generating a signing key or keys, and a verification key or keys. The user key generator generates a unique user key(s) using a numeric representation(s) of identifying information relating to a user or a group of users; such identifying information optionally may include licensing information containing terms of permitted use and the signing key(s). The user key verifier determines whether the user key matches the identifying information as a means for controlling the use mode of the software. This use of digital signatures to generate user keys is both novel and non-obvious over the prior art.
The present invention also includes a method for controlling unauthorized use of software distributed by a software vendor. The method begins by generating a verification key with a product key generator. The verification key includes a private signing key and a public verification key. The software and the verification key are combined to create distributable software which is distributed to a user. The user installs the software on a user computer system as protected software. To obtain a user key, the user inputs identifying information which is sent to a user key generator. The identifying information may include licensing information as well as information on the user, the user's computer system, etc. The user key generator converts the identifying information to a numeric representation and then generates, by signing the numeric representation with the private signing key, a user key. The user key is conveyed to the user computer system. Using the verification key, a user key verifier verifies a relationship between the user key and the user identifying information to determine an access level to the protected software.
Additional objects and advantages of the invention are set forth in part in the description which follows, and in part are obvious from the description, or may be learned by practice of the invention. The objects and advantages of the invention also may be realized and attained by means of the instrumentalities and combinations particularly pointed out in the appended claims.
REFERENCES:
patent: 5235642 (1993-08-01), Wobber et al.
patent: 5337357 (1994-08-01), Chou et al.
patent: 5481720 (1996-01-01), Loucks et al.
patent: 5490216 (1996-02-01), Richardson, III
patent: 5586186 (1996-12-01), Yuval et al.
patent: 5649185 (1997-07-01), Antognini et al.
patent: 5750761 (1998-05-01), Wisley
patent: 5982892 (1999-11-01), Hicks et al.
patent: 6343280 (2002-01-01), Clark
patent: 0 686 906 (1995-05-01), None
Moreh, Johan. “Digital certificates and certificate Authorities.” Sep. 1997. Database Web Advisor, v15, n9, p. 74 (4).
Lyons et al. “Who Holds the Keys? Debating Data Encryption Standards.” Jul. 1992. Communications of the ACM; v35 n7 pp 32-54.
Creath Peter Janssen
Hicks Christian Bielefeldt
David Newman Chrtd.
Reagan James A.
Trammell James P.
LandOfFree
Remote authorization for unlocking electronic data system... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Remote authorization for unlocking electronic data system..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Remote authorization for unlocking electronic data system... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3012454