Use of Data Encryption in Today's Context: SOFTWARE PROTECTION

E-Commerce

Software Protection
Digital Copyright Protection
Virus Detection

Glossary

Use of Data Encryption in Today's Context: Software Protection
Digital Copyright Protection

There are several ways in which encryption could help protect copyrighted materials in electronic world. Often, the key to the encrypted data is provided by the manufacturer after a purchaser registers his product.
Pirated Copies
Freezing data at original time of original version copy may indicate authenticity. When the time does not match with the hashed value of time and purchaser ID, the program may be made to abort installation. Hardware or software may also be forced to accept only authentic data.
Locking CD-ROM
Files are ‘locked’ in CD-ROM. Unlocking the files requires different keys, which may be obtained from the manufacturer upon purchase of that particular file. This unlocked version is copied into hard disk — ready to use. This method prevents collecting a list of unlocking codes for the CD and then distributing it, since each CD has different sequence of unlocking codes. However, this does not rule out copying all the files and their unlocking codes into new CDs and redistributing them.
Customizing software
When a software is installed, the existing serial number is converted into a product of hash function — obtained from some blocks of data from the hard disk. Machine-specific program will not work when program is transferred, unless a customized digital ID code is generated and copied together with software. This code is shipped at registration time.
Custom Unlocking codes
Each file has one true key to unlock it. CD-ROM contains many files, not all of which the user wants to buy. Often the value of key K, which is not necessarily unique from CD to CD, has to be read aloud over the phone.
A solution is to encrypt K with ID: F_ID(K). Hence the value made known to user varies from CD to CD (different IDs).
A weakness occurs when a user gathers F_ID(K₁), F_ID(K₂), …F_ID(K_n) and try to ‘decrypt’ the algorithm to recover ID, hence obtaining raw values of K for different files.
A defensive mechanism then would be to encrypt each locking code with different values (hashed from time and ID).
Smart Card
A 'pay per view' system could be implemented, where the smart card contains keys that can be used to decrypt the already present encrypted data. When keys are replaced in regular intervals, card too can be re-issued and recycled.
In smart card, it is obvious from the absence of a magnetic stripe that they store all their information on a chip buried within the card. Compared to conventional magnetic stripe cards, smart cards differ in several important ways:

They can store much more data
They can be password protected
They can incorporate a microprocessor that can perform processes such as encryption

MAJOR PROBLEM
The US government views encryption as a potential threat to its surveillance power as information is being made secret. Concurrent with its law of restrictive export of cryptographic materials, copyrighted materials which are exported abroad often are encrypted weakly using a compromised method using key of 40-bits or less.
This has serious implications to copyright holders who are US citizens. Each year, numerous amount of money is lost to copyright infringement outside the US because any encryption stronger than 40-bit key, was not allowed.

Copyright ©1999 ThinkQuest Team 27158 — Developed for ThinkQuest 1999

E-Commerce Software Protection Digital Copyright Protection Virus Detection Glossary			Use of Data Encryption in Today's Context: Software Protection Digital Copyright Protection There are several ways in which encryption could help protect copyrighted materials in electronic world. Often, the key to the encrypted data is provided by the manufacturer after a purchaser registers his product. Pirated Copies Freezing data at original time of original version copy may indicate authenticity. When the time does not match with the hashed value of time and purchaser ID, the program may be made to abort installation. Hardware or software may also be forced to accept only authentic data. Locking CD-ROM Files are ‘locked’ in CD-ROM. Unlocking the files requires different keys, which may be obtained from the manufacturer upon purchase of that particular file. This unlocked version is copied into hard disk — ready to use. This method prevents collecting a list of unlocking codes for the CD and then distributing it, since each CD has different sequence of unlocking codes. However, this does not rule out copying all the files and their unlocking codes into new CDs and redistributing them. Customizing software When a software is installed, the existing serial number is converted into a product of hash function — obtained from some blocks of data from the hard disk. Machine-specific program will not work when program is transferred, unless a customized digital ID code is generated and copied together with software. This code is shipped at registration time. Custom Unlocking codes Each file has one true key to unlock it. CD-ROM contains many files, not all of which the user wants to buy. Often the value of key K, which is not necessarily unique from CD to CD, has to be read aloud over the phone. A solution is to encrypt K with ID: F_ID(K). Hence the value made known to user varies from CD to CD (different IDs). A weakness occurs when a user gathers F_ID(K₁), F_ID(K₂), …F_ID(K_n) and try to ‘decrypt’ the algorithm to recover ID, hence obtaining raw values of K for different files. A defensive mechanism then would be to encrypt each locking code with different values (hashed from time and ID). Smart Card A 'pay per view' system could be implemented, where the smart card contains keys that can be used to decrypt the already present encrypted data. When keys are replaced in regular intervals, card too can be re-issued and recycled. In smart card, it is obvious from the absence of a magnetic stripe that they store all their information on a chip buried within the card. Compared to conventional magnetic stripe cards, smart cards differ in several important ways: They can store much more data They can be password protected They can incorporate a microprocessor that can perform processes such as encryption MAJOR PROBLEM The US government views encryption as a potential threat to its surveillance power as information is being made secret. Concurrent with its law of restrictive export of cryptographic materials, copyrighted materials which are exported abroad often are encrypted weakly using a compromised method using key of 40-bits or less. This has serious implications to copyright holders who are US citizens. Each year, numerous amount of money is lost to copyright infringement outside the US because any encryption stronger than 40-bit key, was not allowed.
			Copyright ©1999 ThinkQuest Team 27158 — Developed for ThinkQuest 1999