DE3321910A1 - DEVICE AND METHOD FOR PROTECTING SOFTWARE - Google Patents

Description

description

The invention relates to an apparatus and a method for preventing an unauthorized person Reproduction of or unauthorized access to computer software. The invention is in the first place Line aimed at the protection of programs for industrial and business use.

The increasing use of microprocessors in plants for industry and trade has not only been Effects on the design of hardware, but also on the distribution and storage of Software packages. The problem of protecting software against "piracy" is particularly important in view of the increasing proportion of relatively small systems with, for example, two or three Monitors and the associated possibility of unauthorized reproduction. While for a software manufacturer advantages in compatibility of systems are important, "piracy" either aggressively or brutally restricts it more passive associations seriously generate the revenue that the manufacturer hopes to generate.

In an effort to limit acts of reproduction, So far, the problem of software protection has been approached using two basic methods. The first method relies on copying the data from disks in the execution

1 / - 11 -

difficult to do, but this has the disadvantage for the user that he is not able to To make reserve copies of his program. The second method relies on a number of Make changes to the computer hardware so that the software will only run properly when the appropriate response is received from the hardware. In the simplest case, this can be a register be read by the unique code confirmation system; in more complicated ones Cases, these hardware changes may include a set of instructions that are currently in effect Define in the copy process. While both methods discourage the bona fide business user would be able to prevent more targeted efforts from being succeeded.

The object of the invention is to provide a device and a method for extensive prevention the unauthorized reproduction of stored computer programs, without to prevent an authorized user from making reserve copies for his own purposes.

A first solution to this problem is to provide a computer data processing device which a memory and a central processing unit for executing one stored in the memory Program in such a way that the central processing unit is to be trained with a decryption device is connected

1/2 - 12 -

and that the decryption device and the central processing unit or a part thereof contain a module secured against unauthorized access.

In one embodiment of this solution, which is applicable to "LQ" microcomputers, the against unauthorized access secured module «ine integrated or encapsulated unit which shares a microprocessor and a decryption circuit contains, the latter being specially designed for decrypting data signals which are based on are encrypted in a special way. The module secured against unauthorized access is with the memory connected in the same way as a microprocessor is connected to memory in a standard microcomputer is and can be designed so that it can be used as a direct plug-in unit in exchange for the microprocessor IC of the standard microcomputer can be used if the microcomputer is to run encrypted programs should be used.

By the central processing unit and the decryption circuit be brought together in a module secured against unauthorized access and the user with an encrypted program is provided, the program can be executed in the computer without the decrypted Program occurs in the memory or on accessible electrical conductors. It can therefore constructively allow the decrypted program only within the against unauthorized access

2/3 - 13 -

secured module is present where it is not accessible for copying purposes.

In a second solution to the problem according to the invention includes apparatus for preventing unauthorized copying by or by unauthorized persons

^ q Access to coitiputer programs against unauthorized persons Access secured module which is exchanged for a central processing unit in a computer and a processor unit, a decryption circuit, a data bus and an address bus for connection to an external storage unit in the computer.

In a third solution to the problem according to the invention has a method for preventing unauthorized copying or unauthorized access on computer programs in a computer designed to run such programs Process steps on: In a memory of the computer a program is in encrypted form . and the program is saved by entering individual commands (command by command) into a Executed module secured against unauthorized access, the module being a central processing unit and a decryption circuit.

In a preferred embodiment of the invention contains the secured against unauthorized access .Modul a microprocessor chip and a RAM memory map {the abbreviation RAM means random access memory while the expression "map"

3/4 - 14 -

a representation or mapping of the storage space

- called distribution). The protected software ο

is delivered to the user in encrypted form using the DES algorithm, with that of the software Preceding key for the DES algorithm in turn in encrypted form under Verdung of the RSA public key system. The public key is for the special, The module contained in the user's computer and secured against unauthorized access is clearly defined. (An explanation of encryption and decryption using the DES algorithm b

can be found in Federal Information Processing Standards (FIPS) Publication No. 46 from January 1977 with the designation "Data Encryption Standard" = data encryption standard.

The RSA public key system is in the essay "A method for Obtaining Digital Signatures and Public Key Cryptosystems" by Rivest, Shamir and Adleman, published in Communications of the Association for Computing Machinery, February 1978

nc- described. ) During operation, the DES key

loaded into the module secured against unauthorized access and decrypted. The decrypted Key is then used in the DES algorithm to map a local memory in RAM

OQ to generate at least part of a Memory outside the module. If an encrypted program is assigned to the module of is fed to an external memory, each opcode is stored with the associated code in the

qc Storage map according to an exclusive-or operation

4 / - 15 -

- 15 -

logically linked in order to decrypt the operation code before it is entered into the microprocessor chip. The module secured against unauthorized access can be designed in such a way that it receives an incoming encrypted Program recognizes and makes the above-mentioned decryption operation effective or , j-. alternatively, bypasses the exclusive-or operation if the incoming program is not recognized as encrypted.

The invention will be carried out below on the basis of examples explained in more detail. It shows:

Fig. 1 is a simplified block diagram of a

Device according to a solution to the object of the invention;

Fig. 2 is a block diagram of an against unauthorized

Secure module access;

3 shows an electrical circuit diagram of part of the secured against unauthorized access

Module, namely a microprocessor, memory devices, a combination circuit and signal switching devices;

Fig. 4 is an electrical circuit diagram of a memory selection circuit within the module secured against unauthorized access, and

Fig. 5 is an electrical circuit diagram of a decryption selection logic circuit.

4/5 - 16 -

In Fig. 1, a system according to the invention is simplified Shown form, which is a secured against unauthorized access module (unit) 1 with a central processing unit 2 (hereinafter also abbreviated to CPU) (in the example under consideration, a microprocessor ) and a decryption device 3. The module 1, which is secured against unauthorized access replaces the central processing unit of a conventional computer and is in the same way as a conventional central processing unit connected to a system memory 4, which program operation codes and transmit data to and from the central processing unit.

In the example under consideration, programs and data are permanently stored by means of a disk storage device 5 provided. When the system is in operation, an encrypted program and data are stored on the disk memory 5 loaded into the memory 4 and then by individual command (command by command) of the decryption circuit 3 and the CPU 2 supplied. Only the operation codes are preferably encrypted, since This made the program relatively secure against a cryptanalysis (encryption analysis) can be.

The module 1 secured against unauthorized access is shown in more detail in FIG. Module 1 is over a data bus 10 and an address bus 12 connected to the system memory. The on the data bus 10 from The signals transmitted to the system memory to the module 1 either pass through a switching device 14

5/6 - 17 -

- 17 -

an exclusive-or (XOR) -combination stage 16 or through a bypass line 18 to the microprocessor CPU,
This signal path selection by the switching device 14 takes place as a function of signals from a selection logic circuit 20. The XOR stage is also connected to an internal RAM memory 22.

2Q den, the purpose of which will be explained below. The signals fed to the XOR stage 16 are thus on the data bus 10 in an exclusive-OR operation combined with signals from internal RAM memory 22; the resulting signals arrive

^ g then via an internal data bus 24 to the CPU. The Data inputs of the CPU can also be supplied with signals from a third source via the switching device 14 be, it is in this source is an internal PROM memory 26, which is a program

or which contains programs for controlling decryption operations (PROM is the abbreviation for
a programmable read-only memory). The PROM memory 26, the internal RAM memory 22 and the external memory 4 are connected to the CPU 2 via the common address bus 12. The function of these components results from the following description of the decryption process.

The preferred decryption method that is applied to the programs supplied to the user by the software manufacturer is that in the data encryption standard mentioned at the beginning, abbreviated DES
(Data Encryption Standard). This procedure uses the same algorithm
(the so-called DES algorithm) both for

6/7 - 18 -

- 18 -

encrypt as well as used to decrypt the message. Although the algorithm is well known, successful decryption (decryption) depends on knowledge of a key (the DES key) that was used in the algorithm to encrypt the message. In the case of the _n system under consideration, the program operation codes are encrypted by the software manufacturer or handler using the DES algorithm and a special DES key. In order to transfer the DES key to the user in a secure manner, it is placed in front of the program in encrypted form using a second encryption process. This second encryption process is carried out according to the RSA method, which was also mentioned in the introduction to the description.

With the RSA method, the message (in the present case the DES key) is sent by means of a mathematical Operation encrypted using a public encryption key, which

2g is assigned to the recipient, i.e. the DES key is encrypted using the user's public key. The decryption is just feasible with the help of a private decryption key, which is not different from the public

QQ key can be derived. The private key is stored in the module secured against unauthorized access, specifically in a second internal RAM memory 32 which is supplied by a small battery.

7/8 - 19 -

- 19 -

When an encrypted program is entered in the module (Fig. 2) secured against unauthorized access is, the DES key is first decrypted by the CPU 2, which according to one in the PROM memory 26 stored RSA decryption program is working. The further execution of the encrypted, Q-encrypted (main) program is then delayed, in the meantime the DES key is used in the DES algorithm to create a local memory map in the RAM memory 22 under the control of another stored in the PROM memory 26 Prong grams. After completing this operation the DES-encrypted program continues, with each operation code being an exclusive-or operation is subjected, in which it is combined with a mapped code from a memory location in the RAM memory 26 which is assigned to the memory location of the operation code in the system memory 4 (FIG. 1). That The result of the exclusive-or operation is a decrypted operation code, which is transmitted via the switching device 14 reaches the command register of CPU 2. It should be noted that at no time does the decrypted Operation code appears outside of the module 1 secured against unauthorized access. If the user desires to have a backup copy of the program, it is the encrypted program that duplicates will.

In the decryption process explained above, the DES standard is set in the key (cipher) feedback mode used to avoid repeating the memory pattern from the memory map.

8 / - 20 -

By creating the memory map before the program is run, the

Decryption in two stages, of which the first stage is not time-critical and the second stage (the exclusive-or operations) is comparatively simple and can be implemented in real time in accordance with the normal clock speed of the CPU. ^:

In the figures 3, 4 and 5 electrical circuit diagrams of a secured against unauthorized access

, p module according to the invention. The one shown Circuit contains a number of IC chips, although this is not required; much more a circuit with the same functions can also be created in the form of one or two specifications,

2Q large area integrated (LSI) chip to to reduce the cost of the IC units in the case of mass production.

The circuit shown is designed to be used as a sealed container within an existing one or a new computer can be installed in exchange for a Z80 microprocessor (Z80 is the name for a type of microprocessor). The module is for a later conversion QQ and has a 40-way front connector for this purpose (Fig. 3) for connection to the standardized 4 0-way microprocessor socket .

In the block diagram according to FIG. 2, a number of subordinate circuit features are not illustrated.

8/9 - 21 -

- 21 -

light, including the creation of storage space in the second internal RAM memory 32 for use during execution of the RSA and DES algorithms and a decoder circuit 34 (Fig. 5) for bypassing the decryption circuit when accessing parts of an external memory with CP / M operating system pointers counting.

As can be seen first from Fig. 3, the circuit part shown includes virtually the entire, the Circuitry associated with circuit blocks in Fig. 2 with the exception of essentially the selection logic circuit 20. The 4 0-way front connector 30 leads the system to the data bus 10, the address bus 12 and the Z80 interrupt and control lines too.

The ones on the external data bus 10 against unauthorized persons Access-secured module incoming signals are transmitted there to an internal data bus 38, and either directly via a transmitter / receiver 40 or indirectly via a parallel pair of exclusive-or-combining devices 4 2 and 44 as well as a 3-pole buffer switch 46. The transmission via the Exclusive-OR gates 42 and 44 take place as a function of whether input D at buffer 46 is effective is. This is the case if the incoming signal is an encrypted opcode during the Execution of the main program is. Operate at other times during the execution of the main program the signals freely between the external data bus 10 and the internal data bus 38 via the transmitter / receiver 40 depending on the effectiveness of an input C,

9/10 - 22 -

Before decoding an incoming main program it is necessary to decrypt the incoming DES key and the DES memory map in the first internal RAM memory 22. The programs for these operations are in the PROM memory 26 saved. So initially the

IQ CPU 2 from internal programs in connection with the PROM memory 26 and the second RAM memory 32 without access to the external memory. During this operation, the RSA private keys in the RAM memory 32 are released (unlocked) and the DES key is decrypted. The DES key is then used with the DES algorithm stored in the PROM memory to generate the DES memory map in the first RAM memory 22 via the buffer 48.

As soon as the memory map is set up, the main program can be used run in the CPU 2, the contents of the memory map with the incoming operation codes in the gates 42 and 44 are linked after an exclusive-or operation.

The traffic of the signals on the data buses is controlled by the circuit according to FIGS. 4 and 5 controlled. Fig. 4 shows a 1-out-of-4 selection device 49 for selecting and controlling the memory chips 26, 32 and 22 depending on the state of the address lines A12 and A1 3 (internal RAM / PROM selection), of one Operation code detection signal from an operation code detection circuit (Fig. 5) and from a write signal WR of the CPU 2.

10/11 - 23 -

■ ^: ·. · ^: 3321310

- 23 -

The selection logic circuit shown in FIG. 5 comprises an array of flip-flops 50 to 56 which control the generation of interrupt signals INTR and INTR which are supplied by the CPU 2 when an incoming encrypted program is signaled. The generation of the interrupt signals causes the CPU 2 to enter ^the internal program loop for generating the memory map. In the example under consideration, it is assumed that an encrypted program is preceded by a restart command which is detected by an AND gate 58. However, everyone can.

suitable detection signal can be used in conjunction with a device for detecting the same.

The presence of an operation code on the data bus is signaled by the CPU 2 to the OR gates 60 and 6 2, which the output B (which is connected to the selection device 4 9 in Fig. 4) and the Enable output D (which is connected to buffer 46 in Figure 3) to select the decryption operation.

The preset input of the flip-flop 56 is connected to the microprocessor outputs HOLD and BUSÄCK for safety against a possible overlap with the CPU 2 when it tries to read out the decrypted signals, coupled.

The address decoding circuit 34 detects the access to addresses in the memory allocated to the CP / M operating system and creates an output CPM to bypass the decryption circuit.

11/12

■ if-

Blank page

Claims (22)

3321310 OPEN COMPUTER SERVICES LIMITED Cavendish Street Brighton, East Sussex BN2 1 RN, England K 20 34 Device and method for protecting software Claims (^ ') Computer data processing device, with a memory and a central processing unit for executing an encrypted program stored in the memory, characterized in that the central processing unit is connected to a decryption device and that the decryption device and at least part of the central processing device are secured against unauthorized access Module included. 2. Apparatus according to claim 1, characterized in that the central processing unit a microprocessor is provided. 13 / - 2 - 3. Device to prevent unauthorized copying, copying of or unauthorized access to Computer programs, characterized by one secured against unauthorized access , Q module, which is at least part of a processing processing (processor) unit is; - a decryption circuit, and , c - data and address buses for connection to an ο external storage. 4. Apparatus according to claim 3, characterized in that the module secured against unauthorized access 2Q is designed to use encrypted commands executes a program supplied to the module via the data bus. 5. Computer data processing apparatus for execution an encrypted computer program, characterized by the following features: - A program memory for storing the ver-3Q encrypted program and a decryption key; a central processing unit for executing the program; 13 / - 3 - a decryption circuit; a data bus which couples the program memory to the decryption circuit, and an address bus, which couples the central processing unit with the program memory, wherein the decryption circuit and at least a part of the central processing unit one Part of a secured against unauthorized access Form module, and furthermore the resolutions-15 processing unit a first decryption memory for storing a decryption algorithm and a second decryption memory for storing a decrypted copy of the program.
20th 6. Apparatus according to claim 5, characterized in that the decrypted copy is a representation or mapping of the storage space distribution (Storage map) is which contains elements that 25 the program memory locations in the program memory correspond, and that the apparatus comprises a combining means having an input coupled to the data bus _n or the second decryption memory coupled and coupled with an output to the central processing unit. 7. Apparatus according to claim 6, characterized _o _ net that the decryption circuit also whether 13/14 - 4 - -A- has a switching device coupled to the data bus, which signals from the program memory to the central processing unit bypassing the combiner. 8. Apparatus according to claim 7, characterized in-2Q net that the switching device is coupled to the output of the central processing unit Has control input to only pass signals through the combining device when the signals represent a program command. 9. Apparatus according to claim 5, characterized in that the first decryption memory is a Read-only memory (ROM) is in which a decryption program is used to generate the decrypted copy of the encrypted program using the decryption key and the decryption algorithm is stored. 10. Apparatus according to claim 6, characterized in that the combining device in the operating state Signals on the data bus with elements of the memory map by means of a reversible logic operation combined. 11. The device according to claim 10, characterized in that the reversible logic operation is a Exclusive-or operation is. 14/15 - 5 - • · · I 12. The device according to claim 5, characterized by means for decrypting the Decryption key if the latter is itself in encrypted form in the program memory is present, wherein the decryption circuit includes means for storing a private auxiliary decryption key, furthermore a device for recognizing an auxiliary public decryption key in incoming signals, which with the private auxiliary decryption key in a mathematical relationship stands, and finally a device for decrypting the encrypted Contains decryption key before the generation of the decrypted program copy. 13. The apparatus according to claim 12, characterized by such a design that it Program using the DES data encryption standard decrypted and that they are using the DES decryption key of the RSA public key system. 14. The device according to claim 5, characterized by such a design of the decryption circuit, that it decrypts the encrypted program in such a way that the program can run in real time, with each program instruction is decrypted and fed to the central processing device for execution. 15/16 - 6 - 15. Procedures to prevent unauthorized reproduction of or unauthorized access to computer programs in one for execution computers specific to such programs, characterized by the following process steps : In a memory of the computer eirf Program saved in encrypted form, and - the program is converted into a counter by entering commands within the program run unauthorized access secured module, the module at least a part a central processing unit and a decryption device. 16. Process to prevent unauthorized reproduction of or unauthorized access to Computer programs in a computer designed to run such programs, characterized by the following process steps: - A module secured against unauthorized access is provided in the computer, which a central processing unit or at least a part of a central processing unit and a decryption circuit having a first decryption memory; 35 16 / - 7 - - a program is made using an encryption key encrypted; the encrypted program and the key are stored in a memory of the computer, this memory outside of the module secured against unauthorized access is; the key and the encrypted program are stored in the external memory against unauthorized persons Access secured module supplied, from which a decrypted copy of the program is stored in the first decryption memory Using the key is generated; - the encrypted program is protected against unauthorized persons Access secured module fed to decrypt the program, and the decrypted program is in the central processing unit executed in real time, wherein the electrical signals reproducing the decrypted program are applied to electrical components are restricted within the module secured against unauthorized access. 17. The method according to claim 16, characterized in that the decrypted program copy a Decryption memory map in the first decryption memory and that the encrypted 16/17 - 8 - Program is combined with the memory map, where-C for increments of the encrypted program are sequentially fed to the combining device and each individual increment before the Combining the next increment is combined and executed. 18. The method according to claim 17, characterized in that that the encryption step encrypts only the commands or the operation codes of the program while retaining the data _ .. and operands as plain text includes that the from-ο running the program includes determining which the signals supplied to the module secured against unauthorized access are program commands, and that means for combining incoming "" signals with the memory map only then enabled is detected when the incoming signals are detected as signals reproducing program commands will. "P. 19. The method according to claim 16, characterized by the following further procedural steps: The key is ver-OQ before the encrypted program and the key are stored keys, and - The key is decrypted in the module secured against unauthorized access before the generation Program copy decrypted. 17/18 - 9 - - Q - 20. The method according to claim 19, characterized in that the encryption of the key using a public key system, an auxiliary stored in the external memory public key and an auxiliary private assigned to the public key IQ key takes place, which latter is stored in a second decryption memory within the module secured against unauthorized access and is used to decrypt the first-mentioned key. 21. The method according to claim 20, characterized in that the program using the DES algorithm is encrypted and that the key for generating the decrypted program copy itself is encrypted using the RSA public key system. 22. The method according to claim 21, characterized in that the step of encrypting comprises using the DES algorithm in the key (cipher) feedback mode. [ 18 /