Cryptography – Communication system using cryptography
Reexamination Certificate
1998-04-29
2001-06-05
Millin, V. (Department: 2165)
Cryptography
Communication system using cryptography
C380S258000, C380S044000, C380S266000
Reexamination Certificate
active
06243468
ABSTRACT:
TECHNICAL FIELD
This invention relates to systems and methods for preventing piracy or illicit use of software. More particularly, this invention relates to such systems and methods that allow hardware components of the underlying computer to be upgraded and the software to be legitimately installed on the upgraded machine without triggering the anti-piracy protection.
BACKGROUND
Computer software is a unique consumer product in that the same product can be replicated many times after being sold. Once a software product is sold, typically as software code on a computer-readable disk, the purchaser can easily copy the code to other computer-readable media thereby replicating the same product many times over.
This characteristic of software can be a tremendous benefit in terms of lowering manufacturing costs and facilitating distribution. For instance, easy replication allows a software manufacturer to distribute one physical copy of the software product and sell a multi-seat license that legally empowers the purchaser to install the software product on many different computers.
Unfortunately, this benefit comes at a cost of open abuse. One well-known abuse is piracy. An unscrupulous party can obtain a copy of the object code (legally or illegally) and then illicitly replicate and resell pirated copies of the product. Software companies attempt to monitor piracy activities, but detection is often difficult. Moreover, even when improper activity is detected, enforcement and legal recourse is often unavailable from a practical standpoint, particularly since much of the abuse occurs in foreign lands.
A less subtle abuse is the improper use of the software product beyond the scope of the license. One common scenario involves a shrink-wrap software product available at local retail stores. The product is typically accompanied by a shrink-wrap license to install and use the product on one computer, and perhaps additionally on a laptop. Unfortunately, the purchaser may intentionally or unintentionally install the product on more than the allowed computers, thereby violating the license. For the software manufacturer, this form of abuse is very difficult to monitor and even more difficult to prosecute.
The computer software industry estimates that billions of dollars are lost each year due to piracy and other illicit uses. While licenses provide a legal avenue for recourse against such practices, the practicality of detecting and enforcing often prove too onerous for the manufacturer. Accordingly, software companies have a real incentive to reduce the amount of abuses through other means.
One conventional technique for preventing unlimited copying of a software product is to design the code with a self-regulating mechanism that prevents repeated installations. This mechanism counts the number of installations and disables the software code after the product has been installed a certain number of times. The underlying premise is that multiple installations tend to indicate that the user is attempting to install the product on multiple different computers, rather than just one computer allowed by the license.
FIG. 1
illustrates this concept. A manufacturer creates a software product and places the code on a disk
20
, such as a CD-ROM or floppy diskette. The disk
20
is packaged to form a shrink-wrap retail product
22
. The manufacturer generates and assigns a serialized key that uniquely identifies that product. For instance, the key might consist of a manufacturer ID, a serialized incrementing number, a registered product code, and a checksum value. The key is printed on a label
24
and affixed somewhere on the product, such as the CD-ROM case.
During installation, the purchaser of the software product is prompted to enter the key. This step alone is designed to prevent another party from obtaining the disk
20
only, without knowledge of the key, and installing the product illegally. Without the key, the holder of the physical disk is prevented from installing the product.
The product tracks the number of installations. Once the purchaser enters the same key more times than a defined limit, the product is disabled. The purchaser is then forced to call the manufacturer for assistance.
While such mechanisms help reduce illicit copying, they often cause other problems in the form of consumer inconvenience. For instance, the premise that more installations than a requisite number means illegal use may be wrong in some cases. A user who has upgraded his/her computer, for example, should be able to legitimately reinstall the software product on the upgraded machine. However, if the requisite number of installations has already been reached, the product will not install, forcing the user (who is now disgruntled) to call the manufacturer for assistance.
Accordingly, there remains a need for improved technology solutions to piracy and illicit use, but which also recognizes and accommodates the needs and practices of a legitimate purchaser.
SUMMARY
This invention concerns an anti-piracy system and method that reduces the opportunity for piracy and illicit use of software products by requiring each software product to be registered for a single computer that consists of a specific hardware composition. If a user attempts to install the software product on another computer, the software product will recognize a different hardware composition and disable itself
According to one aspect of the invention, the system includes a software product that is loaded onto a specific computer having a set of hardware components (e.g., RAM, hard disk drive, floppy disk drive, BIOS, network card, video card, etc.). The software product has an associated product ID consisting of, for example, a manufacturer ID, a registered product code, a serialized number, and a checksum value.
During installation, the software product generates a hardware ID that identifies the set of hardware components. As an example, the software product generates a five-digit hardware ID that includes a bit representing each of five system components: BIOS, a video BIOS in the video card, RAM, a hard disk drive, and a floppy disk drive. The bit for a given system component can be derived in different ways, such as performing a modulo operation on all or part of the BIOS, or on the hard disk drive's serial number.
The software product concatenates the product ID and hardware ID and sends it to a registration authority, such as the product manufacturer or an authorized third party. The registration authority has a registration unit that computes a registration ID from the product ID and the hardware ID. One preferred approach is to hash the concatenation of the product ID and hardware ID to produce the registration ID. The registration authority stores the registration ID, product ID, and hardware ID in a database. The registration authority sends the registration ID back to the software product, where the registration ID is stored locally on the computer.
Each time the software product is subsequently launched, the software product again obtains the product ID and generates the hardware ID for the computer. The software product then computes its own test ID from the product ID and hardware ID using the same algorithm (e.g., hashing algorithm) employed by the registration unit at the registration authority. The software product compares the test ID to the registration ID. If the two match, the software product is enabled to operate on the computer; otherwise, if no match occurs, the software product is locked and prevented from operating on the computer.
In the typical case, the test and registration IDs will not match if the hardware ID is changed. This indicates that the underlying hardware has been altered, either through upgrade or because the user is attempting to install the product on another computer. At the minimum, the self-locking mechanism prevents the user from installing the software product on multiple different computers. However, the system is also sensitive to the situation in which the user simply upgrades one or
Hughes Aidan
Pearce David B.
Lee & Hayes PLLC
Microsoft Corporation
Millin V.
Nguyen Cuong H.
LandOfFree
Software anti-piracy system that adapts to hardware upgrades does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Software anti-piracy system that adapts to hardware upgrades, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Software anti-piracy system that adapts to hardware upgrades will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2456656