100 likes | 125 Views
Methods for Preventing Unauthorized Software Distribution. Source: Computers & Security, Vol. 22, No. 4, pp316-321, 2003. Author: Mohammad Peyravian, Allen Roginsky and Nevenko Zunic Speaker: Chi-Nan Lin Date: 12/15/2004. Outline. Introduction The algorithm An alternate solution
E N D
Methods for Preventing Unauthorized Software Distribution • Source: Computers & Security, Vol. 22, No. 4, pp316-321, 2003. • Author: Mohammad Peyravian, Allen Roginsky and Nevenko Zunic • Speaker: Chi-Nan Lin • Date: 12/15/2004
Outline • Introduction • The algorithm • An alternate solution • A posibble solution • Crush recovery • Can privacy be guaranteed • Advantages of the proposed scheme
Introduction • How the software vendor prevents unauthorized software installation? • Two kinds of offenders: • The average user • The sophisticated hacker
The algorithm(1/2) Assume software P is sold on a disk or downloaded from the Internet. 1.Let P consists of two parts, P1 and P2. P1 can be run (unencrypted) while P2 is encrypted. 2.To do software installation, the buyer must have an Internet connection. Buyer runs P1 first: Vendor P1 P_id, S_no P_id: Product id S_no: Serial no K = A_new = H(S_no,A) P2' = DK(P2) check-> P_id, S_no : A A_new = H(S_no, A) store-> P_id, S_no : A_new A
The algorithm(2/2) 3.P1 then runs P2' to finish the software installation. P2' then re-encrypt itself into P2_new with key K_new. K_new = H(S_no, K). P2_new = EK_new(P2') At no time will P2' be stored in the client's machine. 4.Now, the software P is ready for another round of installation. The vendor can decide how many installations are allowed for each (P_id, S_no). Note: Only P1 can decrypt and start execution of P2'. A session key could be generated first between P1 and vendor to secure the transmission of value A.
An alternate solution • What happened if the software is sold on a read-only medium (ex., a CD-ROM)? • The buyer will have to store the software onto a read-write medium first. • The installation algorithm can then begin from the read-write medium.
A possible solution • How to prevent the re-encryption of P2' be interrupted and hence the user get a copy of P2'? • P2 --> P2_1 + P2_2+ ... + P2_n • For P2_1: • DK(P2_1) -> P2_1' • Run P2_1' • EK_new(P2_1') -> P2_1_new • DK_new(P2_1_new) ?= P2_1' • Only if step 4 is true then proceeds to process P2_2, otherwise abort the installation. • The method continues until P2_n has finished.
Crush recovery • What happened if a buyer's machine had crushed after software installation? • The buyer will have to keep the original software P (maybe in a CD). • The vendor will have to keep the original value A. • The buyer will have to report to the vendor to get approval to re-install the software from the original copy P. • The synchronization is then re-established. • How many crushes are allowed?
Can privacy be guaranteed? • Yes or no. It depends on vendor's policy. • During the installation process, P1 could ask the buyer to enter personal information or collect the buyer's machine identification data. • Even nothing is collected the vendor can still control the total number of installations allowed for each copy of the software sold.
Advantages of the proposed scheme • Client and server don't need any prior setup shared or public keys. • Simple, first and scalable. • No specialized hardware is required. • Relies on cryptographic hash function. • The secret keys used to encrypt/decrypt only distributed between software vendor and the recipient of a given software copy. • Use different key for every round of software installation.