Browse Prior Art Database

Method for Privacy-Preserving Enforcing Non-Hackable Software Licensing with CPU-Enclaves and User-Controlled In- and Output Observability

IP.com Disclosure Number: IPCOM000249237D
Publication Date: 2017-Feb-13
Document File: 5 page(s) / 199K

Publishing Venue

The IP.com Prior Art Database

Abstract

This disclosure presents a method for licensing of software, without the possibility to crack the software or to observe how the software works. The software vendors does neither learn which entity wants to execute, but only that a given license is valid. Still, the user is able to see what information from the application in question is read and written.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 24% of the total text.

1

Method for Privacy -Preserving Enforcing Non -Hackable Software Licensing with CPU-Enclaves and User -Controlled In - and Output Observability

Background. Licensingofsoftwarebecameoneofthemajorincomefactorsforsoftware companies.However,softwarecanbecracked,meaningthatanunlimitedamountofcopiescan bedeployed,orlicensescanbedistributedfreely. Existingapproaches,however,haveatleastoneofthefollowingdrawbacks,evenifcombined withaTPM:

$ Akey/licensecanbesimplybecopied $ Softwarecanbemodified,i.e.,crackedtoavoidthekeycheck,TPM,orcopiedtoanother

systemwhichfakesaTPM $ Resellingdoesnotguaranteethatthesoftwareisnolongerusedattheorigin $ Contentsoftheprogram/RAMcanbemodifiedby,e.g.,arogueoperatingsystemor

hackingtoolswithoutextraprecautions. $ Somesolutionsrequirestateontheuser'smachine. $ Simplydecryptingusinga``protected''key(e.g.,usingaTPM)doesnothelpeither:at

somepoint,thedatahastobecopiedtoRAMinanUNecryptedform.Then,itcan simplybecopied.

$ SomeadditionalsoftwareOS,suchasahypervisor,isrequired. $ Notalloperatingsystemscanbeused,astheyneedtoattestedwithTPMs.Thisistoo

limitingforGPLandthelike.Thismayhappen,ifcertainpeoplewanttousetheirown OS,orevenbuildtheirownkernel,asstandardformostOS.

$ Updatesaresometimescumbersome,asinsomeexistingsolutionsthecompletesystem needstohaveanattestation.Thus,notevenself-compiledkernelmodules,driversandthe likecanbeused.

$ Trade-Secrets,e.g.,sensitivecode,havetobegiventosomeentitygeneratingsignatures. $ Usingsolutionswhichrequireahypervisorhavetheproblemthatthehypervisormaybe 

buggy,suchthataroguedriver,roguehardwareandthelikemayimpactonsecurity. $ De-compiling. $ Usersdonottrustencryptedcode,asitcannotknowwhatitdoes,i.e.,whichdataisread

from,e.g.,theRAM,HDDorother``non-enclavedevices''. $ Runningmultiple``to-be-licensed''softwareinparallel. $ Userscannotbesurewhatthecoderunactuallyreads.

Scheme .TheideaisthataCPU-enclave,whichistrustedinallenvironments(viaattestation), executesthecode.Themaintrickweuseisthateventheprogramremainsencryptedallthetime , whilewedonotneedtousehomomorphicencryption.Thisisachievedbyattestingthe correctnessofahardcodedpublickeyandthecorrespondingcode.Theenclavethenreceivesthe keyusedtotheencryptthesoftware,whichcanthenberun.TheIDoftheenclaveisboundtoa license.Ourprivacyextensionalsohidesthisidentity,whileourgatewayallowstheusersto checkthein-andoutputbehaviorofthesoftware. BuildingBlocks. Forourschemetowork,weneedthefollowingstandardprimitives:

2

$ AnAE-securesymmetricencryptionscheme. $ ACCA2-securepublickeyencryptionscheme $ AneUNF-CMAsecuresignaturescheme...