[54] COMPUTER SOFTWARE
AUTHENTICATION, PROTECTION, AND
SECURITY SYSTEM
[75] Inventor: Christopher Nathan Drake, North
Sydney, Australia
[73] Assignee: Christopher N. Drake, United Kingdom
[21] Appl. No.: 08/679,077 [22] Filed: Jul. 12, 1996
Related U.S. Application Data
[63] Continuation of application No. 08/679,077, Jul. 12, 1996.
[30] Foreign Application Priority Data
Jul. 14, 1995 [AU] Australia PN4186
May 15, 1996 [AU] Australia PN9866
[51] Int. CI. G06F 12/14
[52] U.S. CI 713/200
[58] Field of Search 395/186, 188.01;
364/222.5, 286.4, 286.5; 380/3, 4, 23, 59;
713/200, 202
[56] References Cited
U.S. PATENT DOCUMENTS
4,918,653 4/1990 Johri et al 364/900
4,945,468 7/1990 Carson et al 364/200
5,343,527 8/1994 Moore 380/4
5,488,664 1/1996 Shamir 380/54
5,521,722 5/1996 Colvill et al 358/500
5,530,752 6/1996 Rubin 380/4
5,590,199 12/1996 Krajewski, Jr. et al 380/25
5,606,609 2/1997 Houser et al 380/4
5,613,012 3/1997 Hoffman et al 382/115
5,664,099 9/1997 Ozzie et al 395/186
A software-based computer security enhancing process and graphical software-authenticity method, and a method to apply aspects ol the two are disclosed. The process provides protection against certain attacks on executable software by persons or other software used on the computer. Software using this process is protected against eavesdropping (the monitoring ol software, applications, the operating system, disks, keyboard, or other devices to record (steal) identification, authentication or sensitive data such as passwords, User-ID's, credit-card numbers and expiry dates, bank account and PIN numbers, smart-card data, biometric information (for example: the data comprising a retina or fingerprint scan), or encryption keys), local and remote tampering (altering software to remove, disable, or compromise security leatures ol the altered software) examination (viewing the executable program, usually with the intent ol devising security attacks upon it), tracing (observing the operating ol an executable program step-by-step), and spoofing (substituting counterfeit software to emulate the interlace ol authentic software in order to subvert security) by rogues (eg: Trojan Horses, Hackers, Viruses, Terminateand-stay-resident programs, co-resident software, multithreaded operating system processes, Worms, Spool programs, key-press password capturers, macro recorders, sniffers, and other software or subversions). Aspects include executable encryption, obftiscation, anti-tracing, anti-tamper & sell-verification, runtime sell-monitoring, and audiovisual authentication (math, encryption, and graphics based method permitting users to immediately recognise the authenticity and integrity ol software). FIG. 5 in the specification depicts the many components and their interaction.
