Presentation is loading. Please wait.

Presentation is loading. Please wait.

Methods for Preventing Unauthorized Software Distribution

Published byClaude Hodges Modified over 6 years ago

Similar presentations

Presentation on theme: "Methods for Preventing Unauthorized Software Distribution"— Presentation transcript:

1 Methods for Preventing Unauthorized Software Distribution
Source: Computers & Security, Vol. 22, No. 4, pp , 2003. Author: Mohammad Peyravian, Allen Roginsky and Nevenko Zunic Speaker: Chi-Nan Lin Date: 12/15/2004

2 Outline Introduction The algorithm An alternate solution
A posibble solution Crush recovery Can privacy be guaranteed Advantages of the proposed scheme

3 Introduction How the software vendor prevents unauthorized software installation? Two kinds of offenders: The average user The sophisticated hacker

4 The algorithm(1/2) Assume software P is sold on a disk or downloaded from the Internet. 1.Let P consists of two parts, P1 and P2. P1 can be run (unencrypted) while P2 is encrypted. 2.To do software installation, the buyer must have an Internet connection. Buyer runs P1 first: Vendor P1 P_id, S_no P_id: Product id S_no: Serial no K = A_new = H(S_no,A) P2' = DK(P2) check-> P_id, S_no : A A_new = H(S_no, A) store-> P_id, S_no : A_new A

5 The algorithm(2/2) 3.P1 then runs P2' to finish the software installation. P2' then re-encrypt itself into P2_new with key K_new. K_new = H(S_no, K). P2_new = EK_new(P2') At no time will P2' be stored in the client's machine. 4.Now, the software P is ready for another round of installation. The vendor can decide how many installations are allowed for each (P_id, S_no). Note: Only P1 can decrypt and start execution of P2'. A session key could be generated first between P1 and vendor to secure the transmission of value A.

6 An alternate solution What happened if the software is sold on a read-only medium (ex., a CD-ROM)? The buyer will have to store the software onto a read-write medium first. The installation algorithm can then begin from the read-write medium.

7 A possible solution How to prevent the re-encryption of P2' be interrupted and hence the user get a copy of P2'? P2 --> P2_1 + P2_ P2_n For P2_1: DK(P2_1) -> P2_1' Run P2_1' EK_new(P2_1') -> P2_1_new DK_new(P2_1_new) ?= P2_1' Only if step 4 is true then proceeds to process P2_2, otherwise abort the installation. The method continues until P2_n has finished.

8 Crush recovery What happened if a buyer's machine had crushed after software installation? The buyer will have to keep the original software P (maybe in a CD). The vendor will have to keep the original value A. The buyer will have to report to the vendor to get approval to re-install the software from the original copy P. The synchronization is then re-established. How many crushes are allowed?

9 Can privacy be guaranteed?
Yes or no. It depends on vendor's policy. During the installation process, P1 could ask the buyer to enter personal information or collect the buyer's machine identification data. Even nothing is collected the vendor can still control the total number of installations allowed for each copy of the software sold.

10 Advantages of the proposed scheme
Client and server don't need any prior setup shared or public keys. Simple, first and scalable. No specialized hardware is required. Relies on cryptographic hash function. The secret keys used to encrypt/decrypt only distributed between software vendor and the recipient of a given software copy. Use different key for every round of software installation.

Download ppt "Methods for Preventing Unauthorized Software Distribution"

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Chapter 1 – Introduction

Chapter 1 – Introduction
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Course: Introduction to Computers Lecture: 6.  Commercial software is covered by Copyrights.  You have to pay for it and register to have the license.

Course: Introduction to Computers Lecture: 6.  Commercial software is covered by Copyrights.  You have to pay for it and register to have the license.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Masud Hasan 03-60-475 SecueEmail VS Hushmail Project 2.

Masud Hasan Secue VS Hushmail Project 2.
Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.

Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.
Chapter 3 Installing Windows XP Professional. Preparing for installation Pre-installation requirement; ◦ Hardware requirements ◦ Hardware compatibility.

Chapter 3 Installing Windows XP Professional. Preparing for installation Pre-installation requirement; ◦ Hardware requirements ◦ Hardware compatibility.
Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or hellhound” with a serpent's.

Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Types of Electronic Infection

Types of Electronic Infection
Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.

Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.
Operating Systems. Overview What is an Operating System (OS) What is an Operating System (OS) What Operating Systems do. What Operating Systems do. Operating.

Operating Systems. Overview What is an Operating System (OS) What is an Operating System (OS) What Operating Systems do. What Operating Systems do. Operating.

Similar presentations

Ads by Google