1 US 00572445A ‘ United States Patent [19] [11] Patent Number: 5,724,425 Chang et a]. [45] Date of Patent: Mar. 3, 1998 [54] METHOD AND APPARATUS FOR [57] ABSTRACT ENHANCING SOFTWARE SECURITY AND Source code to be protected. a software application writer’s DISTRIBUTING SOFTWARE private key. along with an application writer’s license pro [75] Inventors : Sheue-Ling Chang. Cupertino; James vided to the ?rst computer. The application writer’s license Gosling. Woodside. both of Calif. includes identifying information such as the application writer’s name as well as the application writer’s public key. [73] Assignee: Sun Microsystems, Inc. A compiler program executed by the ?rst computer compiles the source code into binary code. and computes a message digest for the binary code. The ?rst computer then encrypts [21] Appl. No.: 258,244 the message digest using the application writer’s private key. [22] Filed: Jun. 10, 1994 such that the encrypted message digest is de?ned as a digital “signature" of the application writer. A software passport is [51] Int. Cl.6 .............................. .. n04]. 9/00; H04L 9/30; then generated which includes the application writer’s digi tal signature. the application writer’s license and the binary [52] US. Cl. ................................. .. 380/25; 380/4; 380/23; code. The software passport is then distributed to a user 380/30; 380/49; 380/50 using any number of software distribution models known in [53] Field of Search .................................. .. 380/4. 23. 25. the industry. A user. upon receipt of the software passport. 380/30. 49. 50 loads the passport into a computer which determines whether the software passport includes the application writ [56] References Cited er’s license and digital signature. In the event that the software passport does not include the application writer’s U.S. PATENT DOCUMENTS license. or the application writer’s digital signature. then the user’s computer system discards the software passport and 4,558,176 12/1985 Arnold et alv ............................ .. 380/4 does not execute the binary code. As an additional security 4,634,807 V1987 Chorley et al. .. step. the user’s computer computes a second message digest 4,670,857 6/1987 Rackman .... .. for the software passport and compares it to the ?rst message 5,343,527 digest. such that if the ?rst and second message digests are not equal. the software passport is also rejected by the user’s UT HER PUBLICATIONS computer and the code is not executed. If the ?rst and second Davida et al.. “Defending Systems Against Viruses through message digests are equal. the user’s computer extracts the Cryptographic Authentication", IEEE Symposium. 1989. application writm"s public key ?'om the application writer’s pp. 312-313. license for veri?cation. The application writer’s digital sig nature is decrypted using the applican'on writer’s public key. RSA Data Security. Inc.. “RSA Certi?cate Services”. Jul. 15. The user’s computer then compares a message digest of the 1993. pp. 1-41. binary code to be executed. with the decrypted application writer’s digital signature. such that if they are equal. the Primary Examiner-Bernarr E. Gregory user’s computer executes the binary code. Attorney Agent, or Firm--McCutchen. Doyle. Brown & Enersen LLP; Ronald S. Lain‘ie. Esq.; Joseph Yang 72 Claims, 5 Drawing Sheets 15 \ UUUUUEIUUUEIUU DUE] UEIEIUUUEIDEIDEIU BED UUUUUUUEIUUUU [:lElEl UUEHZUDD Ell-JD 12 10 F 5 //0 i i CPU Elf“ l MEMORY f H I i US. Patent Mar. 3, 1998 Sheet 1 of 5 5,724,425 FIG. 7 15 \ UEIDDEIEJEIUDUEIU DUE! UEIEIUEIEIUEJUEIUEI DUE] DUEIUEIEIUDUEIUU EIDEI UEJUIIIIEJEIE! EIEH'J APPUCA 7'I ON WRITE/P APP WRITER'S LICENSE 24 APP. WR/TER'S ‘ SOURCéEO CODE ’ APP WRITERS NAME .30 PRfl/ATE KEY 22 APP WR/TER'S PUBLIC KEY .32 VALID/TY DATE 34 COMP/LEI? 26 FIG. 4 PASSPORT P 38 [El (-5i A?NY DISTRIBUTION CMNNEL p PM TFORM US. Patent 5,724,425 Mar. 3, 1998 Sheet 2 0f 5 FIG. 2 PRODUCT INFO... COMPANY INF0 .... MUD/TY D/UE... RESTRICTED RIGHTS LEGEND... APP WRITERS‘ NAME APP WR/TER'S PUBLIC KEY-#1” IDENUHCA 270w AUTHOR/7)’: THE PIATFORM BUILDER PUHFORM BUILDER'S S/GNA J’l/R??’ff APP WR/TER’S SIGNA ruRE-f?'f CODE BODY PRODUCT INFO... COMPANY INFO... VALID/7}’ DADS... RESTRICTED R/CHTS LEGEND... APP n/PnEP's NAME APP WP/IEP'S PUBLIC Kmfff‘f IDENT/F/CA new AUTHOR/TY: THE PLA zroPM BUILDER PEAIEOPM BUILDER'S s/aNAn/PEfm/ APP WR/TER’S s/cNAn/mf/W CODE BODY FIG. 3 US. Patent Mar. 3, 1998 Sheet 3 of 5 5,724,425 FIG. 5 PLA TFDRM BUILDER APPL/CA TIDN WRITER 60 APP WR/TER'S LICENSE 52 APP. ' PRlmu?ilaitg)’ SOURCE CODE APP WR/TER'S NAME 58 APP WRUER'S PUBLIC KEY 62 VALID/7')’ DATE PLA TEDRM BUILDER '5 S/CNA LURE COMP/LER 68 PASSPORT M50 1 PIA TFORM BUILDER ‘S PM TEDRM US. Patent Mar. 3, 1998 Sheet 4 of 5 5,724,425 I-MRDWARE PLATFORM WITH PUBLIC KEY IN REGISTER F/G. 6(a) ATTEMPT TO LOAD SOHWARE H?’l?gom REJECT SOFTWARE ? PASSPORT REJECT SOHWARE HAS LICENSE PASSPORT ? YES EXI RAC T LICENSE FROM SOH'WARE PASSPORT OECRYPT ISSUER'S SIGNATURE USING PUBLIC KEY IN REGISTER RECOMPUTE MESSAGE DIGEST OF LICENSE ARE MESS‘IOE OICESIS E0 SW LICENSE NOT GENUINE '2 YES US. Patent Mar. 3, 1998 Sheet 5 of 5 5,724,425 F/G. 6(b) EXTRACT sw's PUBLIC KEY FROM APPLICATION WR/TER'S LICENSE EXTRACT CODE BODY FROM THE PASSPORT EXTRACT SW'S S/CNA TURE I RECOMPUTE MESSAGE M0 = MESSAGE DIGEST 0/ 5r 0; 0 5 SW = SOHWARE GE 8007315 c D (APPL/O! no/v) WRITER DECRYPT SW'S SIGNATURE USING SW'S PUBLIC KEY 1 COMPARE RECOMPUTED MESSACE DIGEST WITH SW’S OECRYPTED SIC NO REJECT SOFTWARE PASSPORT YES EXECUTE CODE 5.724.425 1 2 METHOD AND APPARATUS FOR Moreover. security breaches are more easily accomplished ENHANCING SOFTWARE SECURITY AND when a corporate network is connected to a public network. DISTRIBUTING SOFTWARE such as the Internet. Companies take a variety of measures to guard against breaches of network security. either through frontal assaults or infections. without cutting themselves off BACKGROUND OF THE INVENTION from the bene?ts of being connected to a world-wide 1. Field of the Invention network. The present invention relates to the use of public key The solution adopted by most companies that wish to reap encryption. and more particularly. the present invention the bene?ts of connecting to the Internet. while maintaining security. is the installation of a ?rewall. Firewalls generally relates to the use of public key encryption to achieve 10 enhanced security and product authentication in the distri restrict Internet ?le transfers and telnet connections. Such transfers and connections can only be initiated from within bution of software. the corporate network. such that externally initiated file 2. Art Background transfers and telnet connections are refused by the ?rewall. Public key encryption is based on encryption algorithms Firewalls allow electronic mail and network news to freely that have two keys. One key used for encryption. and the 15 ?ow inside the ?rewall’s private network. The use of cor other key is used for decryption. There is a known algorithm porate ?rewalls allows employees to readily exchange infor that computes the second key given the ?rst. However. mation within the corporate environment. without having to without full knowledge of all the parameters. one cannot adopt extreme security measures. A good ?rewall imple compute the ?rst key given the second key. The ?rst key is mentation can defend against most of the typical frontal referred to as the “private key”. and the second key is 20 assaults on system security. referred to as the “public key”. In practice. either the private One method of preventing viruses and worms from infect key or the public key may be used to encrypt a mes sage. with ing a corporate network is to never execute a program that the opposite key used to decrypt it. In general. the private may contain viruses. In general. programs legitimately key must be kept private. but the public key may be provided deployed throughout the corporate network should be con to anyone. A variety of public key cryptographic schemes 25 sidered virus free. All binary executables. all unreviewed shell scripts. and all source code fetched from outside the have been developed for the protection of messages and data ?rewall are software that may contain a worm or virus. (See. Whit?eld Di?ie. "The First Ten Years of Public Key However. outside binary executables. shell scripts. and Cryptography” (IEEE Proceedings. Vol. 76. No. 5. 1988) source code may enter a corporate ?rewall through an and Fahn. “Answers to Frequently Asked Questions about E-mail attachment. For example. the shell scripts that are Today’s Cryptography (RSA Laboratories 1992). 30 used to make and send multiple ?les using Email and the Public key cryptography is used to send secure messages surveytools that start up by activating the E-mail attachment across public communication links on which an intruder may allow virus entry. Executables can also be directly may eavesdrop. and solves the problem of sending the fetched through the iftp program. through a world-wide web encryption password to the other side securely. browser such as Mosaic. or from an outside contractor 35 Public key systems may also be used to encrypt messages. whose network has already been compromised. and also to effectively sign messages. allowing the received In addition. the commercial software release and distri party to authenticate the sender of the message. One can also bution process presents security and authentication prob use public key cryptography to seal or render tamper-proof lems. For example. some of the information associated with a piece of data. In such event. the sender computes a software. such as the originating company or author. message digest from the data using specially designed restricted rights legends. and the like are not attached to the cryptographically strong digests designed for this purpose. code itself. Instead. such information is provided as printed The sender then uses the private key to encrypt the message matter. and is separated from the code once the package is digest. wherein this encrypted message digest is called a opened and the code installed. Even applications that digital “signature”. The sender then packages the data. the attempt to identify themselves on start-up are susceptible to 45 message digest and the public key together. The receiver having the identi?cation forged or otherwise counterfeited may check for tampering by computing the message digest A user has no mechanism to authenticate that the software again. then decrypting the received message digest with the sold is actually from the manufacturer shown on the label. public key. If the recomputed and decrypted message digests Unauthorized copying and the sale of software is a signi? are identical. there was no tampering of the data. cant problem. and users who believe that they are buying 50 “Viruses” and “worms” are computer code cleverly software with a manufacturer‘s warranty instead purchase inserted into legitimate programs which are subsequently pirated software. with neither a warranty nor software sup~ executed on computers. Each time the program is executed port. The problem of authenticating the original source of the virus or worm can cause damage to the system by the software is accentuated when software is intended to be destroying valuable information. and/or further infect and SS distributed through networks. and a user‘s source for the spread to other machines on the network. While there are software may be far removed from the original writer of the subtle dilferences between a virus and a worm. a critical software. In addition. a user does not have that ability to component for both is that they typically require help from verify that the software purchased contains only the original an unsuspecting computer user to successfully infect a manufacturer’s code. A user also does not have a method for computer or a corporate network. detecting any tampering. such as the existence of a virus. Infection of computers by viruses and worms is a general that may cause undesirable effects. problem in the computer industry today. In addition. corpo All of the above problems are related to the transport of rate networks are vulnerable to frontal assaults. where an software both from manufacturers to users and from user to intruder breaks into the network and steals or destroys user. Furthermore. the transport problem is independent of information. Security breaches of any kind on large corpo 65 the transport medium The problem applies to all transport rate networks are a particularly worrisome problem. because media. including ?oppy disk. magnetic tape. CD-ROM and of the potential for large-scale damage and economic loss. networks. 5.724.425 3 4 As will be described. the present invention provides a execute only authorized software. A platform builder pro method and apparatus for authenticating that software dis vides an application writer with a platform builder’s digital tributed by a manufacturer is a legitimate copy of an signature which is included in the application writer’s authorized software release. and that the software contains license. The ?rst computer compiles the software into binary only the original manufacturers code without tampering. code and computes a ?rst message digest for the binary The present invention solves the above identi?ed problems code. The ?rst computer further encrypts the ?rst message through the use of a “software passport” which includes the digest using the application writer's private key. such that digital signature of the application writer and manufacturer. the encrypted ?rst message digest is de?ned as the applica As will be described. the present invention may also be used tion writer’s digital signature. A software passport is gen to protect intellectual property. in the form of copyrighted erated which includes the application writer’s digital computer code. by utilizing cryptographic techniques signature. the application writer’s license and the binary referred to herein as public key encryption. code. The software passport is then distributed to a user through existing software distribution channels. The user’s SUMMARY OF THE INVENTION computing platform. which may be a computer. a video This invention provides a method and apparatus utilizing game box or a set top box. is provided with the platform public key encryption techniques for enhancing software builder’s public key. Upon receipt of the software passport. security and for distributing software. The present invention the computing platform determines if the software passport includes a ?rst computer which is provided with source code includes an application writer’s license. If it does not. the to be protected using the teachings of the present invention. hardware platform rejects the execution of the code. If a In addition. a software application writer’s private key. 20 software passport is present. the hardware platform extracts along with an application writer’s license provided to the the application writer’s license from the passport and deter ?rst computer. An application writer generally means a mines whether or not the passport includes the platform software company such as Microsoft Corporation. Adobe or builder’s signature. The platform builder’s signature is then Apple Computer. Inc. The application writer’s license decrypted using the public key provided in the platform The includes identifying information such as the application 25 computing platform recomputes the message digest of the writer’s name as well as the application writer’s public key. application writer’s license. and compares the received A compiler program executed by the ?rst computer compiles message digest with the recomputed message digest. such the source code into binary code. and computes a message that if the digests are not equal. the software passport is not digest for the binary code. The ?rst computer then encrypts considered genuine and is rejected. If the message digests the message digest using the application writer’ s private key. are equal. the hardware platform extracts the application such that the encrypted message digest is de?ned as a digital writer’s public key from the application writer’s license. and “signature” of the application writer. A software passport is extracts the application writer's digital signature. The hard then generated which includes the application writer’s digi ware platform then recomputes the message digest of the tal signature. the application writer’s license and the binary binary code comprising the application software to be code. The software passport is then distributed to a user 35 executed. and decrypts the application writer’s digital sig using any number of software distribution models known in nature using the application writer’s public key. The hard the industry. ware platform then compares the recomputed message A user. upon receipt of the software passport. loads the digest for the binary code with the application writer’s passport into a computer which determines whether the decrypted signature. such that if they are equal. the binary software passport includes the application writer’s license code is executed by the hardware platform. If the recom and digital signature. In the event that the software passport puted message digest and the application writer’s decrypted does not include the application writer’s license. or the signature are not equal. the software passport is rejected and application writer’s digital signature. then the user‘s com the code is not executed puter system discards the software passport and does not BRIEF DESCRIPTION OF THE DRAWINGS execute the binary code. As an additional security step. the 45 user’s computer computes a second message digest for the FIG. 1 illustrates a data processing system incorporating software pas sport and compares it to the ?rst message digest. the teachings of the present invention. such that if the ?rst and second message digests are not FIG. 2 conceptually illustrates use of the present inven equal. the software passport is also rejected by the user’s tion’s software passport where the application code and the computer and the code is not executed. If the ?rst and second software passport are provided in separate ?les. message digests are equal. the user’s computer extracts the FIG. 3 conceptually illustrates use of the present inven application writer’s public key from the application writer’s tion’s use of the software passport where the application license for veri?cation. The application writer’s digital sig code and the software passport are distributed in the same nature is decrypted using the application writer’s public key. ?le. The user‘s computer then compares a message digest of the FIG. 4 diagrammatically illustrates the present inven binary code to be executed. with the decrypted application tion’s process for generating a software passport. writer’s digital signature. such that if they are equal. the FIG. 5 diagrammatically illustrates the use of the present user’s computer executes the binary code. Accordingly. invention for platform producer licensing. software products distributed with the present invention's FIGS. 6a and 6b are ?owcharts illustrating the steps software passport permits the user’s computer to authenti executed by the present invention for verifying that a valid cate the software as created by an authorized application software license exists. and that the software writer’s writer who has been issued a valid application writer’s (“SW’s”) signature is valid. prior to permitting the execution license. Any unauthorized changes to the binary code com of a computer program. prising the distributed software is evident through the com parison of the calculated and encrypted message digests. 65 NUI‘ATION AND NOMENCLATURE The present invention is also described with reference to The detailed descriptions which follow are presented an embodiment used by computing platforms designed to largely in terms of symbolic representations of operations of 5 .724.425 5 6 data processing devices. These process descriptions and Exemplary Hardware representations are the means used by those skilled in the FIG. 1 illustrates a data processing system in accordance data processing arts to most effectively convey the substance with the teachings of the present invention. Shown is a of their work to others skilled in the art. computer 10. which comprises three major components. The An algorithm is here. and generally. conceived to be a ?rst of these is an input/output (IIO) circuit 12 which is used self-consistent sequence of steps leading to a desired result. to communicate information in appropriately structured These steps are those requiring physical manipulations of form to and from other portions of the computer 10. In physical quantities. Usually. though not necessarily. these addition. computer 10 includes a central processing (CPU) quantities may take the form of electrical or magnetic 13 coupled to the I/O circuit 12 and a memory 14. These signals capable of being stored. transferred. combined. elements are those typically found in most general purpose compared. displayed and otherwise manipulated. It proves computers and. in fact. computer 10 is intended to be convenient at times. principally for reasons of common representative of a broad category of data processing usage. to refer to these signals as bits. values. messages. devices. Also. the computer 10 may be coupled to a network. names. elements. symbols. operations. messages. terms. in accordance with the teachings herein. The computer 10 numbers. or the like. It should be borne in mind. however. 15 may further include encrypting and decrypting circuitry that all of these similar terms are to be associated with the incorporating the present invention. or as will be appropriate physical quantities and are merely convenient appreciated. the present invention may be implemented in labels applied to these quantities. software executed by computer 10. Araster display monitor In the present invention. the operations referred to are 16 is shown coupled to the I/O circuit 12 and issued to machine operations. Useful machines for performing the 20 display images generated by CPU 13 in accordance with the operations of the present invention include general purpose present invention. Any well known variety of cathode ray digital computers or other similar devices. In all cases. the tube (CRT) or other type of display may be utilized as reader is advised to keep in mind the distinction between the display 16. method operations of operating a computer and the method The present invention’s software passport identi?es a of computation itself. The present invention relates to 25 portion of software. or some machine code (hereinafter method steps for operating a computer. coupled to a series “code”). in a manner similar to how a physical passport of networks. and processing electrical or other physical identi?es a person. The concept is similar to the real-life signals to generate other desired physical signals. passport system which forms the basis of a trust model The present invention also relates to apparatus for per among different nations. Physical passports enable border forming these operations. This apparatus may be specially entry o?icers to identify each individual and make certain constructed for the required purposes or it may comprise a decisions based on his/her passport. As will be described general purpose computer selectively activated or recon?g below. a software passport is a modern release process for ured by a computer program stored in the computer. The distributing software products. A software passport gives a method/process steps presented herein are not inherently software product an identity and a brand name. The software related to any particular computer or other apparatus. Vari 35 passport provides the basis of a trust model and allows ous general purpose machines may be used with programs in computer users to identify and determine the genuineness of accordance with the teachings herein. or it may prove more a software product based on the information contained in its convenient to construct specialized apparatus to perform the passport. required method steps. The required structure for a variety of Referring now to FIG. 2. the present invention is illus these machines will be apparent from the description given trated in conceptual form for the case where the computer below. code (comprising a piece of software) and the software passport are in separate ?les. FIG. 3 illustrates the use of the DETAILED DESCRIPTION OF THE present invention where the computer code comprising a INVENTION piece of software and the software passport are in the same In the following description. numerous speci?c details are 45 ?le. set forth such as system con?gurations. representative data. As illustrated in FIGS. 2 and 3. the information included computer code organization. encryption methods. and in the present invention’s software passport may include: devices. etc.. to provide a thorough understanding of the product information. such as the software product’s name present invention. However. it will be apparent to one skilled and any other relevant information to the speci?c in the art that the present invention may be practiced without 50 product; these speci?c details. In other instances. well known circuits company information including the name of the company and structures are not described in detail in order to not or the software application writer who has produced the obscure the present invention. Moreover. certain terms such product; as “knows”. “veri?es”. “compares”. “examines”. “utilizes". a validity date which includes the issue date of the “?nds”. “determines”. “challenges”. “authenticates”. etc.. 55 software passport and the expiration date of the pass are used in this Speci?cation and are considered to be terms port; of art. The use of these terms. which to a casual reader may a restricted rights legend including copyright notices and be considered personi?cations of computer or electronic other similar legends; systems. refers to the functions of the system as having the software code body including executable application human-like attributes. for simplicity. For example. a refer ence herein to an electronic system as “determining” some code distributed to the user; thing is simply a shorthand method of describing that the an application writer’s license; and. electronic system has been programmed or otherwise modi a software application writer‘s digital signature. ?ed in accordance with the teachings herein. The reader is It will be appreciated that the components of a software cautioned not to confuse the functions described with every passport are genm'ally self-explanatory. with the application day human attributes. These functions are machine functions writer’s license and digital signature explained in more in every sense. detail below. 5 v724,425 7 8 SOFTWARE PRODUCER’S DIGITAL SIGNATURE In accordance with the teachings of the present invention. A digital “signature” is produced by using certain cryp a software application writer (“SW") supplies three major tographic techniques of computing a message digest of a pieces of information to a compiler prior to compilation of piece of software code (hereinafter “code”). and encrypting the code: the message digest using the signer‘s private key. There are the source code written by the application writer; many known message digest algorithms. such as the MD2. the application writer’s private key; and MD4. and MDS algorithms published by RSA. Inc. The use the application writer’s license. of private cryptographic techniques makes this signature The code included in a passport may comprise source very difficult to forge since the signer keeps the private key code in various computer languages. assembly code. secret. The reader is referred to the papers by Whit?eld machine binary code. or data. The code may be stored in 1O Dif?e. “The First Ten Years of Public Key Cryptography”. various formats. For example. a piece of source code may be Vol. 76. No. 5 (IEEE Proceedings. May 1988). which is stored in a clear text form in the passport. Aportion of binary attached hereto as Appendix A; and Whit?eld Di?ie. et al.. executable machine code may also be stored in a compacted “Authentication and Authenticated Key Exchanges” (1992 format in the passport. using certain well known compaction Kluwer Academic Publishers) attached hereto as Appendix algorithms such as Huffman encoding. The format used in a B. for a detailed description of the operation of Di?ie particular implementation is indicated by a ?ag in the Helman certi?cates and public key cryptography. passport. One may conceptualize the computing of the message Binary executable code may further be stored in a digest for a piece of code as a mechanism of taking a photo printable-character set format to allow the passport to be snapshot of the software. When the code changes. its mes printed A user would then reverse the printable-format to sage digest re?ects any differences. In the system of the 20 recover the software. Moreover. code protected by intellec present invention. this “digital signature” is stamped on the tual property. such as copyright or patent. may be stored in product prior to its release. The digital signature associates an encrypted format in the passport. In such case. it is contemplated that a user may be required to pay a license fee a product with the entity that has produced it. and enables prior to gaining access to the software. consumers to evaluate the quality of a product based on the reputation of the producer. The signature also permits a 25 Referring now to FIG. 4. to generate the software pas sport of the present invention. the original source code 20. the consumer to distinguish the genuineness of a product. application writer’s private key 22. and the application SOFTWARE PRODUCER’S LICENSE writer’s license 24 is provided to a compiler 26. As The present invention’s software producer's license (at illustrated. the application writer's license 24 includes the time referred to herein as the “application writer’s license”) 30 writer‘s name 30. the writer's public key 32 and a validity is an identi?cation similar to the home repair contractor’s date 34. license issued by a state. A software producer’s license The compiler 26 then compiles the source code 20 into identi?es and certi?es that the producer is authorized to binary code. The compiler 26 further computes the message perform certain software production activities. It is contem digest of the binary code. and encrypts the message digest plated that the software producer’s license will be issued by using the private key 22 supplied by the application writer. some commonly-trusted authority established by the com This encrypted message digest constitutes the application puter software industry. Before issuing an license to a writer’s signature. software producer. this authority performs a de?ned process A digital signature of the application writer is produced to authenticate the person or company. and to verify their job and embedded in the passport. The compiler 26 also embeds skill; as a state does before issuing a contractor's license. For the application writer‘s license 24 in the passport. The convenience. in this Speci?cation. this commonly-trusted application writer’s license 24 allows any user who has entity is referred to as the Software Publishing Authority purchased the product to recognize the maker of the product. (“SP "). The application writer‘s digital signature in the passport A software producer’s license contains the following allows any user to verify the genuineness of the product. The information: SPA‘s digital signature in the application writer’s license 24 the producer’s name; provides the user with the ability to verify that an application the license‘s issue date; writer is a licensed application writer by using SPA’s public the license’s expiration date; key to encrypt the signature. the producer‘s public key; As shown in FIG. 4. the generated software passport 38. the name of the issuing authority. SPA; and 50 including the application code is then distributed using any the SPA‘s digital signature. desired software distribution model. The passport 38 is A software producer’s license associates an application received by a user and is executed using an operating system writer with a name and a public key. It enables a software (OS) running on a computer system (“platform”) such as the producer to produce multiple products. and to sign every system of FIG. 1. product produced. The public key embedded in a license 55 Referring now to FIG. 5. the use of the present invention belongs to the person who owns the license. This public key by platform builders will be described. In the electronic can later be used by any third party to verify the producer's game industry and the interactive television cable set-top digital signature. A user who has purchased a product can box industry. platform producers often desire to allow only determine the genuineness of a product by using the public authorized code to be executed on their particular platform. key embedded in the producer's identi?cation to authenti To be able to control the accessibility of a platform. the cate the digital signature. received code must be identi?able and the platform must be The SPA’ s digital signature is generated by computing the able to identify the software when it arrives. As illustrated in message digest of the producer’s identi?cation and encrypt FIG. 5. the present invention may be applied in a platform ing the message digest using the SPA’s private key. Since the producer licensing scheme with particular application for SPA’s private key is kept private to the SPA. third parties are 65 use in settop box and video game environments. not able to easily forge the SPA’s signature to produce afake Referring now to FIGS. 6a and 6b. a platform producer identi?cation. may issue a "programmer’s license" to a set of application
Description: