Methods for Preventing Unauthorized Software Distribution

1
Methods for Preventing Unauthorized Software
Distribution

• Source Computers Security, Vol. 22, No. 4,
  pp316-321, 2003.
• Author Mohammad Peyravian, Allen Roginsky and
  Nevenko Zunic
• Speaker Chi-Nan Lin
• Date 12/15/2004

2
Outline

• Introduction
• The algorithm
• An alternate solution
• A posibble solution
• Crush recovery
• Can privacy be guaranteed
• Advantages of the proposed scheme

3
Introduction

• How the software vendor prevents unauthorized
  software installation?
• Two kinds of offenders
• The average user
• The sophisticated hacker

4
The algorithm(1/2)

• Assume software P is sold on a disk or downloaded
  from the Internet.
• 1.Let P consists of two parts, P1 and P2. P1 can
  be run (unencrypted) while P2 is encrypted.
• 2.To do software installation, the buyer must
  have an Internet connection. Buyer runs P1 first

Vendor
P1
P_id, S_no
P_id Product id S_no Serial no K A_new
H(S_no,A) P2' DK(P2)
check-gt P_id, S_no A A_new H(S_no, A) store-gt
P_id, S_no A_new
A
5
The algorithm(2/2)
3.P1 then runs P2' to finish the software
installation. P2' then re-encrypt itself into
P2_new with key K_new. K_new H(S_no, K).
P2_new EK_new(P2') At no time will P2' be
stored in the client's machine. 4.Now, the
software P is ready for another round of
installation. The vendor can decide how many
installations are allowed for each (P_id, S_no).
Note Only P1 can decrypt and start execution of
P2'. A session key could be generated first
between P1 and vendor to secure the transmission
of value A.
6
An alternate solution

• What happened if the software is sold on a
  read-only medium (ex., a CD-ROM)?
• The buyer will have to store the software onto a
  read-write medium first.
• The installation algorithm can then begin from
  the read-write medium.

7
A possible solution

• How to prevent the re-encryption of P2' be
  interrupted and hence the user get a copy of P2'?
• P2 --gt P2_1 P2_2 ... P2_n
• For P2_1
• DK(P2_1) -gt P2_1'
• Run P2_1'
• EK_new(P2_1') -gt P2_1_new
• DK_new(P2_1_new) ? P2_1'
• Only if step 4 is true then proceeds to process
  P2_2, otherwise abort the installation.
• The method continues until P2_n has finished.

8
Crush recovery

• What happened if a buyer's machine had crushed
  after software installation?
• The buyer will have to keep the original software
  P (maybe in a CD).
• The vendor will have to keep the original value
  A.
• The buyer will have to report to the vendor to
  get approval to re-install the software from the
  original copy P.
• The synchronization is then re-established.
• How many crushes are allowed?

9
Can privacy be guaranteed?

• Yes or no. It depends on vendor's policy.
• During the installation process, P1 could ask the
  buyer to enter personal information or collect
  the buyer's machine identification data.
• Even nothing is collected the vendor can still
  control the total number of installations allowed
  for each copy of the software sold.

10
Advantages of the proposed scheme

• Client and server don't need any prior setup
  shared or public keys.
• Simple, first and scalable.
• No specialized hardware is required.
• Relies on cryptographic hash function.
• The secret keys used to encrypt/decrypt only
  distributed between software vendor and the
  recipient of a given software copy.
• Use different key for every round of software
  installation.