United States Patent [19]
`Chandra et al.
`
`[11] Patent Number:
`[45] Date of Patent:
`
`4,817,140
`Mar.28, 1989
`
`[54] SOFIW ARE PROTECTION SYSTEM USING
`A SINGLE-KEY CRYPI'OSYSTEM, A
`HARDWARE-BASED AUTHORIZATION
`SYSTEM AND A SECURE COPROCESSOR
`
`[75]
`
`Inventors: Ashileshwari N. Chandra, Mahopac;
`Liam D. Comerford, Carmel; Steve R.
`White, New York, all of N.Y.
`
`[73] Assignee:· International Business Machines
`Corp., Armonk, N.Y.
`
`[21] Appl. No.: 927,629
`
`[22] Filed:
`
`Nov. 5, 1986
`
`Int. Cl.4 ............................................... H04L 9/00 1
`[51]
`[52] u.s. Cl ............................................ 380/4; 380/25'
`[58] Field of Search .................... 364/200, 900; 380/4,
`380/25, 23
`
`[56]
`
`References Cited
`U.S. PATENT DOCUMENTS
`3,996,449 12/1976 Attanasio ....................... 235/61.7 R
`4,104,721 8/1978 Markstein ........................... 364/20<r
`4,120,030 10/1978 Johnstone ........................... 364/200
`4,168,396 9/1979 Best ....................................... 178/22
`4,183,085 1/1980 Roberts ............................... 364/200
`4,246,638 1/1981 Thomas ............................... 364/200
`4,278,837 7/1981 Best .................................. 178/22.09
`4,433,207 2/1984 Best .................................. 178/22.09
`4,442,484 4/1984 Childs, Jr ............................ 364/200
`4,446,519 5/1984 Thomas ............................... 364/300
`4,458,315 7/1984 Uchenick ............................ 364/200
`4,462,078 7/1984 Ross .................................... 364/300
`4,465,901 8/1984 Best .. ; ............................... 178/22.08
`4,471,163 9/1984 Donald et al. ...................... 364/200
`4,471,216 9/1984 Herve .................................. 235/380
`4,513,174 4/1985 Herman ............................ 178/22.08
`4,523,271 6/1985 Levien ................................. 364/200
`4,525,599 6/1985 Curran et al ........................ 364/200
`4,558,176 12/1985 Arnold et al ..................... 178/22.08
`4,562,305 12/1985 Gaffney, Jr ...................... 178/22.08
`4,562,306 12/1985 Chou ................................ 178/22.08
`
`OTHER PUBLICATIONS
`Best, Preventing Software Piracy with Crypto-Micro(cid:173)
`processors, IEEE, 1980.
`(List continued on next page.)
`
`[57]
`ABSTRACI'
`The invention provides a software asset protection
`mechanism which is based on the separation of the .
`software to be protected from the right to execute that
`software. Protected software can only be executed on
`composite computing systems in which a physically and
`· logically secure coprocessor is associated with a host
`, computer. The software to be protected is broken down
`: into a protected (encrypted) portion and an (optional)
`unprotected or plain text portion. The software is dis-
`. tributed by any conventional software distribution
`. mechanism (for example a floppy disk) including the
`files already identified along with an encrypted soft(cid:173)
`ware decryption key. The coprocessor is capable or·
`decrypting the software decryption key so it can there(cid:173)
`after decrypt the software, for execution purposes.
`However, the coprocessor will not perform these func(cid:173)
`tions unless and until the user's right to execute is evi(cid:173)
`denced by presentation of a physically secure token.
`The physically secure token provides to the coproces(cid:173)
`sor token data in plain text form (the physical security
`of the plain text token data is provided by the cartridge
`within which token data is stored). The physical prop(cid:173)
`erties of that cartridge taken together with the corre(cid:173)
`spondence between the token data provided by the
`cartridge and the encrypted token data evidence the
`user's right to execute. While the coprocessor can,
`1 thereafter, decrypt and execute the protected portion of
`the software, access to that software is denied the user
`by the physical and logical features of the coprocessor.
`Other properties of the cartridge (specifically a destruc(cid:173)
`tive read property) ensure that the act of transferring
`token data to the coprocessor obliterates that data from
`the cartridge so it cannot be revised. Further, the proto(cid:173)
`col for the coprocessor/cartridge exchange is arranged
`so that observation of even the entire exchange pro(cid:173)
`vides inadequate information with which to simulate or
`spoof the effect of an authentic, unused cartridge.
`
`(List continued on next page.)
`
`35 Claims, 8 Drawing Sheets
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 1
`
`

`

`4,817,140
`
`Page 2
`
`U.S. PATENT DOCUMENTS
`4,577,289 3/1986 Comerford .......................... 364/900
`4,598,288 7/1986 Yarbrough ..................... 340/825.34
`4,599,489 7/1986 Cargile ............................. 178/22.08
`4,609,777 9/1986 Cargile ............................. 178/22.08
`4,609,985 9/1986 Dozier ................................. 364/200
`4,621,321 11/1986 Boebert et at ...................... 364/200
`4,621,334 11/1986 Garcia ................................. 364/550
`4,633,388 12/1986 Chiu .................................... 364/200
`4,644,493 2/1987 Chandra et at ..................... 364/900
`4,652,990 3/1987 Pallen et at ......................... 364/200
`OTHER PUBLICATIONS
`Everett, "Padlock", Computer Bulletin, Mar. 1985, pp.
`16-17 + Padlock Public Key Software Protection Sys(cid:173)
`tem.
`Goldschmitt, "Thou Shall Not Dupe", Computer(cid:173)
`world, Jan. 28, 1985.
`Herzberg, "Public Protection of Software", Lecture
`Notes in Computer Science, vol. 218, 1986 (Proc.
`Crypto 85), pp. 158-178.
`
`Kent, Protecting Externally Supplied Software in Small
`Computers, Phd. thesis, M.I.T., Sep. 1980.
`Lipson, "Little Black Box 'Blocks' Illicit Software
`Copying", Stamford Advocate, Sep. 14, 1986, pp.
`El-E2.
`Maude, "Hardware Protection Against Software Pi(cid:173)
`racy", Communications of the ACM, vol. 27, No. 9,
`Sep. 1984, pp. 950-959.
`Purdy, "A Software Protection Scheme", IEEE, 1982.
`Simmons, "How to (Selectively) Broadcast a Secret",
`IEEE, 1985.
`Winslow, "For Software Firms, Questions is How to
`Cope with Piracy", Wall Street Journal, Apr. 12, 1985.
`
`Primary Examiner-Gareth D. Shaw
`Assistant Examiner-John G. Mills
`Attorney, Agent, or Firm-Pollock, Vande Sande &
`Priddy
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 2
`
`

`

`,-------------------------------------------------------------,
`I L---- 15
`155
`i FIG .1
`
`150
`
`154
`
`I
`
`I
`I
`I
`
`CPU
`
`RAM
`
`ROM
`
`REAL
`TIME
`CLOCK
`
`NON-VOLA TILE
`RAM
`
`110 1
`PC1RTS •
`
`I
`
`:
`I
`
`I
`I
`I
`I
`I
`I
`I
`I
`
`-------------------------------------------------------------·
`--------------------------------------------------------------.
`1 I I
`i 1 1 1 1
`t
`! I
`I I
`I I
`I I
`I TERMINAL
`CONTROL
`
`I
`
`I
`
`CPU
`
`I
`
`I
`
`RAM
`
`I
`
`I
`
`ROM
`
`I
`
`I I
`
`DISC
`CONTROL
`
`I. 1
`
`I I
`1/0
`PORTS
`
`4
`
`HOST
`
`9
`
`19
`
`~10
`-------------------------------------------------------------J
`
`~ r;n
`~
`Ft a
`~
`
`N
`._.O!:J
`,.....
`\0
`Of:;
`\0
`
`~
`
`7J1 ::r
`~ ,.....
`~
`Of:;
`
`..&;;..
`-...
`QO
`~
`-.)
`-...
`~
`~
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 3
`
`

`

`FIG. 2
`
`SELECT
`
`DATA
`OUT
`
`CONNECTOR
`23
`
`CLOCK
`
`DATA IN
`2
`DATA IN
`1
`
`EXTERNAL
`POWER
`
`EXTERNAL
`GROUND
`
`0
`
`~---------------------------------------------------~
`I
`
`/20
`
`I
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`I
`
`\ I
`
`'\;
`
`MULl IPLEXER
`22
`
`C2
`
`04
`
`03
`----------------~--------i]---------;r-------'
`r.--.
`25
`1
`1
`1
`1
`~- _j-.._ 26
`
`I
`
`I
`
`~
`[f1
`
`~ .......... g
`
`~
`
`~
`
`N
`YJ
`~
`\C
`00
`\C
`
`~ sa
`N a
`
`00
`
`~Ji;;,..
`00
`~
`......,J
`~
`~
`
`~
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 4
`
`

`

`SOFTWARE VENDOR - -
`PART 1-
`A. SOFTWARE<::"
`PART 2
`
`8. DECRYPTION
`KEY
`C. TOKEN DATA
`
`FIG.3
`
`FIG.4
`
`l
`
`f1
`J SOfTWARE VENDOR ENCRYPTION
`I HARDWARf VENDOR ENCRYPTION I
`
`f2)
`
`DISTRIBUTABLE SOFTWARE PRODUCT
`
`B.
`
`ENCRYPTED DECRYPTION KEY
`
`A. PART 1
`
`PLAIN TEXT SOFTWARE {PART 1)
`
`A. PART 2
`
`ENCRYPTED SOFTWARE {PART 2)
`
`c.
`
`ENCRYPTED TOKEN DATA
`
`~
`rJ1 .
`EcsK(AK) ~
`a_
`fiLE l
`~ .........
`
`ENCRYPTED SOfTWARE DECRYPTION KEY
`
`PLAIN TEXT SOfTWARE
`
`ENCRYPTED SOfTWARE EAK(SOfTWARE)
`-
`ENCRYPTED TOKEN DATA EAK(TOKEN DATA)
`
`r-}
`
`fILE 2
`
`,_- fILE 3
`
`~
`
`__ oo
`N
`
`""""' \0
`00
`\0
`
`~
`
`~
`~ a
`
`00
`
`,.&;;.
`-...
`00
`~
`-l
`-...
`~
`~
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 5
`
`

`

`,--
`
`COMPOSITE COMPUTING
`SYSTEM
`
`HOST
`·CV
`!
`
`COPROCESSOR
`
`PERMANENT
`MEMORY
`
`TEMPORARY
`MEMORY
`
`FIG. 5
`
`-l
`
`35
`_..)
`
`\
`I
`
`DATA & PROGRAM
`FILES
`
`FILE 1 £ CSK (AK)
`
`FILE 2 PLAIN TEXT SOFTWARE
`
`FILE 2 EAK
`
`(SOFTWARE)
`
`)•
`
`FILE 3 EAK
`
`(TOKEN DATA)
`
`I
`
`I
`
`5
`
`/_
`
`J
`
`~ 0
`0 CD
`-I
`/
`
`15 p
`
`~5
`
`15 T
`
`L
`
`__c_20_
`~-TOKEN CARTRIDGE
`
`1 -1 A
`
`~
`
`L__
`
`~
`SOFTWARE DISTRIBUTION
`~
`PACKAGE
`r - - - - - - - - , ~
`q6
`45-1
`I
`I
`
`I
`
`...,.. Ia
`~
`N s-o I ~
`
`I
`I
`I
`~I
`:-l
`I ~
`11/2 TOKEN DATA I I
`jl ~~~ 00
`I
`_ __j J ~,_
`~ I L __ -
`-~
`_j
`--.)
`....
`~
`~
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 6
`
`

`

`,--
`
`COMPOSITE COMPUTING
`SYSTEM
`
`FIG.6
`
`-,
`
`~
`~
`~
`,-- - - - - - --46--, a
`~
`I ~
`45-1
`I
`I
`
`SOFTWARE DISTRIBUTION
`PACKAGE
`
`OAT A & PROGRAM
`FILES
`
`FILE 1 EcSK (AK)
`
`FILE 2 PLAIN TEXT SOFTWARE
`
`!
`
`N
`SA
`1-A
`~ \C)
`
`35
`_.)
`
`HOST
`(])
`l
`
`COPROCESSOR
`
`PERMANENT
`MEMORY
`
`5
`
`'
`
`-
`
`- -
`
`~5
`
`L_
`
`TEMPORARY
`MEMORY
`
`5
`~
`
`I
`_j
`
`\_
`
`\_
`
`I
`
`I
`
`FILE 2 EAK
`
`(SOFTWARE)
`
`FILE 3 EA K (TOKEN OAT A)
`
`20
`
`fMPTY RfGISTfR
`
`1 r
`I
`__ _L_~ ~
`I
`I I :;;;
`I
`EMPTY RfGISTfRJ l I
`I I
`....
`IL ____ _jj
`
`t_ _
`
`-
`
`....
`00
`~
`.........
`....
`~
`~
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 7
`
`

`

`uu:::,
`::lt.KVILt.
`IN HOST
`
`H5)
`
`NO
`..----
`
`LOR
`REQUESTED
`?
`
`H6)
`
`NO
`
`-
`
`EXIT
`YES
`REQUESTED 1 -
`?
`
`H7....--
`
`END
`
`I
`
`NO
`-
`
`YES
`
`I
`
`SEND LOR
`REQUEST TO
`COPROCESSOR
`1
`~
`NO
`SERVICE
`-
`COPROCESSOR
`SUPPORT REQUESTS ~HB
`~
`COPROCESSOR
`FINISHED
`?
`
`I START SUPPORT I
`
`PROGRAM
`
`NO
`
`ARE
`REQUESTED
`?
`
`~---""" H l
`YES
`
`rH2
`SEND ARE REQUEST
`TO COPROCESSOR
`
`I
`
`~
`
`(H 3
`
`YES
`
`"'-- H4
`
`I SERVICE COPROCESSOR
`SUPPORTS REQUESTS
`!
`COPROCESSOR
`FINISHED
`?
`
`YES
`
`NOTIFY
`CORRESPONDING
`PROGRAM IN HOST
`
`1--
`
`HJO
`
`~
`V1
`~ ........
`~ f'l"'t-.
`
`~
`
`N
`~
`~
`\C
`QO
`\C
`
`rJ1 go
`~
`0'\
`~
`QO
`
`.a;;.
`....
`00
`~
`---.l
`....
`~
`..&;;...
`Q
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 8
`
`

`

`U.S. Patent Mar. 28,1989
`
`Sheet 7 of8
`
`4,817,140
`
`FIG. 8
`
`START
`ARE
`PROGRAM
`~
`REQUEST EcsK(AK)
`FROM HOST CD
`1
`DECRYPT EcsK(AK)
`WITH CSK TO GET AK
`
`Cl ~
`
`c
`2-
`
`C3
`
`C4
`
`-
`
`~
`REQUEST EAK(TOKEN DATA)
`FROM HOST CD
`~
`- DECRYPT EAK(TOKEN DATA)
`WITH AK TO GET TOKEN
`DATA
`~
`GENERATE
`''RANDOM,,
`NUMBER
`l
`
`c
`5-
`
`C6......-
`
`!
`USE TOKEN DATA AND RANDOM
`NUMBER TO SIMULATE TOKEN
`RESPONSE GENERATION
`PROCESS TO GET
`EXPECTED TOKEN RESPONSE
`~
`C7-- REQUEST HOST QUERY TOKEN
`WITH RANDOM NUMBER (I)
`~
`REQUEST HOST SUPPLY(i)
`TOKEN RESPONSE
`4
`~
`COMPARE TOKEN RESPONSE
`WITH EXPECTED RESPONSE
`~
`C!O YES t- RESPONSES ~
`EQUIVALENT
`?
`
`C8
`
`C9
`
`!
`CH
`MOVE AK
`INTO
`PERMINANT STORAGE CD I--CI3
`1
`REQUEST HOST
`INFORM USER
`OF SUCCESSFUL MATCH AND
`STORAGE Of INDEX OF KS
`FILE 2 PLAIN TEXT SOFTWARE
`-.
`I END l
`
`f--CI4
`
`t
`
`REQUEST HOST INFORU
`USER OF MISMATCH
`l
`I END l
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 9
`
`

`

`FIG. 9A
`
`FIG.98
`
`APPLICATION
`HOST
`
`IN
`
`IN
`APPLICATION
`COPROCESSOR
`Cl5
`
`HH
`
`H 13
`
`Hl4
`
`WAIT FOR NOTIFICATION
`fROM DOS SERVICE
`
`EXECUTE
`APPLICATION USING
`CODE EXECUTING
`IN COPROCESSOR
`AS NEEDED
`
`REQUEST LOCATION Of
`AK FROM HOST
`
`Cl6
`
`GET COPY OF AK fROM fc\5 I C 17
`PERMANENT STORAGE
`\2J --
`
`1
`
`REQUEST fiLE 2 EAK (SOFTWARE)
`@
`fROM HOST
`
`Cl8
`
`DfCRYPT EAK (SOfTWARE)
`WITH AK TO GET SOfTWARE ®
`
`Cl9
`
`C20
`
`c 2 ~
`
`~
`VJ
`~ ~
`rD a
`
`~
`
`N
`._.CIO
`)ooooO
`1,0
`C10
`1,0
`
`(FJ
`g'
`~
`C10
`~
`C10
`
`.a;;.
`-..
`00
`1-l
`.....:)
`-..
`1-l
`
`.a;;. =
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 10
`
`

`

`SOFfW ARE PROTECTION SYSTEM USING A
`SINGLE-KEY CRYPTOSYSTEM, A
`HARDWARE-BASED AUTHORIZATION SYSTEM
`AND A SECURE COPROCESSOR
`
`CROSS-REFERENCE TO CO-PENDING
`APPLICATIONS Reference is made to the following 20
`co-pending applications, assigned to the assignee of this
`application:
`U.S. patent application Ser. No. 927,309, filed Nov. 5,
`1986; U.S. patent application Ser. No. 927,306, filed
`Nov. 5, 1986; U.S. patent application Ser. No. 927,298, 25
`filed Nov. 5, 1986; U.S. patent application Ser. No.
`927,286, filed Nov. 5, 1986; U.S. patent application Ser.
`No. 927,297, filed Nov. 5, 1986; and U.S. patent applica(cid:173)
`tion Ser. No. 927,299, filed Nov. 5, 1986.
`
`BACKGROUND ART
`
`1
`
`4,817,140
`
`DESCRIPTION
`TECHNICAL FIELD
`The invention is in the field of data processing and is 10
`specifically directed to a software copy protection
`mechanism. In particular a mechanism is provided
`which restricts software; distributed on magnetic disk
`or other medium, to use on any computer which is
`associated with a specified, physically secure coproces· 15
`sor where the mechanism does not interfere with the
`user creation of "backup" copies, but the protection is
`not compromised by any such "backup" copies.
`
`2
`Best suggests that each copy of a program be custom(cid:173)
`ized so that it is only executable on a single micro(cid:173)
`processor, i.e. in a single, physically unique micro(cid:173)
`processor. This protection appears breakable by discov-
`5 ering the key needed to decrypt the software and by
`other cryptanalytic techniques. However, as a practical
`technique for protecting software, it is unusable. A
`software vendor must sell each copy of his software
`(which has been customized), along with the micro(cid:173)
`processor which has been customized to run the associ(cid:173)
`ated software. The only alternative is for the vendor to
`identify which microprocessor the user owns so that the
`software can be customized for it. To the extent that the
`software vendor allows the software to be run on a class
`of microprocessors (say all 80286), then the protection
`is lost, for duplicates of the software will freely run on
`all microprocessors of the class.
`The referenced U.S. Pat. No. 4,644,493 describes a
`method for recording data on magnetic media in such a
`way that the act of reading the data alters it. Such "read
`once" magnetic recordings cannot be created by con(cid:173)
`ventional disk drives so they cannot be copied by con(cid:173)
`ventional personal computers systems. As described in
`the referenced application a computer is associated with
`a physically and logically secure coprocessor and soft(cid:173)
`ware as distributed on the magnetic media includes at
`least a significant section or portion which is encrypted.
`The magnetic media also includes an encrypted decryp-
`30 tion key which must be used by the coprocessor to
`decrypt the encrypted portion of the software. The act
`of transferring the encrypted decryption key from the
`magnetic media to the secure coprocessor is linked to
`A good description of the background art to the
`the mechanism which alters the data. This assures that,
`invention is provided in the applicants co-pending U.S.
`in the absence of extraordinary measures, the encrypted
`Pat. No. 4,644,493, filed Sept. 14, 1984.
`In addition to the prior art identified in the referenced 35 decryption key is not transferable once the magnetic
`applica!ion, Uchenick U.S. Pat. ~o. 4,458,315.sugg~sts medium has been read. This prevents the creation of
`a secunty pr?Ce~ur~ for pr~tectmg software m which
`copies of the distribution medium which can be em-
`!he soft~are 1s dtstnbuted w1th a key number (first key
`played on other computers, subverting the copy protec-
`information). In order for the software to be run o~ a 40 tion mechanism. Once the coprocessor has access to the
`co~put~~· the compu!er must.ha~e access to a devu;:e
`encrypted decryption key, it can decrypt this key. In
`stotnng sefond ker ~rma!~n ri ~e srogr~ r l the course of executing the software the encrypted
`~o pro~er Y execu e
`ess . e rrs ~ secon
`ey
`portion is decrypted by the coprocessor. This ensures
`informatiOn bears some specified relatton. The patent
`th t th
`ft
`·
`tabl b t
`t
`th
`however does not describe use of a transaction token
`a
`e s~ . ware IS execu
`e, u preven s
`e user
`which forms an important component of the present 45 ~rom obtaining access to the complete software package
`m decrypted f~rm.
`.
`.
`.
`invention, nor is there any apparent impediment to
`. ~e mecharusm d~scnbed m the referenced apphca-
`deter a pirate from merely altering the software so it can
`t~on 1s extremely resistant to atta~k because the decryp-
`execute without this comparison step nor does the pa-
`tion key and the protected f~actton of the software are
`tent describe how the computer obtains access to the
`"record key information" in such a way that that access 50 never exposed to the us7r m unencryp!e~ form. The
`cannot be duplicated or forged.
`ow~er of the software 1s ~owed unlimited backup
`Jones Futurex, Inc. describe a software protection
`coptes, but these backup COJ?les are useless on any other
`product which employs a decryption board which
`personal. computer (one whtch does ~ot have acces~ to
`stores a decryption key in "write only" mode. This
`the spectfic copro:essor alrea~y stonng the d~crypt1on
`product comes in fixed key and variable key models. 55 ke~). The protectiOn system 1S open to any software
`The fixed key model would require the software vendor
`wnter for us~ and ~y hardwar~ producer for ~~ufac-
`to personalize each different software copy to a differ-
`ture because 1t requrres no shanng of confidential mfor-
`ent key. While the variable key product might not have
`mation (key information) between the involved parties
`this failing, the product description does not describe
`and its methods may be disclosed publicly without com-
`how the variable key can be loaded except to say this is 60 promising its security.
`However the read once magnetic recording has two
`accomplished by "an remote communications proces-
`sor". Such a scheme for distributing decryption keys is
`vulnerabilities in a copy protection system. First it is
`inconsistent with the distribution methods in common
`always possible (although costly) to examine the mag-
`use. This drawback does not characterize the system
`netic medium and produce a device which will forge its
`taught by this disclosure.
`65 behavior to a computer system. Second, a detennined
`Best, in U.S. Pat. Nos. 4,168,396; 4,278,837 and
`pirate may be able to build an apparatus which will
`4,465,901, describes a program protection mechanism
`restore the pre-read state of the "read once" recorded
`which makes use of enciphered programs. However,
`data that has been used to authorize the acceptance of a
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 11
`
`

`

`4,817,140
`
`3
`decryption key by a system. The re-initialized medium
`could then be used to illicitly "authorize" a second
`system.
`The method, as described in the referenced applica(cid:173)
`tion requires use of a public key crypto system. This 5
`architectural restriction limits the flexibility of the sys(cid:173)
`tem. In addition the system described in the referenced
`application requires the use of a bus slot which may not
`be available on some systems or may be too valuable to
`a user. This is necessary to allow the coprocessor to 10
`observe the host processor bus operations so that it may
`assure itself that the appearance of the read once mag(cid:173)
`netic recording is not being simulated by a program on
`the host computer.
`The present invention overcomes the above noted 15
`disadvantages in that it firstly does not require a dedi(cid:173)
`cated bus slot for a physically secure coprocessor, it
`does not rely on public key crypto systems nor does it
`rely on read once magnetic media. In these respects it is
`both more versatile and more resistant to attempted 20
`piracy than the earlier system.
`The present invention is based on the recognition that
`today's software distribution techniques distribute to
`the user, in addition to the software itself, the right to
`execute that software. That is, more particularly, when 25
`software is sold to the typical user, the user acquires not
`only the software itself but the right to use it. However,
`he can, with a typical personal computer, duplicate the
`software and distribute it along with the (implied) right
`to use it to others. The invention seeks to separate the 30
`software, from the right to use it. Further, it seeks to
`place the means of creating these Rights-to-Execute in
`the hands of the software authors or their representa(cid:173)
`tives. It also seeks to do these things with no perturba- ·
`tion to the existing or planned channels of software 35
`distribution and minimum change to the means by
`which software is prepared for distribution. As will be
`described below, in accordance with the present inven(cid:173)
`tion, the typical software purchaser may still duplicate
`at will the software he has received from the vendor. 40
`However, he cannot duplicate the right to use the soft(cid:173)
`ware; in fact he receives a single right to use the soft(cid:173)
`ware. To become effective, that right to use must be
`installed in a suitable coprocessor, and it is only when
`the right to use is installed on the suitable coprocessor 45
`(which is associated with the host computer on which
`the user intends to run the software) that the software
`becomes executable. Other copies of the software that
`the user might make are not executable on any other
`host computer (even if such other host computer is 50
`associated with another suitable coprocessor).
`In accordance with the present invention software
`can be distributed on magnetic media (such as tape or
`floppy disk) or by other means (telephone lines, cable or
`broadcast transmission). The software is partitioned 55
`into an encrypted portion P e and an unencrypted (clear
`text) portion Pc. The choice of the partitioning is made
`by the software vendor with the understanding that
`only the encrypted portion will be protected from pi(cid:173)
`racy. The encrypted portion, Pe, of the software will be 60
`decrypted and executed by a physically and logically
`secure coprocessor if the coprocessor possesses the
`decryption key which embodies the right to execute.
`The protected part of the software is, thus, never ex(cid:173)
`posed in plaintext form and never executed by unautho- 65
`rized systems. The coprocessor may be attached to the
`user's personal computer either on the system bus or
`through a 1/0 or other communication port.
`
`4
`In order to be effective, and decrypt the encrypted
`portion of the protected software, the coprocessor must
`be provided with the decryption key (Right-Right-to(cid:173)
`Execute or RTE, also referred to as AK or Application
`Key) needed to render the encrypted portion of soft(cid:173)
`ware executable. The key (RTE or AK) must be trans(cid:173)
`ferred to the software owner's coprocessor in such a
`way that the transfer mechanism cannot be reused or
`reproduced by a user and thus grant key transfer to
`other personal computers. This is accomplished by asso(cid:173)
`ciating the effective transfer of the decryption key into
`the non-volatile memory of the coprocessor with a
`transaction token, e.g. the presence of the transaction
`token is required to effectively transfer the decryption
`key to the coprocessor. The token is very resistant to
`forgery for reasons which are described below and its
`information content is destroyed during the transfer
`transaction. The token has information content which is
`known to the coprocessor because it is identified in an
`encrypted ftle. This ftle is called the Encrypted Token
`Description or ETD. This identification is authenti(cid:173)
`cated to the coprocessor by the fact that it is encrypted
`with the same key (AK) which the software vendor has
`used to encrypt the protected portion of the software.
`The ETD may be distributed to the user by placing it in
`a dedicated register in the token, by recording it on the
`distribution medium, or by distributing it by other
`means.
`The software vendor supplied key (AK) is made
`available to the coprocessor by supplying it, in en(cid:173)
`crypted form, with the program via the software distri(cid:173)
`bution medium or other means as described in the case
`of the ETD. In the general case, the key used to encrypt
`the AK is selected from a list of Coprocessor Supervi(cid:173)
`sor Keys (CSKs) which is stored in all coprocessors
`supplied by a given vendor.
`The function of encrypting the software vendor's
`decryption key with one of these stored encryption keys
`is a service provided by the coprocessor so that the
`store of keys (CSKs) need never be exposed to the
`software vendor. The coprocessor which the software
`vendor uses to encrypt the software vendor's keys may
`be precisely the same type of coprocessor as the user
`employs to decrypt and run the software. Alternatively,
`special processors may be sold for this purpose or stan(cid:173)
`dard processors may be enabled to perform this func(cid:173)
`tion by an encrypted message from the hardware manu(cid:173)
`facturer. These options may be useful in giving flexibil(cid:173)
`ity to the marketer of such devices.
`For the same reason the software vendor's decryp(cid:173)
`tion keys (such as AK) are never exposed to the soft(cid:173)
`ware user, the hardware vendor's encryption keys
`(CSK) are never exposed to the software vendor. This
`system thus has the property that no information need
`be shared between hardware and software manufactur(cid:173)
`ers in order to use the protection provided. In addition,
`a single encryption system such as DES may be used for
`all cryptographic functions.
`In accordance with the invention, in order to access
`the transfer token, the coprocessor is provided with a
`data path which allows communication with a hard(cid:173)
`ware sub-system such as a cartridge. This data path may
`utilize a connection to the cartridge supplied by either
`the host (such as a PC) or the coprocessor. The car(cid:173)
`tridge contains an electronic memory with properties
`that change (in a manner to be described) in response to
`whether the memory is being read from or written to.
`This cartridge sub-system must be extremely difficult to
`
`APPLE EXHIBIT 1068
`APPLE v. PMC
`IPR2016-00755
`Page 12
`
`

`

`4,817,140
`
`25
`
`5
`6
`The first time the user attempts to employ the pro-
`copy in the sense that a substitute is very unlikely to be
`created by a user which can fool a coprocessor into
`tected software, he couples the physically and logically
`accepting it as verification of the user's right to store a
`secure coprocessor to the computer system in which the
`protected software is to be run and also couples the
`given decryption key (AK) in the user's coprocessor.
`Since the connection to the sub-system is physically
`hardware cartridge containing the transfer token to the
`computer system.
`exposed, the transaction which uses this connection as
`On the fust running of the software the encrypted
`its communications medium must be forgery-resistant.
`software key EAK is transferred to the coprocessor and
`To be forgery-resistant, each transaction must be
`effectively unique and verifmble by the coprocessor.
`is decrypted by the coprocessor using the required CSK
`The technique by which this security is obtained is 10 to obtain AK. For reasons which are explained below,
`described below.
`this transfer is temporary, the coprocessor will reject
`the transfer if the conditions described below are not
`The sub-system which is used to verify the right of a
`user to a particular decryption key is referred to as a
`met. A verifiable· portion of the contents of the hard-
`transfer token. The necessary functions can be imple-
`ware cartridge, i.e., the transfer token, is also trans-
`mented using programs executed by a micro-processor 15 ferred to the coprocessor using a forgery-resistant que-
`or by using a dedicated hardware system. Inasmuch as
`ry /response protocol; this process alters or destroys the
`the most economical implementation of a transfer token
`contents of the hardware cartridge. The information
`will be a dedicated hardware system, this is the version
`revealed to an observer of the query and the response is
`that is described.
`insufficient to allow a forger to construct a correct
`The transfer token hardware and its information con- 20 response to another coprocessor query. The transfer
`token can be "refilled" with information by a software
`tent must be kept physically secure to avoid its access
`by the user through means which bypass the forgery
`author, but the refilled transfer token will only autho-
`prevention feature. One implementation of this physical
`rize a coprocessor to accept an AK from that author.
`security is described in co-pending application Ser. No.
`The physically and logically secure coprocessor deter-
`927,309, filed Nov. 5, 1986 the disclosure of which is
`mines whether or not the transfer token is effective by
`incorporated by this reference. The same technique
`determining whether or not it corresponds to an ex-
`may be employed to render the coprocessor itself physi-
`pected transfer token. Assuming the transfer token is
`cally secure and to protect its memory contents from its
`found acceptable, the coprocessor then stores the soft-
`exposure to a user. Since tokens can be implemented as 30 ware decryption key AKin its permanent memory. At
`a single, continuously powered, integrated circuit chip,
`this point the transfer is effective so that the coproces-
`no additional physical security is needed. If the physical
`sor can use AK to decrypt and run protected software.
`security of a token were broken, then no cryptographic
`Once the software decryption key AK is stored in the
`keys would be revealed and only the single associated
`permanent memory of the coprocessor, the protected
`software package could be redistributed.
`35 software can be executed. The plaintext portion of the
`Thus, in accordance with the invention, software to
`protected software is executed by the user computer
`be protected is partitioned into a plain text portion and
`system. The encrypted portion (the protected portion)
`an encrypted portion; the encryption key (AK) used to
`of the software is decrypted upon loading by the co-
`encrypt the software is known only to the software
`processor. The logical and physical security of the co-
`vendor. The protected software provided to the user is 40 processor memory prevents the user from having access
`associated with the software decryption key, in en-
`to plaintext or executable form of the protected soft-
`crypted form (EAK). The software decryption key
`ware.
`(AK) is encrypted with the hardware vendor's encryp-
`On each subsequent use of the protected software the
`tion key (CSK) which is not known to the software
`software decryption key AK now stored in the perma-
`vendor. This encryption is a service performed by such 45 nent memory of the coprocessor is used to decrypt the
`coprocessors. The software and encrypted decryption
`encrypted portions thereof. The user can make as many
`key (EAK) may be associated with information describ-
`"backup" copies of the software as he desires; however
`ing a transfer token (TOKEN DATA) by encrypting
`without access to a logically and physically secure co-
`that description under AK. The correspondence be-
`processor storing
`the decryption key AK, any
`tween the content of the token and the token data (after so "backup" copies of the software are unusable since the
`decryption under AK) indicates to the coprocessor that
`encrypted portion of the software cannot be decrypted.
`that particular AK may be stored for future use. The
`Accordingly, the invention provides a method of
`authorized user is provided with a token, which in a
`restricting use of software to an authorized computer
`preferred embodiment is implemented in the form of a
`comprising the steps of:
`hardware cartridge. The transfer token is physically 55
`distributing said software in a form in which at least
`and logically secure, so that a sufficient fraction of its
`a significant portion is encrypted,
`information contents is not available to the user. The
`providing a coprocessor in association with a paten-
`transfer token, or the hardware cartridge incorporating
`tially authorized processor, which coprocessor has a
`the transfer token has a read once feature whereby the
`memory