WO1998033296A1 - Distribution system with authentication - Google Patents
Distribution system with authentication Download PDFInfo
- Publication number
- WO1998033296A1 WO1998033296A1 PCT/AU1997/000889 AU9700889W WO9833296A1 WO 1998033296 A1 WO1998033296 A1 WO 1998033296A1 AU 9700889 W AU9700889 W AU 9700889W WO 9833296 A1 WO9833296 A1 WO 9833296A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- icv
- goods
- product
- software
- services
- Prior art date
Links
- 238000000034 method Methods 0.000 claims description 38
- 238000009434 installation Methods 0.000 claims description 6
- 238000012795 verification Methods 0.000 abstract description 5
- 238000010200 validation analysis Methods 0.000 description 38
- 230000008569 process Effects 0.000 description 22
- 238000004364 calculation method Methods 0.000 description 18
- 230000004044 response Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000000875 corresponding effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000011900 installation process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000005096 rolling process Methods 0.000 description 1
- 238000013514 software validation Methods 0.000 description 1
- 230000001502 supplementing effect Effects 0.000 description 1
- 230000036962 time dependent Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/16—Program or content traceability, e.g. by watermarking
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2115—Third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2135—Metering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2151—Time stamp
Definitions
- the present invention relates to distribution systems, particularly those in which the delivery of goods / services can be authenticated as to their integrity or condition of delivery.
- the present can be used to verify or authenticate the distribution and use of software via a relatively insecure environment.
- the distribution of software via insecure and untrusted channels is a risk factor when using open, public or untrusted network.
- a complementary risk stems from ensuring that remotely operated software is operating in an unaltered manner, including all internal functions and internal data values.
- An object of the present invention is to provide a system, method and / or device which can check the integrity of software distributed over an at least partially insecure network.
- the present invention provides a system for distributing goods and / or services over a medium which is at least partially insecure, the system including: a means for establishing an Integrity Check Value (ICV), storage means associated with the distribution of the goods and / or services, and comparison means evaluating whether the goods and / or services after distribution have the same ICV as the goods and / or services before distribution.
- ICV Integrity Check Value
- the present invention also provides a method of distributing one or more copies of a goods and / or services based product, the method including the steps of: determining a unique identification (Ul) value for the product, determining an ICV encrypting the ICV storing the ICV at a first location recalculating the ICV in a manner determinable from both the first location and the product, distributing a copy of the product to a second location remote from the first location, the distributed product having associated with it the recalculated ICV, and comparing the ICV of the distributed product with the ICV known to the first location.
- Ul unique identification
- the encryption of the ICV may be based on the product and/or the Unique Identifier (Ul).
- the present invention provides a mechanism to distribute and use software in an insecure environment with relatively assured integrity and operation.
- the present invention stems from the realisation that distribution verification and authentication can be provided by 'attaching', associating and / or incorporating an Integrity Check Value (ICV) or some form of identification discernible only by the distributor and the distributed product to each product or service so distributed.
- ICV Integrity Check Value
- the present invention enables software programs to be distributed to remote locations via any channels, including untrusted transmission networks, with the relative assurance that the received software has not been altered or modified in any manner.
- the present invention describes a method and apparatus to distribute software programs via insecure distribution means with the ability to assure the integrity of these programs, both on first installation and all subsequent use of the program.
- Programs may be distributed by electronic means in public, open or private networks, or by inclusion on storage media.
- the present invention discloses a method and apparatus to verify that the program(s) have been installed in an unaltered state, or as in the intended manner of the program's creator, to a central (or trusted) server.
- a method and apparatus is also specified to enable said programs to prove integrity to a central (or trusted) server, via untrusted networks, upon activation and at any subsequent time.
- a consequence is that remotely located programs, possibly operating in untrusted environments, can be relatively assured they operate in the approved or desired manner, such approved manner may include ensuring that the program, or the user of the program, is communicating with the network entity (server) they intend to, while the network entity (server) can be relatively assured that the remote program operating in a known manner.
- Each distributed copy of a program may be individually and uniquely identified.
- Usage of individual copies of programs may be monitored.
- the time, date and frequency of use of individual programs may be monitored for signs of abnormal or undesirable usage patterns.
- the program may refuse to perform further operations unless integrity has been verified by the central (or trusted) server.
- Individual copies of programs which operate to or through a central service server may be disabled remotely by setting a validity indicator at the central (or trusted) server to a "false" value.
- Figure 1 illustrates one form of the distribution and initial validation
- Figure 2 illustrates one form of subsequent validation
- Figure 3 illustrates one form of Validation request
- Figure 4 illustrates one form of validation approval
- Figure 5 illustrates in schematic form an apparatus for implementing the validation of the present invention.
- the present invention also has application to other goods / services, such as, but is not limited to, copyright material, security functions used for e.g. financial services over open or insecure networks and subscription services where consumption of services require verification and monitoring.
- each copy of the software therefore has a cryptographically unique hash value (Integrity Check Value or ICV).
- ICV Integrity Check Value
- the hash value is recalculated in a specific manner known to both the software and the central site.
- the result of the received hash calculation / recalculation is electronically communicated to the central site, and validated against ICV entries in the database. If the validation is successful, the program can continue to operate as intended.
- this validation will occur during the initial installation of the software, and / or on subsequent use of the software. This ensures that software has a chain of authentication from initial installation and preferably through each use of the program.
- the result of the calculated hash value will be included in every transaction, message or communication session generated by the remote software program. This may be used to provide an audit log of software usage, supplementing audit logs of user activity, which is uniquely linked to both the specific copy of the software program and every resulting transaction.
- the operation of the present invention involves either one or two distinct phases. These phases are the initial distribution of the software program with integrity, and validating the program integrity with ongoing use. Download Integrity Mechanisms
- D1 Distribute the software with a unique identification value embedded by the distributor.
- D2 Distribute the software as an identical copy of a "master version", and distribute the unique identification value by another channel, to be embedded at time of installation by a trusted tool distributed with the software.
- D3 As with D1 above, with the addition of a challenge/response step.
- D4 As with D2 above, with the addition of a challenge/response step.
- D5 As with D3 or D4, with the inclusion of an offset pointer to be used in the ICV calculation process.
- the offset may be calculated in any deterministic manner which value could be a function of, or incorporate the Ul value.
- D6 As with D3 and D4 but with the inclusion of a direction indicator to indicate the direction of program data through the ICV calculation process, e.g. from start-of file to end of file or alternatively from end of file to start of file.
- D7 As with D6 but with the inclusion of an offset pointer for use with the ICV calculation.
- the offset may be calculated in any deterministic value and be a function of, or incorporate the Ul value.
- An example of Challenge/Response might be a process whereby the Validation Server (VS), (or some VS agent which makes the data known to the VS), issues some, e.g. date/time dependent, random and recorded, data to the software requesting validation. The data could then be included in the ICV (integrity check value) calculation and (VAL_REQ) message, sent to the validation server.
- the server is capable of calculating the modified request ICV and whether it is returned within a valid time frame etc. If the VS challenge is responded to correctly within the set parameters, than a VAL_OK message may be issued.
- V1 The ICV or validation value is a simple hash of the executable file.
- V2 The ICV is the result of hashing the executable file by use of a pre- calculated offset point in the file as the start of the input to the hash calculation process and continuing until the entire program has been used in calculating the ICV hash value.
- This offset pointer may be based upon the unique identification value, a fixed pointer chosen by the programmer, or determined in some other manner.
- V3 As with V1 , with the inclusion of an initialisation value. The initialisation value is included with the program file in the ICV calculation process.
- the initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
- V4 As with V2 above, with the inclusion of an initialisation value, originated by either the Validation Server or the program itself. The initialisation value is included with the file in the hash calculation process. The initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
- V5 A combination of V2 and V4.
- the offset pointer is calculated in a manner which includes the initialisation value.
- the initialisation value is included in the ICV calculation process.
- the initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
- V6 As with V2, with the addition of a direction indicator.
- the ICV is based upon the program file, an offset pointer and a direction flag.
- the ICV is the hash result from the direction that the program file is processed in (e.g. towards the End Of File or towards the Start Of File) and the offset pointer.
- V7 As with V6, with the inclusion of a initialisation value.
- the initialisation value is originated by either the Validation Server or the program itself communicated between the two locations to allow use in duplicate calculations at both locations.
- the hashing process is well known to those skilled in the art.
- the hashing process selected should be robust and fit for purpose.
- Example of hashing processes which might be employed are, (but not confined to), e.g. the
- Distribution Server performs both distribution and validation functions. This is not necessarily the case, since these two functions may be performed in separately or by separate systems.
- the Distribution Server possess the Public and Private Key components of an Asymmetric Encryption algorithm. A Symmetric algorithm and process could be used, in addition to or as an alternative.
- the Master Copy of the program is distributed with the unique identifier
- the Ul may be embedded at time of distribution or embedded later by a trusted process.
- the Distribution Server calculates the Integrity Check Value (ICV) from a copy (identical image) of the distributed Master and stores both the Ul and ICV into the Validation Database.
- ICV Integrity Check Value
- the installation process occurs, which concludes with the received program being subjected to the same calculation process as used at the Distribution Server, to achieve a recalculated ICV.
- the recalculated ICV and Ul are sent to the Distribution Server, encrypted by PKDS in a Validation Request (VAL_REQ) message, see figure 3.
- VAL_REQ Validation Request
- a Private Key is used to recover the ICV and Ul.
- the Ul and received ICV components are then compared against the values calculated at time of distribution.
- the ICV values are transmitted in encrypted form.
- the encryption process uses Public Key methods to protect the Ul and ICV values from eavesdroppers. It is not necessary, in all cases, to transmit the Public Key, since this may be known within a closed network, or distributed by other means. However and alternatively, the VAL_OK message may be accompanied by a Public Key certificate. The most appropriate implementation should be determined by the application requirements or some affiliated standard.
- the program may use the same calculation process used at the Verification Server, to achieve a recalculated ICV.
- the recalculated ICV is sent to the Validation Server in a VAL_REQ message, where it is compared against the values calculated and validated, at the time of distribution.
- the Ul and ICV values are encrypted by Public Key methods, to prevent other parties correlating the two values, and creating software which may masquerade as valid software. If the stored and recalculated values match, the program is notified of this fact by the use of a digitally signed VAL_OK (effectively a "ticket of authenticity”) message which allows the program to proceed with processing information in accordance with the capabilities included by the program author.
- the digitally signed "Ticket of Authenticity" can in fact be validated by any entity possessing the Public Key of the Validation Server (PKVS).
- the digital signing of the Ticket of Authenticity is effected by using the protected and secret key of the validation server (SKVS), at that server.
- SKVS validation server
- the technique, using asymmetric cryptography, is well known to those skilled in the art.
- the Validation and Distribution Servers are shown as different systems, but in practice, it is likely that they will be different functions of the same system. If the Validation and Distribution Servers are different systems, then all distributed programs must contain appropriate public keys (i.e. PKDS and PKVS) to achieve the necessary secure communication paths required for software validation.
- the program once validated, may then communicate, with time correlated authenticity, to other systems in the electronic network, provided the digitally signed VAL_OK message is transmitted along with the request for connection on the remote network device.
- PSI Program Sequence Identifier
- VSSI Validation Server Sequence Identifier
- the Date/Time stamp enables any recipient to determine when the program was last validated.
- the recipient of a message or transaction containing a VAL_OK component may then make a valued decision on the validity of the software generating the message, and therefore the reliability which may be placed on the specified transactional data within the message.
- the recipient of such a message may also check the authenticity of the VAL_OK components by reference to the digital signature on the VAL_OK or by reference to the Validation Server.
- An initialisation vector is, referring to Figures 3 and 4, a value to be common to both the software or device under registration and the registration entity (validation server). The value is used in the process of calculating the ICV and therefore preferably should occur on a "one time only" basis. This will ensure that each validation is unique in content and cannot be replayed etc.
- An initialisation vector value might be derived from, (but is not confined to), e.g. the serial number of the device or software, a transaction counter or a date/time stamp. The nett result being a value used to derive a one time token of authenticity for the ICV calculation.
- FIG. 5 a schematic illustrates a means of implementing the present invention.
- reference numerals denote:
- the Software Module The goods/services or program being assured through this process.
- ICV Calculation process The process that calculates the ICV value, using a Hash Function and other optional processing steps, which may include use of an Initialisation Value or other token, an offset pointed, and direction flag.
- Direction Flag or indicator which may be used to indicate the direction to process the Software Module in calculating the ICV.
- the Direction Flag, or indicator will indicate to process from Start of File to End of File, or from End of File towards Start of File. Typically, this will be determined from the Ul and optionally, other values such as IV.
- Initialisation Value An instance or program specific value which may be used in calculating the ICV.
- Offset pointer A value which may be used as to indicate an offset start point for processing the Software module as it is processed for ICV calculations. Typically, this will be determined from the Ul and optionally, other values such as IV.
Abstract
The present invention relates to distribution systems, particularly those in which the delivery of goods/services can be authenticated as to their integrity or condition of delivery. In one particular, but not exclusive use, the present can be used to verify or authenticate the distribution and use of software via a relatively insecure environment. The present invention stems from the realisation that distribution verification and authentication can be provided by 'attaching', associating and/or incorporating an Integrity Check Value (ICV) or some form of identification discernible only by the distributor and the distributed product to each product or service so distributed.
Description
DISTRIBUTION SYSTEM WITH AUTHENTICATION FIELD OF INVENTION
The present invention relates to distribution systems, particularly those in which the delivery of goods / services can be authenticated as to their integrity or condition of delivery. In one particular, but not exclusive use, the present can be used to verify or authenticate the distribution and use of software via a relatively insecure environment. BACKGROUND
The distribution of software via insecure and untrusted channels is a risk factor when using open, public or untrusted network.
A complementary risk stems from ensuring that remotely operated software is operating in an unaltered manner, including all internal functions and internal data values.
These risks apply particularly to Internet commerce, but include all other arenas where the recipient of information sourced or processed remotely requires assurance that the information is protected in a known manner. SUMMARY OF INVENTION
An object of the present invention is to provide a system, method and / or device which can check the integrity of software distributed over an at least partially insecure network.
To this end, the present invention provides a system for distributing goods and / or services over a medium which is at least partially insecure, the system including: a means for establishing an Integrity Check Value (ICV), storage means associated with the distribution of the goods and / or services, and comparison means evaluating whether the goods and / or services after distribution have the same ICV as the goods and / or services before distribution. The present invention also provides a method of distributing one or more copies of a goods and / or services based product, the method including the steps of:
determining a unique identification (Ul) value for the product, determining an ICV encrypting the ICV storing the ICV at a first location recalculating the ICV in a manner determinable from both the first location and the product, distributing a copy of the product to a second location remote from the first location, the distributed product having associated with it the recalculated ICV, and comparing the ICV of the distributed product with the ICV known to the first location.
The encryption of the ICV may be based on the product and/or the Unique Identifier (Ul).
Furthermore, the present invention provides a mechanism to distribute and use software in an insecure environment with relatively assured integrity and operation.
The present invention stems from the realisation that distribution verification and authentication can be provided by 'attaching', associating and / or incorporating an Integrity Check Value (ICV) or some form of identification discernible only by the distributor and the distributed product to each product or service so distributed.
In one form, the present invention enables software programs to be distributed to remote locations via any channels, including untrusted transmission networks, with the relative assurance that the received software has not been altered or modified in any manner.
The present invention describes a method and apparatus to distribute software programs via insecure distribution means with the ability to assure the integrity of these programs, both on first installation and all subsequent use of the program. Programs may be distributed by electronic means in public, open or private networks, or by inclusion on storage media.
The present invention discloses a method and apparatus to verify that the
program(s) have been installed in an unaltered state, or as in the intended manner of the program's creator, to a central (or trusted) server.
A method and apparatus is also specified to enable said programs to prove integrity to a central (or trusted) server, via untrusted networks, upon activation and at any subsequent time.
A consequence is that remotely located programs, possibly operating in untrusted environments, can be relatively assured they operate in the approved or desired manner, such approved manner may include ensuring that the program, or the user of the program, is communicating with the network entity (server) they intend to, while the network entity (server) can be relatively assured that the remote program operating in a known manner.
Each distributed copy of a program may be individually and uniquely identified.
Usage of individual copies of programs may be monitored. The time, date and frequency of use of individual programs may be monitored for signs of abnormal or undesirable usage patterns.
The program may refuse to perform further operations unless integrity has been verified by the central (or trusted) server.
Individual copies of programs which operate to or through a central service server may be disabled remotely by setting a validity indicator at the central (or trusted) server to a "false" value.
A preferred embodiment of the present invention will now be described with reference to the accompanying drawings, in which:
Figure 1 illustrates one form of the distribution and initial validation, Figure 2 illustrates one form of subsequent validation,
Figure 3 illustrates one form of Validation request, Figure 4 illustrates one form of validation approval, and Figure 5 illustrates in schematic form an apparatus for implementing the validation of the present invention. Although the ensuing description deals with software, it should be appreciated that the present invention also has application to other goods / services, such as, but is not limited to, copyright material, security functions used
for e.g. financial services over open or insecure networks and subscription services where consumption of services require verification and monitoring.
In this embodiment, assume that software programs are distributed from a central location, and contain a unique identification (not necessarily a serial number) (Ul) value. This value can be embedded in the file or program, making the file or program a binary unique sequence.
By the use of cryptographic hashing techniques, each copy of the software therefore has a cryptographically unique hash value (Integrity Check Value or ICV). A database containing the unique identification values and corresponding hash values can also be maintained at a central site.
As the specific copy of the software is activated, the hash value is recalculated in a specific manner known to both the software and the central site. The result of the received hash calculation / recalculation is electronically communicated to the central site, and validated against ICV entries in the database. If the validation is successful, the program can continue to operate as intended.
It is also possible, once a positive on-line validation has occurred, to extend the process, dependent on application requirements, to embed a new or derived Unique Identifier (Ul). This could occur at initial distribution verification, or by updating the program at each "logon" to a central or validation server (VS).
Subsequent validations would thus produce a "rolling" ICV, enabling unauthorised copies of a program to be identified should logon with an unrolled and therefore incorrect ICV occur If, for example, the software has been corrupted or tampered with during or following its distribution or subsequent installation, the software will produce a result, within the limits of the chosen hashing algorithm, which is a different
ICV to that known or expected by the central site, and hence the validation should fail. In that event, the use of that software can be terminated or the copy deleted or rendered otherwise unusable by a suitable means or command.
Commonly, this validation will occur during the initial installation of the software, and / or on subsequent use of the software. This ensures that software
has a chain of authentication from initial installation and preferably through each use of the program.
Typically, the result of the calculated hash value will be included in every transaction, message or communication session generated by the remote software program. This may be used to provide an audit log of software usage, supplementing audit logs of user activity, which is uniquely linked to both the specific copy of the software program and every resulting transaction.
The operation of the present invention involves either one or two distinct phases. These phases are the initial distribution of the software program with integrity, and validating the program integrity with ongoing use. Download Integrity Mechanisms
Four exemplary techniques are described to ensure software integrity during the download/install phase. These are: D1 Distribute the software with a unique identification value embedded by the distributor. D2 Distribute the software as an identical copy of a "master version", and distribute the unique identification value by another channel, to be embedded at time of installation by a trusted tool distributed with the software.
D3 As with D1 above, with the addition of a challenge/response step. D4 As with D2 above, with the addition of a challenge/response step. D5 As with D3 or D4, with the inclusion of an offset pointer to be used in the ICV calculation process. The offset may be calculated in any deterministic manner which value could be a function of, or incorporate the Ul value. D6 As with D3 and D4 but with the inclusion of a direction indicator to indicate the direction of program data through the ICV calculation process, e.g. from start-of file to end of file or alternatively from end of file to start of file.
D7 As with D6 but with the inclusion of an offset pointer for use with the ICV calculation. The offset may be calculated in any deterministic value and be a function of, or incorporate the Ul value.
An example of Challenge/Response, in this instance, might be a process whereby the Validation Server (VS), (or some VS agent which makes the data known to the VS), issues some, e.g. date/time dependent, random and recorded, data to the software requesting validation. The data could then be included in the ICV (integrity check value) calculation and (VAL_REQ) message, sent to the validation server. The server is capable of calculating the modified request ICV and whether it is returned within a valid time frame etc. If the VS challenge is responded to correctly within the set parameters, than a VAL_OK message may be issued. Some Operational Integrity Mechanisms
Exemplary techniques might be, but are not confined to: V1 The ICV or validation value is a simple hash of the executable file.
V2 The ICV is the result of hashing the executable file by use of a pre- calculated offset point in the file as the start of the input to the hash calculation process and continuing until the entire program has been used in calculating the ICV hash value. This offset pointer may be based upon the unique identification value, a fixed pointer chosen by the programmer, or determined in some other manner. V3 As with V1 , with the inclusion of an initialisation value. The initialisation value is included with the program file in the ICV calculation process.
The initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations. V4 As with V2 above, with the inclusion of an initialisation value, originated by either the Validation Server or the program itself. The initialisation value is included with the file in the hash calculation process. The initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
V5 A combination of V2 and V4. The offset pointer is calculated in a manner which includes the initialisation value. The initialisation value is included in the ICV calculation process. The initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
V6 As with V2, with the addition of a direction indicator. The ICV is based upon the program file, an offset pointer and a direction flag. The ICV is the hash result from the direction that the program file is processed in (e.g. towards the End Of File or towards the Start Of File) and the offset pointer.
V7 As with V6, with the inclusion of a initialisation value. The initialisation value is originated by either the Validation Server or the program itself communicated between the two locations to allow use in duplicate calculations at both locations.
The hashing process is well known to those skilled in the art. The hashing process selected should be robust and fit for purpose. Example of hashing processes which might be employed are, (but not confined to), e.g. the
NIST:-Secure Hash Standard, or the MD series of algorithms Simplified Diagram of Distribution and Initial Validation Process
This description refers to figure 1 and presumes the Distribution Server performs both distribution and validation functions. This is not necessarily the case, since these two functions may be performed in separately or by separate systems. The Distribution Server possess the Public and Private Key components of an Asymmetric Encryption algorithm. A Symmetric algorithm and process could be used, in addition to or as an alternative.
The Master Copy of the program is distributed with the unique identifier
(Ul) and the Public Key of the Distribution Server (PKDS). The Ul may be embedded at time of distribution or embedded later by a trusted process.
The Distribution Server calculates the Integrity Check Value (ICV) from a copy (identical image) of the distributed Master and stores both the Ul and ICV
into the Validation Database.
When the remote location receives the program, the installation process occurs, which concludes with the received program being subjected to the same calculation process as used at the Distribution Server, to achieve a recalculated ICV.
The recalculated ICV and Ul are sent to the Distribution Server, encrypted by PKDS in a Validation Request (VAL_REQ) message, see figure 3.
On receipt at the Distribution Server, a Private Key is used to recover the ICV and Ul. The Ul and received ICV components are then compared against the values calculated at time of distribution. By necessity, the ICV values are transmitted in encrypted form. The encryption process uses Public Key methods to protect the Ul and ICV values from eavesdroppers. It is not necessary, in all cases, to transmit the Public Key, since this may be known within a closed network, or distributed by other means. However and alternatively, the VAL_OK message may be accompanied by a Public Key certificate. The most appropriate implementation should be determined by the application requirements or some affiliated standard.
If the stored and recalculated values match, the database entry for this specific copy of the program is updated to reflect the successful validation. Otherwise, the database entry is flagged as invalid. The program is also notified, by means of a Validation Successful (VAL_OK) message, see figure 4. Simplified Diagram of Subsequent Validation Process
Referring to figure 2, when the remote location activates the program in response to some use action or automatic stimulus, the program may use the same calculation process used at the Verification Server, to achieve a recalculated ICV.
The recalculated ICV is sent to the Validation Server in a VAL_REQ message, where it is compared against the values calculated and validated, at the time of distribution. Again, the Ul and ICV values are encrypted by Public Key methods, to prevent other parties correlating the two values, and creating software which may masquerade as valid software.
If the stored and recalculated values match, the program is notified of this fact by the use of a digitally signed VAL_OK (effectively a "ticket of authenticity") message which allows the program to proceed with processing information in accordance with the capabilities included by the program author. The digitally signed "Ticket of Authenticity" can in fact be validated by any entity possessing the Public Key of the Validation Server (PKVS). The digital signing of the Ticket of Authenticity is effected by using the protected and secret key of the validation server (SKVS), at that server. The technique, using asymmetric cryptography, is well known to those skilled in the art. The Validation and Distribution Servers are shown as different systems, but in practice, it is likely that they will be different functions of the same system. If the Validation and Distribution Servers are different systems, then all distributed programs must contain appropriate public keys (i.e. PKDS and PKVS) to achieve the necessary secure communication paths required for software validation.
The program, once validated, may then communicate, with time correlated authenticity, to other systems in the electronic network, provided the digitally signed VAL_OK message is transmitted along with the request for connection on the remote network device. Referring to figures 3 and 4, the Program Sequence Identifier (PSI) assists in preventing replayed validation request messages.
The Validation Server Sequence Identifier (VSSI) further assists in preventing replayed validation request messages.
The Date/Time stamp (DT) enables any recipient to determine when the program was last validated. The recipient of a message or transaction containing a VAL_OK component may then make a valued decision on the validity of the software generating the message, and therefore the reliability which may be placed on the specified transactional data within the message. The recipient of such a message may also check the authenticity of the VAL_OK components by reference to the digital signature on the VAL_OK or by reference to the Validation Server.
An initialisation vector is, referring to Figures 3 and 4, a value to be
common to both the software or device under registration and the registration entity (validation server). The value is used in the process of calculating the ICV and therefore preferably should occur on a "one time only" basis. This will ensure that each validation is unique in content and cannot be replayed etc. An initialisation vector value might be derived from, (but is not confined to), e.g. the serial number of the device or software, a transaction counter or a date/time stamp. The nett result being a value used to derive a one time token of authenticity for the ICV calculation.
Referring to Figure 5, a schematic illustrates a means of implementing the present invention. In the figure, reference numerals denote:
1. The Software Module: The goods/services or program being assured through this process.
2. ICV Calculation process: The process that calculates the ICV value, using a Hash Function and other optional processing steps, which may include use of an Initialisation Value or other token, an offset pointed, and direction flag.
3. Direction Flag or indicator: Which may be used to indicate the direction to process the Software Module in calculating the ICV. The Direction Flag, or indicator, will indicate to process from Start of File to End of File, or from End of File towards Start of File. Typically, this will be determined from the Ul and optionally, other values such as IV.
4. Initialisation Value: An instance or program specific value which may be used in calculating the ICV.
5. Offset pointer: A value which may be used as to indicate an offset start point for processing the Software module as it is processed for ICV calculations. Typically, this will be determined from the Ul and optionally, other values such as IV.
Claims
1. A system for distributing goods and / or services over a medium which is at least partially insecure, the system including: a means for establishing an Integrity Check Value (ICV), storage means associated with the distribution of the goods and / or services, and comparison means evaluating whether the goods and / or services after distribution have the same ICV as the goods and / or services before distribution.
2. A system as claimed in claim 1 , in which the established ICV is stored in the storage means, and is incorporated or attached to the distributed goods and / or service.
3. A system as claimed in claim 1 or 2, in which the goods and / or services are software based.
4. A system as claimed in claim 3, in which the comparison means evaluates the ICV at a time proximate installation of the software.
5. A system as claimed in claim 3 or 4, in which the comparison means evaluates the ICV at or during use of the software.
6. A system as claimed in any one of claims 1 to 5, in which the ICV in which ICV is established based on the Ul and the program data.
7. A method of distributing one or more copies of a goods and / or services based product, the method including the steps of: determining a unique identification (Ul) value for the product, encrypting, calculating and encrypting the ICV, based on the product and the Unique Identifier (Ul), storing the ICV at a first location recalculating the ICV in a manner determinable from both the first location and the product, distributing a copy of the product to a second location remote from the first location, the distributed product having associated with it the recalculated ICV, and comparing the ICV of the distributed product with the ICV known to the first location.
8. A device adapted to perform the method as claimed in claim 7.
9. A method, apparatus, or system as herein disclosed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU53038/98A AU5303898A (en) | 1997-01-23 | 1997-12-30 | Distribution system with authentication |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AUPO4749A AUPO474997A0 (en) | 1997-01-23 | 1997-01-23 | Distribution system with authentication |
| AUPO4749 | 1997-01-23 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO1998033296A1 true WO1998033296A1 (en) | 1998-07-30 |
Family
ID=3799053
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/AU1997/000889 WO1998033296A1 (en) | 1997-01-23 | 1997-12-30 | Distribution system with authentication |
Country Status (5)
| Country | Link |
|---|---|
| AR (1) | AR015351A1 (en) |
| AU (1) | AUPO474997A0 (en) |
| TW (1) | TW396327B (en) |
| WO (1) | WO1998033296A1 (en) |
| ZA (1) | ZA98513B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1211587A1 (en) * | 2000-11-30 | 2002-06-05 | Pentap Technologies AG | Distributing programming language code |
| EP1265396A1 (en) * | 2001-01-16 | 2002-12-11 | Sony Corporation | Apparatus and method for recording/reproducing information |
| EP1312030A2 (en) * | 2000-07-25 | 2003-05-21 | Digimarc Corporation | Authentication watermarks for printed objects and related applications |
| US6594761B1 (en) | 1999-06-09 | 2003-07-15 | Cloakware Corporation | Tamper resistant software encoding |
| EP1349346A2 (en) * | 2002-03-01 | 2003-10-01 | Alcatel Canada Inc. | Authenticated file loader |
| EP1366408A2 (en) * | 2001-03-07 | 2003-12-03 | Diebold, Incorporated | Automated transaction machine digital signature system and method |
| EP1505470A2 (en) * | 2003-08-06 | 2005-02-09 | Matsushita Electric Industrial Co., Ltd. | Terminal application generation apparatus and application authentication method |
| US7162538B1 (en) * | 2000-10-04 | 2007-01-09 | Intel Corporation | Peer to peer software distribution system |
| WO2007020574A2 (en) * | 2005-08-12 | 2007-02-22 | Nxp B.V. | Software application security method and system |
| US7630989B2 (en) | 2002-05-17 | 2009-12-08 | Colonial First State Investments Ltd. | Transaction management system |
| FR2945367A1 (en) * | 2009-05-11 | 2010-11-12 | Regie Autonome Transports | Software application e.g. transportation service temporary accessing application, authenticity and integrity checking method for smartphone, involves verifying authenticity of activation certificate by applet using public key |
| US8261975B2 (en) | 2001-03-07 | 2012-09-11 | Diebold, Incorporated | Automated banking machine that operates responsive to data bearing records |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1992009160A1 (en) * | 1990-11-07 | 1992-05-29 | Tau Systems Corporation | A secure system for activating personal computer software at remote locations |
| WO1994016508A1 (en) * | 1993-01-07 | 1994-07-21 | Infonow Corporation | Software evaulation and distribution apparatus, system, and method |
| EP0686906A2 (en) * | 1994-06-10 | 1995-12-13 | Sun Microsystems, Inc. | Method and apparatus for enhancing software security and distributing software |
-
1997
- 1997-01-23 AU AUPO4749A patent/AUPO474997A0/en not_active Abandoned
- 1997-12-29 TW TW086119894A patent/TW396327B/en active
- 1997-12-30 WO PCT/AU1997/000889 patent/WO1998033296A1/en active Application Filing
-
1998
- 1998-01-21 AR ARP980100252A patent/AR015351A1/en unknown
- 1998-01-22 ZA ZA98513A patent/ZA98513B/en unknown
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1992009160A1 (en) * | 1990-11-07 | 1992-05-29 | Tau Systems Corporation | A secure system for activating personal computer software at remote locations |
| WO1994016508A1 (en) * | 1993-01-07 | 1994-07-21 | Infonow Corporation | Software evaulation and distribution apparatus, system, and method |
| EP0686906A2 (en) * | 1994-06-10 | 1995-12-13 | Sun Microsystems, Inc. | Method and apparatus for enhancing software security and distributing software |
Non-Patent Citations (4)
| Title |
|---|
| ACM SPECIAL ISSUE, August 1995, BROWNE et al., "Location-Independent Naming for Virtual Distributed Software Repositories", pages 179-185. * |
| COMPUTER COMMUNICATIONS, Volume 18, No. 6, June 1995, RUBIN A.D., "Secure Distribution of Electronic Documents in a Hostile Environment", pages 429-434. * |
| IEEE COMPUTER, Volume 28, No. 1, January 1995, LOMAS et al., "To Whom am I Speaking?", pages 50-54. * |
| IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, Volume 2, 14-18 February 1994, ROSENBLIT, "Secure Software Distribution", pages 486-496. * |
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6842862B2 (en) | 1999-06-09 | 2005-01-11 | Cloakware Corporation | Tamper resistant software encoding |
| US6594761B1 (en) | 1999-06-09 | 2003-07-15 | Cloakware Corporation | Tamper resistant software encoding |
| EP1312030A2 (en) * | 2000-07-25 | 2003-05-21 | Digimarc Corporation | Authentication watermarks for printed objects and related applications |
| EP1312030A4 (en) * | 2000-07-25 | 2007-07-11 | Digimarc Corp | Authentication watermarks for printed objects and related applications |
| US7162538B1 (en) * | 2000-10-04 | 2007-01-09 | Intel Corporation | Peer to peer software distribution system |
| EP1211587A1 (en) * | 2000-11-30 | 2002-06-05 | Pentap Technologies AG | Distributing programming language code |
| EP1265396A4 (en) * | 2001-01-16 | 2006-08-16 | Sony Corp | Apparatus and method for recording/reproducing information |
| US7401231B2 (en) | 2001-01-16 | 2008-07-15 | Sony Corporation | Information recording/playback device and method |
| EP1265396A1 (en) * | 2001-01-16 | 2002-12-11 | Sony Corporation | Apparatus and method for recording/reproducing information |
| US8479984B2 (en) | 2001-03-07 | 2013-07-09 | Diebold, Incorporated | Automated banking machine that operates responsive to data bearing records |
| EP1366408A4 (en) * | 2001-03-07 | 2008-07-16 | Diebold Inc | Automated transaction machine digital signature system and method |
| EP1366408A2 (en) * | 2001-03-07 | 2003-12-03 | Diebold, Incorporated | Automated transaction machine digital signature system and method |
| US8261975B2 (en) | 2001-03-07 | 2012-09-11 | Diebold, Incorporated | Automated banking machine that operates responsive to data bearing records |
| EP1349346A2 (en) * | 2002-03-01 | 2003-10-01 | Alcatel Canada Inc. | Authenticated file loader |
| EP1349346A3 (en) * | 2002-03-01 | 2004-07-14 | Alcatel Canada Inc. | Authenticated file loader |
| US7630989B2 (en) | 2002-05-17 | 2009-12-08 | Colonial First State Investments Ltd. | Transaction management system |
| US8572386B2 (en) | 2003-08-06 | 2013-10-29 | Panasonic Corporation | Secure device, information processing terminal, integrated circuit, terminal application generation apparatus, application authentication method |
| EP1505470A2 (en) * | 2003-08-06 | 2005-02-09 | Matsushita Electric Industrial Co., Ltd. | Terminal application generation apparatus and application authentication method |
| EP1505470A3 (en) * | 2003-08-06 | 2012-07-25 | Panasonic Corporation | Terminal application generation apparatus and application authentication method |
| WO2007020574A3 (en) * | 2005-08-12 | 2007-05-31 | Koninkl Philips Electronics Nv | Software application security method and system |
| US8201251B2 (en) | 2005-08-12 | 2012-06-12 | Nxp B.V. | Software application verification method and system |
| JP4856182B2 (en) * | 2005-08-12 | 2012-01-18 | エヌエックスピー ビー ヴィ | Software application security method and system |
| JP2009505208A (en) * | 2005-08-12 | 2009-02-05 | エヌエックスピー ビー ヴィ | Software application security method and system |
| WO2007020574A2 (en) * | 2005-08-12 | 2007-02-22 | Nxp B.V. | Software application security method and system |
| FR2945367A1 (en) * | 2009-05-11 | 2010-11-12 | Regie Autonome Transports | Software application e.g. transportation service temporary accessing application, authenticity and integrity checking method for smartphone, involves verifying authenticity of activation certificate by applet using public key |
Also Published As
| Publication number | Publication date |
|---|---|
| TW396327B (en) | 2000-07-01 |
| ZA98513B (en) | 1998-07-29 |
| AUPO474997A0 (en) | 1997-02-20 |
| AR015351A1 (en) | 2001-05-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101145906B (en) | Method and system for authenticating legality of receiving terminal in unidirectional network | |
| US6339828B1 (en) | System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record | |
| EP1622301B1 (en) | Methods and system for providing a public key fingerprint list in a PK system | |
| EP0881559B1 (en) | Computer system for protecting software and a method for protecting software | |
| US7734921B2 (en) | System and method for guaranteeing software integrity via combined hardware and software authentication | |
| US5745574A (en) | Security infrastructure for electronic transactions | |
| JP4113274B2 (en) | Authentication apparatus and method | |
| EP1407339B1 (en) | Firmware validation | |
| JPH10508438A (en) | System and method for key escrow and data escrow encryption | |
| CN101589398A (en) | Upgrading a memory card that has security mechanisms that prevent copying of secure content and applications | |
| JP2003330365A (en) | Method for distributing/receiving contents | |
| US5878143A (en) | Secure transmission of sensitive information over a public/insecure communications medium | |
| JP2003216237A (en) | Remote monitoring system | |
| WO1998033296A1 (en) | Distribution system with authentication | |
| US20030221109A1 (en) | Method of and apparatus for digital signatures | |
| JP3985461B2 (en) | Authentication method, content sending device, content receiving device, authentication system | |
| JP2000287065A (en) | Image processing system | |
| CN114357385A (en) | Software protection and authorization method, system and device | |
| JP2002132145A (en) | Authentication method, authentication system, recording medium and information processor | |
| EP0259487A1 (en) | Method and apparatus for distributing and protecting encryption key codes | |
| JP5159752B2 (en) | Communication data verification device and computer program therefor | |
| CN115859389A (en) | Software serial number authorization method and system based on privatized deployment | |
| CN111062005A (en) | Copyright authentication password generation method, authentication method, device and storage medium | |
| CN117828559A (en) | Method and system for deploying privately-owned product | |
| CN117313165A (en) | Method for generating software machine code |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG |
|
| DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
| NENP | Non-entry into the national phase |
Ref country code: JP Ref document number: 1998531419 Format of ref document f/p: F |
|
| 122 | Ep: pct application non-entry in european phase |