Abstract
Software piracy has been considered one of the biggest problems of this industry since computers became popular. Solutions for this problem based in tamperproof hardware tokens have been introduced in the literature. All these solutions depend on two premises: (a) the physical security of the tamperproof device and (b) the difficulty to analyze and modify the software in order to bypass the check of the presence of the token. The experience demonstrates that the first premise is reasonable (and inevitable). The second one, however, is not realistic because the analysis of the executable code is always possible. Moreover, the techniques used to obstruct the analysis are not helpful to discourage an attacker with usual resources. This paper presents a robust software protection scheme based in the use of smart cards and cryptographic techniques. The security of this new scheme is only dependent on the first premise because code analysis and modification are not useful to break this scheme.
Chapter PDF
Similar content being viewed by others
References
Aura, T.; Gollman, D. Software License Management with Smart Cards. Proceedings of the Usenix Workshop on Smartcard Technology (Smartcard’99), pp. 75–86. 1999.
Bennet S. Yee. Using Secure Coprocessors. PhD thesis CMU-CS-94-149, Carnegie Mellon University, 1994.
Castellá-Roca, J.; Domingo-Ferrer, J.; Herrera-Joancomarti, J.; Planes, J. A Performance Comparison of Java Cards for Micropayment Implementation. Proccedings of CARDIS’2000, pp 19–38. Kluwer Academic Publishers. 2000.
Constantas, D. et al. An Architecture for Electronic Document Commerce. 4th CaberNet Radicals Workshop, 1997. Available online at http://www.newcastle.research.ec.org/cabernet/research/radicals/1997/papers/edc-constanta.html
Collberg, C.; Thomborson, C. Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection. University of Auckland Technical Report # 170. Available online at http://www.cs.auckland.ac.nz/~collberg/Research/Publications/CollbergThomborson2000a/index.html. 2000.
Collberg, C.; Thomborson, C. Software watermarking: Models and dynamic embeddings. Proceedings of POPL’99-26th ACM Symposium on Principles of Programming Languages. 1999. Available online at http://www.cs.arizona.edu/~collberg/Research/Publications/CollbergThomborson99a/index.html. 1999.
Davida, G. I.; Desmedt, Y.; Blaze, M. J. Defending Systems Against Viruses Through Cryptographic Authentication. Proceedings of IEEE 1989 Symposium on Security and Privacy, pp 312–318. 1989.
Forrest, S.; Hofmeyr, S.; Somayaji, A. Computer immunology. Communications of the ACM, Vol. 40, No. 10, pp. 88–96. 1997.
Fünfrocken, S. Protecting Mobile Web-Commerce Agents with Smartcards Proceedings of ASA/MA’99. 1999.
O. Goldreich, Towards a theory of software protection, Proc. 19th Ann. ACM Symp. on Theory of Computing, pp. 182–194. 1987.
Herzberg, A.; Pinter, S. S. Public Protection of Software. ACM Transactions on Computer Systems, 5(4)-87, pp. 371–393. 1987.
Hohl F. Time Limited Blackbox Security: Protecting Mobile Agents from Malicious Hosts. in Giovanni Vigna (Ed.), Mobile Agent Security, LNCS 1420 Springer Verlag, pp 91–113. 1998.
Kent, S. Protecting Externally Supplied Software in Small Computers. PhD thesis, Massachusetts Institute of Technology, MIT/LCS/TR-255, MIT. 1980.
Kohl, U.; Lotspiech, J.; Kaplan M. A. Safeguarding Digital library Contents and Users: Protecting Documents Rather Than Channels. D-Lib Magazine, Sept-97 ISSN 1082-9873. 1997.
Loureiro, S.; Molva, R. Function hiding based on error correcting codes. Proceedings of Cyptec’99-International Workshop on Cryptographic techniques and Electronic Commerce. 1999.
Maña, A. Una Solución Segura Basada en Java para la Comercialización de Contenidos Digitales. (in spanish). Proceedings of the Sixth Spanish Conference on Cryptography and Information Security. Ra-Ma, isbn 84-7897-431-8, pp-243–252. 2000.
López, J.; Maña, A; Pimentel, P. Un Esquema Eficiente de Protección de Software Basado en Tarjetas Inteligentes. Technical Report 14/2000, Department of Computer Science, University of Malaga. 2000
Preneel, B. El Estado de las Funciones Hash. (in spanish). Proceedings of the Sixth Spanish Conference on Cryptography and Information Security. Ra-Ma, isbn 84-7897-431-8, pp-3–38. 2000.
Rivest, R. L.; Shamir, A.; Adleman, L. M. A method for obtaining digital signatures and public-key cryptosystems. Journal of the ACM, 21(2):120–126, February 1978.
Samuelson, P. A Manifesto Concerning the Legal Protection of Computer Programs: Why Existing Laws Fail To Provide Adequate Protection. Proceedings of KnowRight’ 95, pp 105–115. 1995.
Sander, T.; Tschudin C.F. On Software Protection via Function Hiding. Proceedings of Information Hiding’ 98. Springer-Verlag. LNCS 1525. pp 111–123. 1998.
Schaumüller-Bichl1, I.; Piller, E. A Method of Software Protection Based on the Use of Smart Cards and Cryptographic Techniques. Proceedings of Eurocrypt’84. Springer-Verlag. LNCS 0209, pp. 446–454. 1984.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 IFIP International Federation for Information Processing
About this paper
Cite this paper
Maña, A., Pimentel, E. (2001). An Efficient Software Protection Scheme. In: Dupuy, M., Paradinas, P. (eds) Trusted Information. SEC 2001. IFIP International Federation for Information Processing, vol 65. Springer, Boston, MA. https://doi.org/10.1007/0-306-46998-7_27
Download citation
DOI: https://doi.org/10.1007/0-306-46998-7_27
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7389-6
Online ISBN: 978-0-306-46998-5
eBook Packages: Springer Book Archive