US20060294395A1 - Executable software security system - Google Patents

Executable software security system Download PDF

Info

Publication number
US20060294395A1
US20060294395A1 US11/223,175 US22317505A US2006294395A1 US 20060294395 A1 US20060294395 A1 US 20060294395A1 US 22317505 A US22317505 A US 22317505A US 2006294395 A1 US2006294395 A1 US 2006294395A1
Authority
US
United States
Prior art keywords
executable program
encrypted
key
computer
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11/223,175
Inventor
Mark Ogram
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BABEL SECURE LLC
Original Assignee
Ogram Mark E
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/170,229 external-priority patent/US7792289B2/en
Application filed by Ogram Mark E filed Critical Ogram Mark E
Priority to US11/223,175 priority Critical patent/US20060294395A1/en
Publication of US20060294395A1 publication Critical patent/US20060294395A1/en
Assigned to BABEL SECURE LLC reassignment BABEL SECURE LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: OGRAM, MARK
Priority to US12/583,250 priority patent/US8176313B2/en
Priority to US12/800,476 priority patent/US20100293390A1/en
Priority to US12/932,255 priority patent/US20110197076A1/en
Priority to US13/066,210 priority patent/US20110288976A1/en
Priority to US13/066,638 priority patent/US20110314276A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory

Definitions

  • This invention relates generally to the communication of data and more particularly to communications which are encrypted.
  • passwords and ID's are often used. Unfortunately, often these passwords/IDs are stolen and are then used indiscriminately by a criminal or hacker.
  • Enigma Machine developed by Germany during World War II was an elaborate and complex systems of gears which was used to map each new character and which relied upon the previously mapped message in determining how the next character was mapped.
  • Another problem which computer users have encountered is the unauthorized planting of viruses , “spyware”, and other programs into a users computer. These unauthorized programs often enter the computer innocuously during normal operation of the computer and are then stored into the computer's memory automatically during normal shut-down of the computer.
  • a communications system in which a sending computer encrypts a message using a key associated with the computer which is to receive the message; the receiving computer uses a key associated with the sending computer in the decryption process.
  • the sending computer is equipped with a set of keys and each key within the set is useable for the encryption process.
  • the selection of a particular key depends on the destination of the message; or, if it is the first time a message is being sent to that destination, the key is arbitrarily selected and a record associated the arbitrarily selected key and the destination is made for future reference.
  • a computer is configured to perform a designated operation on data to obtain a desired result.
  • Configuration of a computer is often done through a programming language (e.g. assembly, basic, Colbol, Fortran, C.) which defines the function of the computer; but, in some situations, “hard wired” or dedicated circuitry is also used.
  • a programming language e.g. assembly, basic, Colbol, Fortran, C.
  • the invention relates to a sequence of symbols which are represented in a digital manner.
  • sequences such as the American Standard Code for information Interchange (ASCII).
  • ASCII American Standard Code for information Interchange
  • the digital map to symbols is arbitrarily done.
  • each symbol is arbitrarily assigned a unique value which forms another level of encryption.
  • each “computer” is defined by its capabilities or function.
  • each digital value which is to be communicated is mapped uniquely to another value within the field.
  • the mapping or encrypting is done on an individual value without any necessary reference to prior or future encryptions.
  • the encrypting site and the decrypting site both have a “key” which is used both for the encrypting and decrypting operation. Since the “key” or mapping template provides a unique mapping and that “key” is not available to others, the possibility of a “hacker” being able to fraudulently decrypt the message is all but eliminated.
  • the “key” is a series of values which are used in both the mapping process and the reverse-mapping process and consists of a series S j .
  • the creation of the key is accomplished through a variety techniques, including, but not limited to: random number generation, prior data based, fixed set, historically based, based on the computer identification/serial number, or any combination of the above.
  • Random number based keys are created using a programmed or “canned” random number generator. These generators produce a series of values which appear random, but, in actuality are not truly random in that each time the random number generator program is initiated, it produces an identical series of “random numbers”; hence, if the encrypting and the decrypting computers operate the same random number generator, both computers develop identical series of values.
  • An alternative technique creates a series of numbers to create the key using values from the message or the key itself which have been produced or provided earlier. In this case, a Markov type of series is produced. The creation of the function which produces this series of values is limitless and relies only upon the creative power of the developer.
  • a fixed set is any sequence of values. Ideally these values should not have any readily discernable relationship or patter, making hacking the message even more difficult.
  • both the encrypting and the decrypting computer ideally have the fixed set within their own memory.
  • the number of sets which can be used are only limited by the creativity of the developer of such sets. Examples of such sets include:
  • the length of the fixed set isn't critical to the process as the set can be extended to any required length (to fit the message itself) by simply repeating the fixed set, reversing its order, skipping values when repeating the set, etc.
  • Those of ordinary skill in the art readily recognize a variety of different techniques which allow the fixed set's length to be extended.
  • the values within the key are not limited to a particular range; although some embodiments do limit the values to a set range for ease in computation.
  • a “key” is possible using historical data.
  • each new message is used to establish a new “key”. As example, if the message was, “The red dog ran home”, then these values will be used as the key for the second message; and the second message will act as a “key” for the third message; etc.
  • a “key” can also be made using the computer's own identification. Such fixed values include the serial numbers of the computers involved and/or the e-mail identifier for the computers. Those of ordinary skill in the art readily recognize a variety of techniques which serve this function. As example, assume the computer's serial number is: AJX45812, then a potential initial key is (assigning numerical values to the letters)
  • the invention to protect a computer from unauthorized programs, has an interface which is configured to load executable programs; these programs are stored in an encrypted form.
  • the interface allows for the withdrawal of and storage of executable programs from a memory mechanism where the executable programs are kept in encrypted form.
  • the interface component of the computer system accepts an operator. defined key.
  • This key is used for both the encryption and decryption as outlined above.
  • the key is collected from the operator. This assures the operator that only he is able to load executable programs onto his computer. Without the proper key, the program will not be decrypted properly and will only be “garbage” and not be able to program the computer.
  • this embodiment of the invention allows multiple users the ability to use a single computer/computer system without having to share executable programs. Each user is able to decrypt only their own software and retrieve that software using their individual key. In this manner, a large computer system operator is assured that only those that have authority to use a particular program (due to licensing restrictions, security classification, or privacy issues) is provided access to the program.
  • the encrypted executable program from memory.
  • the interface decrypts the encrypted executable program into a functional executable program and places the functional executable program into the processing unit or its associated working memory.
  • each executable program is checked to see if it was derived from an encrypted executable program; those that aren't, are verified as being legitimate by the operator prior to their storage into the memory.
  • a query is presented to the operator asking if the program should be properly stored (i.e. encrypted before being placed in memory). If the operator consents, the program is considered “authorized” and is encrypted and stored; if the operator does not consent, then the program is “trashed”.
  • a further advantage of the present invention is its ability to check a “key” without having the key accessible to anyone. To accomplish this, the presented key is used to decrypt an encrypted template from the memory into a decrypted template.
  • the now decrypted template is used as a verifying mechanism to see if the key entered by the operator was properly given or might have been mistyped.
  • Verifying the decrypted template may be as simple as asking the operator, “Is your name . . . ” where the decrypted template is used as the name.
  • Other techniques for verifying the template include a simple check to a unencrypted template or a check to see if the unencrypted template matches the operator provided key.
  • Those of ordinary skill in the art readily recognize a variety of other uses employing the decrypted template.
  • This technique for checking the key provides a fail-safe method to assure the operator hasn't mis-typed the key before the key is used in the encryption and decryption process.
  • FIG. 1 is a block diagram of the preferred embodiment of the mail server system.
  • FIG. 2 is a block diagram of the audio/video/program download system of the present invention.
  • FIG. 3 is a block diagram illustrating secure communications between multiple users.
  • FIG. 4 is a block diagram of an embodiment of the invention used to provide security for a data base.
  • FIG. 5 is a block diagram showing the use of differing encryption systems between a sender and a receiver.
  • FIG. 6 is a block diagram of the preferred embodiment for the creation of secure usage of a software program.
  • FIG. 7 is a flow-chart illustrating an embodiment of the remainder subroutine used in the preferred encryption technique.
  • FIG. 8 is a flow-chart illustrating the preferred embodiment for the encryption technique.
  • FIG. 9 is a flow-chart illustrating the preferred embodiment of the decryption technique.
  • FIGS. 10A and 10B are flow-charts illustrating an embodiment of the audio/video/program download and play-back respectively.
  • FIGS. 11A and 11B are flow-charts of the preferred embodiment's operation for mail for when a message is to be sent and when a message is received.
  • FIG. 12 is a table illustrating the preferred embodiment's process.
  • FIG. 13 is a block diagram illustrating the invention's protection for executable programs.
  • FIG. 14 is a flowchart illustrating the preferred embodiment for the verification of a proper key.
  • FIGS. 15A, 15B , and 15 C illustrate alternatives for the verification of key input.
  • FIG. 16 is a flowchart of the preferred embodiment of the interface used to withdraw encrypted executable programs.
  • FIG. 17 is a flowchart of the preferred embodiment of the interface used to store/encrypt executable programs.
  • FIG. 1 is a block diagram of the preferred embodiment of the mail server system embodiment of the invention.
  • Mail server computer 14 is accessible to multiple computers via the Internet 13 .
  • Three computers are used.
  • Computers 10 , 11 , and 12 are connected to the Internet 13 and by extension, also to mail server 14 .
  • computer 10 is equipped with the encryption software (M) and a set of keys as defined above (in an alternative embodiment, computer 10 is configured to establish the key using one of the techniques above); but, computer 11 does not have the decryption software (M′) nor any keys.
  • M encryption software
  • M′ decryption software
  • the user of computer 10 enters a communication, MSG and a destination address (i.e. the e-mail address for computer 11 (or some other identifier).
  • a destination address i.e. the e-mail address for computer 11 (or some other identifier).
  • Computer 14 determines that this destination has not been used before so one of the keys from the set of keys is arbitrarily selected. Using this key and the mapping function, M.
  • the communication MSG is encrypted.
  • the now-encrypted communication, an identifier of the key used, and the destination address, are communicated to the mail server computer 14 by computer 10 via Internet 13 .
  • Mail server computer 14 recognizes that computer 10 has not previously communicated securely with computer 11 . Using the destination information, computer 14 sends an unencrypted message to computer 11 and provides computer 11 with the capability to download the decryption function/software M′ together with a single key which is to be used to decrypt the encrypted communication.
  • computer 11 is provided with the capability to receive secure communications from computer 10 ; but, computer 11 is not able to send secure communications back to computer 10 (nor to any other computers) without acquiring the encryption mapping capability M together with the entire set of keys.
  • the user of computer 10 enters a communication, MSG and a destination address (i.e. the e-mail address for computer 12 or other identifier).
  • a destination address i.e. the e-mail address for computer 12 or other identifier.
  • computer 10 identifies a specific key within the set of keys and uses the specific key with the mapping function M on the communication MSG to create the encrypted message.
  • the encrypted message is communicated from computer 10 via the Internet 13 to mail server computer 14 .
  • Mail server computer 14 knowing the source of the now-encrypted communication, as well as the destination address (computer 12 ), determines that these two computers have been in previous secure communications; hence, mail server computer 14 passes the communication along to computer 12 .
  • mail server computer 14 decrypts the message from computer 10 and re-encrypts the message specifically for computer 12 . This embodiment provides another level of security.
  • mail server computer 14 either directly or instructs computer 10 to modify its memory so that the next time a secure communication is sent from computer 10 to computer 12 , a different key is used. This modification provides additional security relative to the communications.
  • computer 12 Upon receipt of the encrypted message, computer 12 , using the source identifier of computer 10 , identifies the proper key from its memory which is to be used in the decryption process. This identified key, together with the decryption mapping function M′, allows computer 12 to recreate the original message and display (or place in memory) the original message for the user of computer 12 .
  • Computer 12 is also able to send a secure communication to computer 10 in a manner as outlined above for a communication between computer 10 and computer 12 .
  • the entire encryption/decryption process is “transparent” to the users of computer 11 and computer 12 . That is, the users only “see” decrypted material and all encryption and decryption is done automatically.
  • FIG. 2 is a block diagram of the audio/video/program download system of the present invention.
  • the security which is sought isn't against a third party interloper, but, instead is from the user of computer 22 who, while authorized to obtain the data, may want to download data and then improperly share the downloaded data with others who have not paid or who are not authorized to have the downloaded data.
  • Download server 21 interacts with remote computers via Internet 20 .
  • Download server 21 contains digital data which is used to create music, audio, and/or video representations.
  • computer 22 When computer 22 wants to acquire such data, contact is made by computer 22 which requests a specific set of data from download server 21 . During the request, computer 22 communicates a key specific to computer 22 which is to be used for the encryption and decryption of the data set. This key is ideally an internally stored value or sequence.
  • download server 21 encrypts the data and communicates the encrypted data via Internet 20 to computer 22 which stores the encrypted data in memory. While in some embodiments, the data is decrypted prior to storage, in the preferred embodiment of this system, the encrypted data set is stored in memory and is not decrypted until ready for use.
  • portions of the encrypted data set are withdrawn from the memory and are decrypted. This decryption step is accomplished using the internally established key within computer 22 ; thereby making decryption by any other machine impossible since decryption requires the unique key uniquely found within computer 22 .
  • handheld computer 22 is able to interact with download server 21 via Internet 20 and obtain data which, when used by handheld computer 22 produces music, audio information, or movies.
  • FIG. 3 is a block diagram illustrating the secure communications between multiple users.
  • a mail server is not employed, rather, traditional e-mail communications systems are used for the delivery of the messages.
  • Each computer ( 31 , 32 , and 33 ) is able to send messages which have a destination as well as a message (with or without attachments).
  • Computer 31 When the user of computer 31 wants to send a secure message to computer 32 , a different key is chosen.
  • Computer 31 is creating a series of communications with any number of remote computers, but, each remote computer receives the message in its own unique “language” which is not discernable by the other remote computers. In this manner, unique communications are available. Note, in some situations, a particular key is used with many different computers; but, the selection of the key is still based on the destination computer.
  • This technique prevents hackers from assuming a false identity merely to gain access to a computer.
  • a portion of the message being communicated contains an encrypted key which is to be used for the next transmission or reply. This makes it even more difficult for the hacker to counterfeit his identity from the receiving computer.
  • the tenth characters is used as a source in the generation of random numbers by a canned random number generator.
  • FIG. 4 is a block diagram of an embodiment of the invention used to provide security for a data base.
  • This embodiment of the invention provides security for a data base which is accessed by many remote sites. Data-base access operations are commonly found in such businesses as: credit card companies; state motor vehicle departments; internal revenue; banking facilities; and many more obvious to those of ordinary skill in the art.
  • This embodiment prevents an authorized user of the data base from improperly collecting data from the data base for nefarious uses.
  • data base 45 contains a large amount of proprietary information which is accessible by remote computers 41 , 42 , and 43 .
  • the material within data base 45 is encrypted and remains-encrypted using any of the techniques already discussed or others obvious to those ordinary skill in the art.
  • controller decryption/encryption 44 which identifies the particular data set within data base 45 (which is encrypted) and requests that encrypted information to be sent by data-base 45 to controller/decryption/encryption 44 .
  • Controller decryption/encryption 44 decrypts the data set from its stored encrypted state and then re-encrypts the data set using a key which is specific to computer 41 .
  • computer 41 decrypts the data set for use by the user of computer 41 .
  • the user of computer 41 is able to manipulate the data set as per their job (such as changing certain elements to reflect such things as an increased loan amount).
  • computer 41 encrypts the up-dated data set and communicates the encrypted material back to controller 44 .
  • Controller 44 upon receiving the encrypted data set, recognizes the source of the material and, using the key appropriate for computer 41 , decrypts the data set and then re-encrypts the data set commensurate with the encryption technique and key used for data storage within data base 45 .
  • the user of computer 41 is only able to acquire a limited amount of data, as the contents of the data base are kept encrypted using a key which is unknown to the user of computer 41 .
  • FIG. 5 is a block diagram showing the use of differing encryption systems between a sender and a receiver.
  • computer 51 and computer 52 when communicating with each other via Internet 50 , identity themselves and each other with each of the messages being sent. While some embodiments of the invention utilize the same key for the encryption for the outgoing messages (which is also used for the decryption process), in the preferred embodiment each of the computers 51 and 52 use a unique key for the reply message. This causes message 53 A to be encrypted differently than message 53 B, even though the same two computers are being used for both messages.
  • This structure keeps someone from being able to re-create the entire “conversation” between computers 5 I and 52 without knowing both encryption keys.
  • FIG. 6 is a block diagram of the preferred embodiment for the creation of secure usage of a software program to prevent the pirating of software.
  • a software program (such as a spread sheet program) has been stored in the long term memory 63 of the computer.
  • the program within long term memory 63 is encrypted using an identifier (such as the serial number) of the computer as the key for the encryption.
  • Central Processing Unit (CPU) 60 directs a portion of the program 64 A to be withdrawn and decrypted 61 .
  • the decrypted portion is communicated to the volatile or working memory (e.g. Random Access Memory RAM, or the like) 62 which is used by CPU 60 in performing the program segment.
  • volatile or working memory e.g. Random Access Memory RAM, or the like
  • these sections are selectively pulled 64 B and 64 C, decrypted 61 , and used to refresh or replace the contents of RAM 62 .
  • FIG. 7 is a flow-chart illustrating an embodiment of the remainder subroutine used in the preferred encryption technique.
  • This encryption technique uses a remainder operation in the mapping operations, whether that operation is for encryption or decryption.
  • the remainder subroutine R(A,B)
  • a pointer is set to zero 71 A and the values A and B are obtained 72 .
  • a decision is then made if A ⁇ B 73 A and if so, C is assigned the value A 71 B and the subroutine returns C 70 B.
  • FIG. 8 is a flow-chart illustrating the preferred embodiment for the encryption technique.
  • the remainder is obtained (R[O j , X j ]) 82 A and the value C is returned.
  • the remainder is obtained for (R[O j +C, X j ]) 82 B and C is returned.
  • the encrypted value E j is assigned the value C and the E j is then displayed. communicated, or stored 84 .
  • the program then returns to check for the EOF 85 .
  • the entire message is encrypted, symbol by symbol using a key for the mapping/encryption process.
  • FIG. 9 is a flow-chart illustrating the preferred embodiment of the decryption technique.
  • the decryption process is performed automatically without any human initiation.
  • the program outlined in FIG. 9 is initiated automatically upon the receipt or opening of an e-mail, instant message, or any other type of message.
  • the encrypted letter E j is obtained 92 A followed by the adjustment value S j and the maximum level X j 92 B.
  • the remainder subroutine is initiated on S j and X j 93 returning the value C.
  • the original letter O j is displayed (or stored) 95 and the program returns to see if an EOF has now occurred 91 A.
  • the entire encrypted message is decrypted letter by letter using the adjustment values as the key and the maximum value to assist in the mapping procedure.
  • FIGS. 10A and 10B are flow-charts illustrating an embodiment of the audio/video/program download and play-back respectively.
  • the download component once the program starts 100 A, the computer's identification (i.e. the serial number) is transmitted to the source 101 (where the data is being downloaded from). The source then transmits the encrypted series E j 102 A which is then stored within the computer's memory 103 A. The program then stops 100 B.
  • the computer's identification i.e. the serial number
  • the program starts 100 C and an particular value E j is pulled from memory 102 B and this value is decrypted resulting in the decrypted value, the original character/value O j 104 .
  • the original character/value O j is played 103 B.
  • An EOF check 105 is made. If the EOF has been encountered, then the program stops 100 D; otherwise the program loops back and pulls another encrypted value 102 B.
  • FIGS. 11A and 11B are flow-charts of the preferred embodiment's operation for mail for when a message is to be sent and when a message is received.
  • a computer when sending a message ( FIG. 11A ) starts the program 110 A and obtains the destination and message 111 A. Using the destination, a key value is determined 112 A and the message is encrypted 113 A. The encrypted message is then transmitted through normal channels or via a mail server to the destination 112 B and the program stops 110 B.
  • An incoming encrypted message is preferably handled as shown in FIG. 11B .
  • the program starts 110 C and the source of the message and the encrypted message is obtained 111 B.
  • the associated key for decryption is identified 112 C and the encrypted message is decrypted 113 B.
  • the now-decrypted message is displayed for the user 114 and the program stops 110 D.
  • FIG. 12 is a table illustrating the preferred encryption and decryption process.
  • FIG. 12 illustrates how the message: “the red dog ran home” 120 is first encrypted and then decrypted.
  • the receiving computer uses a reversing algorithm together with the key set S j , which were also used in the encryption operation.
  • FIG. 13 is a block diagram illustrating the invention's protection for executable programs.
  • Processing unit 130 receives its operating programs, such as executable programs, from the interface 131 which serves to decrypt the operating programs held in memory 132 .
  • the operating programs are placed within operating memory 133 by the processing unit and are withdrawn as needed.
  • processing unit 130 shuts down, a check is made of the programs it has and a match is made to the memory unit, any programs not in memory are communicated to operator 136 via monitor 134 and operator 136 responds if these programs should be kept or “trashed”.
  • Operator 136 responds via keyboard 135 or some other type of input device such as a mouse or voice recognition microphone.
  • memory 132 , interface 131 , processing unit 130 and operating memory 133 are shown as distinct boxes, but, in alternative embodiments, these functional operations are contained within a single housing.
  • FIG. 14 is a flowchart illustrating the preferred embodiment for the verification of a proper key.
  • the proposed key is obtained from the operator. Using the proposed key, the encrypted template is decrypted 142 . The proposed key is then verified 143 . If the proposed key is verified (Yes), then the program/subroutine stops 140 B; otherwise (the proposed key is not verified, a NO), the operator is informed that the proposed key is not the valid key 144 and another proposed key is obtained 141 .
  • FIGS. 15A, 15B , and 15 C illustrate alternatives for the verification of key input as first discussed relative to FIG. 14 .
  • verification of the proposed key is accomplished in this embodiment by first displaying the decrypted template to the operator 150 and obtaining an authorization indicia from the operator 151 .
  • the template may be as simple as the operator's name. Once the operator's name is decrypted, it is shown to the operator who responds with a “YES” or a “NO” depending on if the display shows his name correctly.
  • This embodiment then branches 152 A based upon the authorization response (element 143 of FIG. 14 ).
  • FIG. 15B shows another technique for verification in which the proposed key is used to decrypt the template which is also the proper key.
  • the proper key is: “September 7 , 1952 ”; the proper key has previously been encrypted using itself for the encrypting process and the encrypted key is placed in the memory.
  • the proposed key is used to decrypt the encrypted proper key. Should the proposed key not be correct, then the decryption will not be preformed properly and the decrypted proper key will not match the proposed key.
  • This type of sorting is done through a simple logical function which compares the template (the proper key) with the proposed key; if they are identical then encryption can proceed; if not, then, as outlined in FIG. 14 (element 143 ), the operator is informed and another proposed key is obtained.
  • FIG. 15C illustrates yet another technique for ascertaining that the proposed key is proper prior to any encryption operation.
  • the operator is queried as the substance of a comparison template 153 .
  • This comparison template is used to compare with the decrypted template 154 for a verification operation.
  • One operation for this embodiment would be where the operator provides not only a proposed key, but also the template.
  • the operator would provide a proposed key, Such as “my name is” and a comparison template, “Mark Ogram”.
  • the program uses the proposed key “my name is” to decrypt the template within memory and if the decrypted template doesn't match “Mark Ogram”, then the proposed key isn't correct.
  • a level of security is provided that prevents any encryption of programs or data using an improper key.
  • FIG. 16 is a flowchart of the preferred embodiment of the interface used to withdraw encrypted executable programs.
  • the identified program is withdrawn from memory in its encrypted form 161 A.
  • the encrypted form is decrypted 161 B as outlined above and is sent to the processing unit 161 C (which stores the decrypted program in the operating memory).
  • the program then stops 160 B.
  • FIG. 17 is a flowchart of the preferred embodiment of the interface used to store/encrypt executable programs.
  • the executable program within the operating memory is identified 171 A.
  • a comparison is then made to determine if that executable program has a counterpart within the encrypted programs 172 A.
  • the executable program is removed from the operating memory 171 E and a determination is made on if there are any more executable programs within the operating memory to consider 172 D. If there are no more executable programs to consider the program stops 170 B; otherwise, the next executable program within the operating memory is withdrawn 171 A for consideration.
  • the executable is removed and the program continues. If the decision is to store the executable program (“YES”) 172 C, then the program is encrypted 171 C using the key previously obtained and the encrypted program is stored 171 D in memory and the executable program is removed 171 E as outlined above.
  • the present invention provides for a highly secure structure for preventing unauthorized executable programs from being stored within a computer.

Abstract

A computer system which is configured to load executable programs. This configuration first accepts an operator defined key; withdraws an encrypted executable program from memory; and, using the operator defined key, decrypts the encrypted executable program into a functional executable program. It is this functional executable program which is used by the processing unit. During shutdown, each executable program is checked to see if it was derived from an encrypted executable program; those that aren't, are verified as being legitimate by the operator prior to their storage into the memory.

Description

  • This is a continuation-in-part of U.S. patent application Ser. No. 11/170,229, filed on Jun. 28, 2005, and entitled, “Encrypted Communications”.
    • BACKGROUND OF THE INVENTION
  • This invention relates generally to the communication of data and more particularly to communications which are encrypted.
  • While distributed network systems such as the Internet, have expanded the horizons for the world in the collection and dissemination of knowledge, by the very nature of these systems, there has developed a growing awareness that information which is so easily obtained, is also lost with the same ease. The problems and crimes associated with the broad dissemination of information have become common place occurrences, and the problems are only expected to become more pronounce in the future.
  • These problems include such things as: identity theft; credit card theft; hacking into private data-bases; disrupting private computers through “viruses”; disruption of governmental data bases; fraudulent control of traffic systems; and many more.
  • Central to all of these problems is the intrinsic anonymous nature of the communications. A receiver of information receives only bits/bytes of digital information and the source of such digital information is generally unknown. Within the Internet, identities are easily created.
  • In an attempt to provide some level of knowledge of the other side, passwords and ID's (identification values/symbols) are often used. Unfortunately, often these passwords/IDs are stolen and are then used indiscriminately by a criminal or hacker.
  • Another technique which has been used to curtail the improper gathers of information is the creation of encryption techniques such as the iKP protocol. These protection schemes though attempt to develop a standard encryption methodology which is used for every secure transmission, but this requirement in and of itself tends to make the encryption both difficult in use and in storing.
  • Almost by the very nature of encryption, encryption must be complex. The Enigma Machine developed by Germany during World War II was an elaborate and complex systems of gears which was used to map each new character and which relied upon the previously mapped message in determining how the next character was mapped.
  • While there is a natural tendency to use “complex” solutions, these complexities make the use of the solution difficult if not impossible.
  • Another problem which computer users have encountered is the unauthorized planting of viruses , “spyware”, and other programs into a users computer. These unauthorized programs often enter the computer innocuously during normal operation of the computer and are then stored into the computer's memory automatically during normal shut-down of the computer.
  • If left unchecked, these unauthorized programs can cripple a computer; and in some situations, sensitive data is stolen without the user ever being aware of the theft.
  • It is clear there is a need for an efficient protection from the unauthorized use of an individual's computer.
    • SUMMARY OF THE INVENTION
  • A communications system in which a sending computer encrypts a message using a key associated with the computer which is to receive the message; the receiving computer uses a key associated with the sending computer in the decryption process.
  • In the preferred embodiment, the sending computer is equipped with a set of keys and each key within the set is useable for the encryption process. The selection of a particular key depends on the destination of the message; or, if it is the first time a message is being sent to that destination, the key is arbitrarily selected and a record associated the arbitrarily selected key and the destination is made for future reference.
  • While the present discussion refers to “computer”, the invention is not intended to apply solely to a single or stand-alone computer. Rather, the term “computer” is intended to relate to a single computer as well as a system of computers which work in concert to obtain the objectives outlined.
  • The following discussion recognizes that a computer is configured to perform a designated operation on data to obtain a desired result. Configuration of a computer is often done through a programming language (e.g. assembly, basic, Colbol, Fortran, C.) which defines the function of the computer; but, in some situations, “hard wired” or dedicated circuitry is also used.
  • Within the present discussion, the invention relates to a sequence of symbols which are represented in a digital manner. Those of ordinary skill in the art readily recognize a variety of such sequences such as the American Standard Code for information Interchange (ASCII). In some situations, the digital map to symbols is arbitrarily done. In this case, each symbol is arbitrarily assigned a unique value which forms another level of encryption.
  • The present discussion refers to the Internet, but, the invention is not intended to be so limited and is viable for any distributed network of computers.
  • For ease in reference, some many of the terms used herein, such as “computers”, “keys”, “data”, “messages” and the like, have been given labels (such as first, second third or primary, secondary, etc.) to help identify them; but, these labels are not intended to be limiting as to the order of use, ownership, or physical position.
  • Within this invention, each “computer” is defined by its capabilities or function.
  • Within the present invention, each digital value which is to be communicated, is mapped uniquely to another value within the field. In this manner, the mapping or encrypting is done on an individual value without any necessary reference to prior or future encryptions. To accomplish this unique mapping objective, the encrypting site and the decrypting site both have a “key” which is used both for the encrypting and decrypting operation. Since the “key” or mapping template provides a unique mapping and that “key” is not available to others, the possibility of a “hacker” being able to fraudulently decrypt the message is all but eliminated.
  • In this context, the “key” is a series of values which are used in both the mapping process and the reverse-mapping process and consists of a series Sj.
  • The creation of the key is accomplished through a variety techniques, including, but not limited to: random number generation, prior data based, fixed set, historically based, based on the computer identification/serial number, or any combination of the above.
  • Random number based keys are created using a programmed or “canned” random number generator. These generators produce a series of values which appear random, but, in actuality are not truly random in that each time the random number generator program is initiated, it produces an identical series of “random numbers”; hence, if the encrypting and the decrypting computers operate the same random number generator, both computers develop identical series of values.
  • An alternative technique creates a series of numbers to create the key using values from the message or the key itself which have been produced or provided earlier. In this case, a Markov type of series is produced. The creation of the function which produces this series of values is limitless and relies only upon the creative power of the developer. As example, the following are all possible functions:
    S j=3*S j−1+2*S j−2 +S j−3 OR
    S j=3*O j−1+2*O j−2 +O j−3
    S j =Abs(3*S j−1−(S j−2 +S j−3)2)
    S j =Abs(3*O j−1−(O j−2 +O j−3)2)
    S j =S j−1 +S j−2 +S j−3
    S j =O j−1 +O j−2 +O j−3
    S j =S j−1+2
    S j =O j−1+2
    S j=2*S j−2+5
    S j=2*O j−2+5
  • (Note, within this discussion, “*” denotes multiplication; “ABS” denotes absolute value)
  • A fixed set is any sequence of values. Ideally these values should not have any readily discernable relationship or patter, making hacking the message even more difficult. When a fixed set is used, both the encrypting and the decrypting computer ideally have the fixed set within their own memory. Again, the number of sets which can be used are only limited by the creativity of the developer of such sets. Examples of such sets include:
  • Set 1 3, 6, 9, 32, 55, 43, 29, 23, 5, 13, 19, 91, 28, 21, 23, 11, 19, 100, 43, 56, 59, 132, 255, 1143, 2329, 623, 65, 613, 919, 91, 128, 421, 823, 711, 19, 0
  • Set 2 2, 4, 7, 4, 9, 3, 6, 1, 9, 6, 6, 8, 5, 4
  • Note, the length of the fixed set isn't critical to the process as the set can be extended to any required length (to fit the message itself) by simply repeating the fixed set, reversing its order, skipping values when repeating the set, etc. Those of ordinary skill in the art readily recognize a variety of different techniques which allow the fixed set's length to be extended.
  • Also note, the values within the key are not limited to a particular range; although some embodiments do limit the values to a set range for ease in computation.
  • A “key” is possible using historical data. In this method, each new message is used to establish a new “key”. As example, if the message was, “The red dog ran home”, then these values will be used as the key for the second message; and the second message will act as a “key” for the third message; etc.
  • A “key” can also be made using the computer's own identification. Such fixed values include the serial numbers of the computers involved and/or the e-mail identifier for the computers. Those of ordinary skill in the art readily recognize a variety of techniques which serve this function. As example, assume the computer's serial number is: AJX45812, then a potential initial key is (assigning numerical values to the letters)
      • 27 36 40 4 5 5 8 1 2
        with a subsequent set being defined as the value in the first set added to the next occurring value:
      • 63 76 44 9 13 9 29
        This technique can be repeated as many times as is necessary to provide mapping values for the length of the message being received.
  • Even further, some “keys” are created using combinations of the above.
  • For purposes of description, the following are used as the mathematical basis for the preferred embodiment of the invention.
      • N denotes the number of symbols or characters within the communication;
      • Oj denotes the original value for the Jth position in the message, J=1, N;
      • MSG denotes the communication produced by the series Oj, J=1, N;
      • Sj denotes the adjustment value for the Jth position in the message, J=1, N;
      • K The key sequence denoted by the series Sj, J=1, N;
      • Ej denotes the encrypted value for the Jth position in the message, J=1, N; While the preferred embodiment place a range for Ej to fall within the range of Oj, other embodiments do not have this requirement;
      • M(A,B) denotes the mapping function Ej=M(Oj, Sj), J=1, N, where M is the function that maps the original value Oj using an adjustment value Sj to get the encrypted value Ej;
      • M′(A,B) denotes a converse map Oj=M′(Ej, Sj), J=1, N which maps the encrypted valued Ej, using the adjustment value Sj to recreate the original message Oj;
      • Xj denotes the maximum numerical value for Oj; (often this value is fixed for the entire message but in some situations, the maximum value changes during the message);
      • R(A,B) This function returns the whole number remainder value when A is divided by B (this function is used within the preferred embodiment for the mapping operation).
  • Using the above references, the preferred embodiment uses a mapping function as indicated:
    E j =M(O j , S j)=R[O j +R(S j , X j), X j]
  • Those of ordinary skill in the art readily recognize a variety of other relationships which serve as mapping using the above structures. Examples of these types of mapping are:
    E j =M(O j , S j)=R[O j *S j , X j]
    E j =M(O j , S j)=R[O j+2*S 3 , X j]
    E j =M(O j , S j)=R[O j +S j +S j , X j]
  • Further, those of ordinary skill in the art readily recognize alternative mapping functions that are useablc in the context described herein.
  • The invention, to protect a computer from unauthorized programs, has an interface which is configured to load executable programs; these programs are stored in an encrypted form. The interface allows for the withdrawal of and storage of executable programs from a memory mechanism where the executable programs are kept in encrypted form.
  • During operation, the interface component of the computer system accepts an operator. defined key. This key is used for both the encryption and decryption as outlined above. In the preferred embodiment, the key is collected from the operator. This assures the operator that only he is able to load executable programs onto his computer. Without the proper key, the program will not be decrypted properly and will only be “garbage” and not be able to program the computer.
  • Note, this embodiment of the invention allows multiple users the ability to use a single computer/computer system without having to share executable programs. Each user is able to decrypt only their own software and retrieve that software using their individual key. In this manner, a large computer system operator is assured that only those that have authority to use a particular program (due to licensing restrictions, security classification, or privacy issues) is provided access to the program.
  • The encrypted executable program from memory. Using the operator defined key, the interface decrypts the encrypted executable program into a functional executable program and places the functional executable program into the processing unit or its associated working memory.
  • It is this functional executable program which is used by the processing unit to direct its operation.
  • During shutdown of the computer, each executable program is checked to see if it was derived from an encrypted executable program; those that aren't, are verified as being legitimate by the operator prior to their storage into the memory.
  • In one embodiment, to accomplish the verification, a query is presented to the operator asking if the program should be properly stored (i.e. encrypted before being placed in memory). If the operator consents, the program is considered “authorized” and is encrypted and stored; if the operator does not consent, then the program is “trashed”.
  • Note, if a “hacker” were to simply place the unauthorized executable program in memory, little or no damage is done. When the computer starts up again and attempts to withdraw the unauthorized program from memory, during the decrypting process, the unauthorized program is scrambled into “garbage”. Little inducement is given for the backer to attempt to plant a worm, spyware, cookie, or “pop-up” program.
  • A further advantage of the present invention is its ability to check a “key” without having the key accessible to anyone. To accomplish this, the presented key is used to decrypt an encrypted template from the memory into a decrypted template.
  • The now decrypted template is used as a verifying mechanism to see if the key entered by the operator was properly given or might have been mistyped.
  • Verifying the decrypted template may be as simple as asking the operator, “Is your name . . . ” where the decrypted template is used as the name. Other techniques for verifying the template include a simple check to a unencrypted template or a check to see if the unencrypted template matches the operator provided key. Those of ordinary skill in the art readily recognize a variety of other uses employing the decrypted template.
  • This technique for checking the key provides a fail-safe method to assure the operator hasn't mis-typed the key before the key is used in the encryption and decryption process.
  • The invention, together with various embodiments thereof, will be more fully explained by the accompanying drawings and the following descriptions thereof.
    • DRAWINGS IN BRIEF
  • FIG. 1 is a block diagram of the preferred embodiment of the mail server system.
  • FIG. 2 is a block diagram of the audio/video/program download system of the present invention.
  • FIG. 3 is a block diagram illustrating secure communications between multiple users.
  • FIG. 4 is a block diagram of an embodiment of the invention used to provide security for a data base.
  • FIG. 5 is a block diagram showing the use of differing encryption systems between a sender and a receiver.
  • FIG. 6 is a block diagram of the preferred embodiment for the creation of secure usage of a software program.
  • FIG. 7 is a flow-chart illustrating an embodiment of the remainder subroutine used in the preferred encryption technique.
  • FIG. 8 is a flow-chart illustrating the preferred embodiment for the encryption technique.
  • FIG. 9 is a flow-chart illustrating the preferred embodiment of the decryption technique.
  • FIGS. 10A and 10B are flow-charts illustrating an embodiment of the audio/video/program download and play-back respectively.
  • FIGS. 11A and 11B are flow-charts of the preferred embodiment's operation for mail for when a message is to be sent and when a message is received.
  • FIG. 12 is a table illustrating the preferred embodiment's process.
  • FIG. 13 is a block diagram illustrating the invention's protection for executable programs.
  • FIG. 14 is a flowchart illustrating the preferred embodiment for the verification of a proper key.
  • FIGS. 15A, 15B, and 15C illustrate alternatives for the verification of key input.
  • FIG. 16 is a flowchart of the preferred embodiment of the interface used to withdraw encrypted executable programs.
  • FIG. 17 is a flowchart of the preferred embodiment of the interface used to store/encrypt executable programs.
    • DRAWINGS IN DETAIL
  • FIG. 1 is a block diagram of the preferred embodiment of the mail server system embodiment of the invention.
  • Mail server computer 14 is accessible to multiple computers via the Internet 13. For this illustration, three computers are used. Computers 10, 11, and 12, are connected to the Internet 13 and by extension, also to mail server 14.
  • Two different types of operations are possible with this configuration:
      • (1) one computer wants to communicate with another in a secure manner, but, the two have not done so previously; and,
      • (2) two computers wish to securely communicate with each other and have done so previously.
  • Addressing the first scenario, computer 10 is equipped with the encryption software (M) and a set of keys as defined above (in an alternative embodiment, computer 10 is configured to establish the key using one of the techniques above); but, computer 11 does not have the decryption software (M′) nor any keys.
  • The user of computer 10 enters a communication, MSG and a destination address (i.e. the e-mail address for computer 11 (or some other identifier). Computer 14 determines that this destination has not been used before so one of the keys from the set of keys is arbitrarily selected. Using this key and the mapping function, M. The communication MSG is encrypted.
  • The now-encrypted communication, an identifier of the key used, and the destination address, are communicated to the mail server computer 14 by computer 10 via Internet 13.
  • Mail server computer 14 recognizes that computer 10 has not previously communicated securely with computer 11. Using the destination information, computer 14 sends an unencrypted message to computer 11 and provides computer 11 with the capability to download the decryption function/software M′ together with a single key which is to be used to decrypt the encrypted communication.
  • In this manner, computer 11 is provided with the capability to receive secure communications from computer 10; but, computer 11 is not able to send secure communications back to computer 10 (nor to any other computers) without acquiring the encryption mapping capability M together with the entire set of keys.
  • In the second scenario, the case where two computers have already established a relationship, computer 10 is equipped with the encryption software (M) and computer 12 has the decryption software (M′) together with a set of keys.
  • The user of computer 10 enters a communication, MSG and a destination address (i.e. the e-mail address for computer 12 or other identifier). Using the destination address (an identification of computer 12), computer 10 identifies a specific key within the set of keys and uses the specific key with the mapping function M on the communication MSG to create the encrypted message.
  • The encrypted message is communicated from computer 10 via the Internet 13 to mail server computer 14. Mail server computer 14, knowing the source of the now-encrypted communication, as well as the destination address (computer 12), determines that these two computers have been in previous secure communications; hence, mail server computer 14 passes the communication along to computer 12.
  • In an alternative embodiment, mail server computer 14 decrypts the message from computer 10 and re-encrypts the message specifically for computer 12. This embodiment provides another level of security.
  • In yet another embodiment, mail server computer 14 either directly or instructs computer 10 to modify its memory so that the next time a secure communication is sent from computer 10 to computer 12, a different key is used. This modification provides additional security relative to the communications.
  • Upon receipt of the encrypted message, computer 12, using the source identifier of computer 10, identifies the proper key from its memory which is to be used in the decryption process. This identified key, together with the decryption mapping function M′, allows computer 12 to recreate the original message and display (or place in memory) the original message for the user of computer 12.
  • Computer 12 is also able to send a secure communication to computer 10 in a manner as outlined above for a communication between computer 10 and computer 12.
  • Note, ideally, the entire encryption/decryption process is “transparent” to the users of computer 11 and computer 12. That is, the users only “see” decrypted material and all encryption and decryption is done automatically.
  • FIG. 2 is a block diagram of the audio/video/program download system of the present invention.
  • In this situation, the security which is sought isn't against a third party interloper, but, instead is from the user of computer 22 who, while authorized to obtain the data, may want to download data and then improperly share the downloaded data with others who have not paid or who are not authorized to have the downloaded data.
  • Download server 21 interacts with remote computers via Internet 20. Download server 21 contains digital data which is used to create music, audio, and/or video representations.
  • When computer 22 wants to acquire such data, contact is made by computer 22 which requests a specific set of data from download server 21. During the request, computer 22 communicates a key specific to computer 22 which is to be used for the encryption and decryption of the data set. This key is ideally an internally stored value or sequence.
  • Using the key for computer 22 and the data, download server 21 encrypts the data and communicates the encrypted data via Internet 20 to computer 22 which stores the encrypted data in memory. While in some embodiments, the data is decrypted prior to storage, in the preferred embodiment of this system, the encrypted data set is stored in memory and is not decrypted until ready for use.
  • During use of the encrypted data set by computer 22, portions of the encrypted data set are withdrawn from the memory and are decrypted. This decryption step is accomplished using the internally established key within computer 22; thereby making decryption by any other machine impossible since decryption requires the unique key uniquely found within computer 22.
  • To further enhance the security of the downloaded material, ideally, only a portion of the encrypted data set is ever withdrawn and decrypted; without the data ever being fully decrypted, the data is not valuable or usable by any other device except computer 22.
  • In like fashion, handheld computer 22 is able to interact with download server 21 via Internet 20 and obtain data which, when used by handheld computer 22 produces music, audio information, or movies.
  • FIG. 3 is a block diagram illustrating the secure communications between multiple users.
  • In this embodiment, a mail server is not employed, rather, traditional e-mail communications systems are used for the delivery of the messages. Each computer (31, 32, and 33) is able to send messages which have a destination as well as a message (with or without attachments).
  • In this embodiment, when a user of computer 31 wants to send a secure transmission to a remote computer 33. Computer 31, by knowing the destination, is able to use the appropriate key to encrypt the message and any attachments for computer 33. On receiving the message, since computer 33 knows the source of the message, computer 33 knows the proper key to use in decrypting the message.
  • When the user of computer 31 wants to send a secure message to computer 32, a different key is chosen. Computer 31 is creating a series of communications with any number of remote computers, but, each remote computer receives the message in its own unique “language” which is not discernable by the other remote computers. In this manner, unique communications are available. Note, in some situations, a particular key is used with many different computers; but, the selection of the key is still based on the destination computer.
  • Should computer 33 receives a message purportedly from computer 31, when the message is decrypted, if the resulting message is gibberish, then computer 33 knows that the message did not originate from computer 31 (since the “language” did not match); conversely, if the message makes sense, then the user of computer 33 is assured of the true source of the message.
  • This technique prevents hackers from assuming a false identity merely to gain access to a computer.
  • To further enhance this security shield, in one embodiment, a portion of the message being communicated contains an encrypted key which is to be used for the next transmission or reply. This makes it even more difficult for the hacker to counterfeit his identity from the receiving computer. As example, the tenth characters is used as a source in the generation of random numbers by a canned random number generator.
  • FIG. 4 is a block diagram of an embodiment of the invention used to provide security for a data base. This embodiment of the invention provides security for a data base which is accessed by many remote sites. Data-base access operations are commonly found in such businesses as: credit card companies; state motor vehicle departments; internal revenue; banking facilities; and many more obvious to those of ordinary skill in the art.
  • This embodiment prevents an authorized user of the data base from improperly collecting data from the data base for nefarious uses.
  • In this embodiment, data base 45 contains a large amount of proprietary information which is accessible by remote computers 41, 42, and 43. The material within data base 45 is encrypted and remains-encrypted using any of the techniques already discussed or others obvious to those ordinary skill in the art.
  • When the operator of computer 41 seeks a certain data set, such as that for a particular customer, the inquiry is sent to controller decryption/encryption 44 which identifies the particular data set within data base 45 (which is encrypted) and requests that encrypted information to be sent by data-base 45 to controller/decryption/encryption 44.
  • Controller decryption/encryption 44, in the preferred embodiment, decrypts the data set from its stored encrypted state and then re-encrypts the data set using a key which is specific to computer 41. When the secondly encrypted data set is received by computer 41, computer 41 decrypts the data set for use by the user of computer 41.
  • The user of computer 41 is able to manipulate the data set as per their job (such as changing certain elements to reflect such things as an increased loan amount). To store the up-dated data set, computer 41 encrypts the up-dated data set and communicates the encrypted material back to controller 44.
  • Controller 44, upon receiving the encrypted data set, recognizes the source of the material and, using the key appropriate for computer 41, decrypts the data set and then re-encrypts the data set commensurate with the encryption technique and key used for data storage within data base 45.
  • In this manner, the user of computer 41 is only able to acquire a limited amount of data, as the contents of the data base are kept encrypted using a key which is unknown to the user of computer 41.
  • FIG. 5 is a block diagram showing the use of differing encryption systems between a sender and a receiver.
  • As noted earlier, communication between two computers requires that each of the computers is able to identify the source of the information and the address where information is to be sent. This is true whether the transmission is considered an e-mail or an instant message.
  • As such, computer 51 and computer 52, when communicating with each other via Internet 50, identity themselves and each other with each of the messages being sent. While some embodiments of the invention utilize the same key for the encryption for the outgoing messages (which is also used for the decryption process), in the preferred embodiment each of the computers 51 and 52 use a unique key for the reply message. This causes message 53A to be encrypted differently than message 53B, even though the same two computers are being used for both messages.
  • This structure keeps someone from being able to re-create the entire “conversation” between computers 5I and 52 without knowing both encryption keys.
  • This technique is also extremely useful for identifying if the source of the message is who they claim to be, as a hacker will be unable to properly encrypt a message; hence, when the improperly encrypted message is decrypted, “garbage” is created.
  • FIG. 6 is a block diagram of the preferred embodiment for the creation of secure usage of a software program to prevent the pirating of software.
  • For explanation of this figure, a software program (such as a spread sheet program) has been stored in the long term memory 63 of the computer. The program within long term memory 63 is encrypted using an identifier (such as the serial number) of the computer as the key for the encryption.
  • When the program is to be operated, Central Processing Unit (CPU) 60 directs a portion of the program 64A to be withdrawn and decrypted 61. The decrypted portion is communicated to the volatile or working memory (e.g. Random Access Memory RAM, or the like) 62 which is used by CPU 60 in performing the program segment.
  • When further portions of the program within long term memory 63 are needed, these sections are selectively pulled 64B and 64C, decrypted 61, and used to refresh or replace the contents of RAM 62.
  • At no time is the entirety of the program within long term memory 63 fully decrypted; rather, only portions of the program are accessible in a decrypted form and hence only a portion of the program is ever available to be “pirated”.
  • FIG. 7 is a flow-chart illustrating an embodiment of the remainder subroutine used in the preferred encryption technique.
  • This encryption technique uses a remainder operation in the mapping operations, whether that operation is for encryption or decryption. In this embodiment, the remainder subroutine (R(A,B)) receives the values A and B and returns C, the whole number remainder when A is divided by B.
  • After the subroutine begins 70A, a pointer is set to zero 71A and the values A and B are obtained 72. A decision is then made if A<B 73A and if so, C is assigned the value A 71B and the subroutine returns C 70B.
  • If the check of A<B 73A is no, then the pointer is incremented 71C and a determination is made on if the product of P*A>B is made 73B. If the determination is no, then the pointer is incremented again 71C and the process continues until P*A>B (Yes 73B); C is assigned the value of B−(P−I)*A 71D and the program returns the value C 70B.
  • In this manner, the remainder value is established.
  • FIG. 8 is a flow-chart illustrating the preferred embodiment for the encryption technique. The mapping function for this encryption is (using the references of above):
    E j =R[O j +R(S j , X j), X j ] J=1, N
  • Once the program starts 80A, a determination is made to see if the End of File (EOF) 85 has occurred. An EOF indicates that the entire message has been read. If there has been an EOF, then the program stops 80B; otherwise, the adjustment value from the key (Sj), the maximum number of potential characters (Xj) and the original symbol (Oj) arc obtained 81.
  • The remainder is obtained (R[Oj, Xj]) 82A and the value C is returned. The remainder is obtained for (R[Oj+C, Xj]) 82B and C is returned. The encrypted value Ej is assigned the value C and the Ej is then displayed. communicated, or stored 84. The program then returns to check for the EOF 85.
  • In this manner, the entire message is encrypted, symbol by symbol using a key for the mapping/encryption process.
  • FIG. 9 is a flow-chart illustrating the preferred embodiment of the decryption technique.
  • As noted earlier, ideally the decryption process is performed automatically without any human initiation. In the preferred embodiment of the encryption, the program outlined in FIG. 9 is initiated automatically upon the receipt or opening of an e-mail, instant message, or any other type of message.
  • Once the program starts 90A, a determination is made on if an End Of File (EOF) has occurred 91A. An EOF indicates that the entire message has been decrypted; hence, on EOF, the program stops 90B.
  • If there hasn't been an EOF, then the encrypted letter Ej is obtained 92A followed by the adjustment value Sj and the maximum level X j 92B. The remainder subroutine is initiated on Sj and X j 93 returning the value C.
  • A comparison is then made to determine if C is less than the encrypted letter Ej 91B. If C<Ej, then the original letter Oj, is Ej−C 94A; otherwise, the original letter Oj is Ej+C−X j 94B.
  • With the determination of the original letter Oj, the original letter Oj is displayed (or stored) 95 and the program returns to see if an EOF has now occurred 91A.
  • In this manner, the entire encrypted message is decrypted letter by letter using the adjustment values as the key and the maximum value to assist in the mapping procedure.
  • FIGS. 10A and 10B are flow-charts illustrating an embodiment of the audio/video/program download and play-back respectively.
  • Referencing FIG. 10A, the download component, once the program starts 100A, the computer's identification (i.e. the serial number) is transmitted to the source 101 (where the data is being downloaded from). The source then transmits the encrypted series E j 102A which is then stored within the computer's memory 103A. The program then stops 100B.
  • When the encrypted series Ej is to be played (FIG. 10B), the program starts 100C and an particular value Ej is pulled from memory 102B and this value is decrypted resulting in the decrypted value, the original character/value Oj 104. The original character/value Oj is played 103B.
  • An EOF check 105 is made. If the EOF has been encountered, then the program stops 100D; otherwise the program loops back and pulls another encrypted value 102B.
  • FIGS. 11A and 11B are flow-charts of the preferred embodiment's operation for mail for when a message is to be sent and when a message is received.
  • A computer, when sending a message (FIG. 11A) starts the program 110A and obtains the destination and message 111A. Using the destination, a key value is determined 112A and the message is encrypted 113A. The encrypted message is then transmitted through normal channels or via a mail server to the destination 112B and the program stops 110B.
  • An incoming encrypted message is preferably handled as shown in FIG. 11B. The program starts 110C and the source of the message and the encrypted message is obtained 111B. Using the source information, the associated key for decryption is identified 112C and the encrypted message is decrypted 113B. The now-decrypted message is displayed for the user 114 and the program stops 110D.
  • FIG. 12 is a table illustrating the preferred encryption and decryption process.
  • Using the preferred mapping function (Ej=M(Oj, Sj)=R[Oj+R(Sj, Xj), Xj]), FIG. 12 illustrates how the message: “the red dog ran home” 120 is first encrypted and then decrypted.
  • For this example, the numerical values range from 0=blank space, 1=“a”, 2=“b” . . . 25=“y”, and Xj is a constant value 26.
  • In this example, the key Sj, 121 which is used is defined by the series:
      • 4 20 6 21 22 39 27 48 4 14 32 7 81 0 17 17 14 42 8 4
  • As illustrated, the receiving computer (doing the decryption) uses a reversing algorithm together with the key set Sj, which were also used in the encryption operation.
  • The power of this particular encryption technique is clear when the original message is compared to the encrypted message which is communicated over the distributed network of computers.
      • Original Message: the red dog ran home 121
      • Transmitted Message: xbkunrevhcmguaeqveui 122
        thereby providing encryption which is unique between the two parties and making the transmission difficult if not impossible to decrypt.
  • FIG. 13 is a block diagram illustrating the invention's protection for executable programs.
  • Processing unit 130 receives its operating programs, such as executable programs, from the interface 131 which serves to decrypt the operating programs held in memory 132. The operating programs are placed within operating memory 133 by the processing unit and are withdrawn as needed.
  • In like fashion, when processing unit 130 shuts down, a check is made of the programs it has and a match is made to the memory unit, any programs not in memory are communicated to operator 136 via monitor 134 and operator 136 responds if these programs should be kept or “trashed”. Operator 136 responds via keyboard 135 or some other type of input device such as a mouse or voice recognition microphone.
  • In this way, only the programs that the operator wants to keep are encrypted for later use while the improper or hacked programs are discarded.
  • In this diagram, memory 132, interface 131, processing unit 130 and operating memory 133 are shown as distinct boxes, but, in alternative embodiments, these functional operations are contained within a single housing.
  • FIG. 14 is a flowchart illustrating the preferred embodiment for the verification of a proper key.
  • Once this program or subroutine starts 140A, the proposed key is obtained from the operator. Using the proposed key, the encrypted template is decrypted 142. The proposed key is then verified 143. If the proposed key is verified (Yes), then the program/subroutine stops 140B; otherwise (the proposed key is not verified, a NO), the operator is informed that the proposed key is not the valid key 144 and another proposed key is obtained 141.
  • In this manner, should the operator enter an improper key, a simple check reveals it as improper prior to any encryption being done. Also, since the proposed key is used to decrypt a template for comparison, and since this template is encrypted, a hacker is unable to obtain access to the key by getting into the unencrypted material within the computer; hence, a further level of security is added by this technique.
  • FIGS. 15A, 15B, and 15C illustrate alternatives for the verification of key input as first discussed relative to FIG. 14.
  • Referencing FIG. 15A, verification of the proposed key is accomplished in this embodiment by first displaying the decrypted template to the operator 150 and obtaining an authorization indicia from the operator 151.
  • As example, the template may be as simple as the operator's name. Once the operator's name is decrypted, it is shown to the operator who responds with a “YES” or a “NO” depending on if the display shows his name correctly.
  • This embodiment then branches 152A based upon the authorization response (element 143 of FIG. 14).
  • FIG. 15B shows another technique for verification in which the proposed key is used to decrypt the template which is also the proper key.
  • As example, assume the proper key is: “September 7, 1952”; the proper key has previously been encrypted using itself for the encrypting process and the encrypted key is placed in the memory.
  • Later, when an operator enters a proposed key, the proposed key is used to decrypt the encrypted proper key. Should the proposed key not be correct, then the decryption will not be preformed properly and the decrypted proper key will not match the proposed key.
  • This type of sorting is done through a simple logical function which compares the template (the proper key) with the proposed key; if they are identical then encryption can proceed; if not, then, as outlined in FIG. 14 (element 143), the operator is informed and another proposed key is obtained.
  • FIG. 15C illustrates yet another technique for ascertaining that the proposed key is proper prior to any encryption operation.
  • In this embodiment, the operator is queried as the substance of a comparison template 153. This comparison template is used to compare with the decrypted template 154 for a verification operation.
  • One operation for this embodiment would be where the operator provides not only a proposed key, but also the template. In this case, the operator would provide a proposed key, Such as “my name is” and a comparison template, “Mark Ogram”. The program uses the proposed key “my name is” to decrypt the template within memory and if the decrypted template doesn't match “Mark Ogram”, then the proposed key isn't correct.
  • In all of these embodiments, a level of security is provided that prevents any encryption of programs or data using an improper key.
  • FIG. 16 is a flowchart of the preferred embodiment of the interface used to withdraw encrypted executable programs.
  • Once the program/subroutine starts 160A the identified program is withdrawn from memory in its encrypted form 161A. The encrypted form is decrypted 161B as outlined above and is sent to the processing unit 161C (which stores the decrypted program in the operating memory). The program then stops 160B.
  • FIG. 17 is a flowchart of the preferred embodiment of the interface used to store/encrypt executable programs.
  • At the start of the program/ subroutine 170A, the executable program within the operating memory is identified 171A. A comparison is then made to determine if that executable program has a counterpart within the encrypted programs 172A.
  • If there is a corresponding encrypted program (YES) then the executable program is removed from the operating memory 171E and a determination is made on if there are any more executable programs within the operating memory to consider 172D. If there are no more executable programs to consider the program stops 170B; otherwise, the next executable program within the operating memory is withdrawn 171 A for consideration.
  • Should there be no comparable encrypted program (172A, “NO”), then a determination is made on if encryption key is needed 172B. If the encryption key has not been previously provided (YES) then the key is obtained from the operator 173 and the key is verified 171B as outlined above.
  • Once the key has been obtained, a determination is made on if the program should be stored 172C. This decision is accomplished typically by presenting the program to the operator to accept/reject; in other embodiments, only selected programs can be added and these programs are defined within the computer files.
  • If the decision is not to store the executable (“NO”) 172C, then the executable is removed and the program continues. If the decision is to store the executable program (“YES”) 172C, then the program is encrypted 171C using the key previously obtained and the encrypted program is stored 171D in memory and the executable program is removed 171E as outlined above.
  • In this manner, any and all of the executable programs are scanned and only the proper ones are stored in encrypted form.
  • Note, during an uncontrolled shut down of the computer (such as power outage), only the previously encrypted programs are kept.
  • Using the technique above, the present invention provides for a highly secure structure for preventing unauthorized executable programs from being stored within a computer.

Claims (18)

1. A computer system comprising:
a) a memory;
b) a processing unit being configurable by executable commands; and,
c) an interface configured to,
1) withdraw an encrypted executable program from said memory,
2) decrypt said encrypted executable program into a functional executable program, and,
3) communicate said functional executable program to said processing unit.
2. The computer system according to claim 1, wherein said interface is further configured to:
a) identify an executable program within said processing unit which does not have a encrypted counterpart within said memory;
b) query an operator of said computer system if said executable program is to be saved and receive an authorization response from said operator; and,
c) based upon said authorization response, selectively,
1) encrypt said executable program into an encrypted executable program, and,
2) store said encrypted executable program within said memory.
3. The computer system according to claim 2, wherein, said interface is further configured to remove said executable program from the memory and the processing unit.
4. The computer system according to claim 2,
a) wherein said interface is further configured to accept a key from said operator; and,
b) wherein said key is used when said interface operates to encrypt said executable program into an encrypted executable program.
5. The computer system according to claim 4, wherein said interface is further configured to verily said key as being, accurate.
6. The computer system according to claim 5, wherein, during operation of said interface to verify said key as being accurate, said interface is further configured to:
a) using said key, decrypt an encrypted template from the memory into a decrypted template; and,
b) verify the decrypted template as being accurate.
7. The computer system according to claim 6, wherein, during operation of said interface to verify the decrypted template as being accurate, said interface is configured to:
a) present the decrypted template to the operator of said computer;
b) receive an acceptance response from the operator of said computer; and,
c) based upon said acceptance response, permit said interface to encrypt said executable program into an encrypted executable program.
8. The computer system according to claim 6, wherein, during operation of said interface to verify the decrypted template as being accurate, said interface is configured to:
a) compare said decrypted template to said key and generate a comparison indicia therefrom; and,
b) based upon said comparison indicia, permit said interface to encrypt said executable program into an encrypted executable program.
9. The computer system according to claim 6, wherein, during operation of said interface to verify the decrypted template as being accurate, said interface is configured to:
a) compare said decrypted template to a predefined template and generate an comparison indicia therefrom; and,
b) based upon said comparison indicia, permit said interface to encrypt said executable program into an encrypted executable program.
10. A loading system configured to:
a) decrypt an encrypted executable program into a functional executable program; and,
b) communicate said functional executable program to a processing unit.
11. The loading system according to claim 10, further configured to:
a) identify an executable program within said processing unit which does not have a encrypted counterpart;
b) query an operator if said executable program is to be saved;
c) receive an authorization response from said operator; and,
d) based upon said authorization response, encrypt said executable program into an encrypted executable program.
12. The loading system according to claim 11, further configured to store said encrypted executable program within a memory.
13. The computer system according to claim 11, wherein an operator defined key is used when said interface operates to encrypt said executable program into an encrypted executable program.
14. The computer system according to claim 13, wherein said interface is further configured to:
a) using said operator defined key, decrypt an encrypted template into a decrypted template; and,
b) verify the decrypted template as being accurate.
15. A computer system comprising:
a) a memory;
b) a processing unit being configurable by executable commands; and,
c) a loading interface configured to,
1) accept an operator defined key,
2) withdraw an encrypted executable program from said memory,
2) using said operator defined key, decrypt said encrypted executable program into a functional executable program, and,
3) communicate said functional executable program to said processing unit; and,
d) wherein said processing unit operates said functional executable program.
16. The computer system according to claim 15, wherein said loading interface is further configured to:
a) identify an executable program within said processing unit which does not have a encrypted counterpart within said memory;
b) query an operator of said computer system if said executable program is to be saved and receive an authorization response from said operator; and,
c) based upon said authorization response, selectively,
1) using said operator defined key, encrypt said executable program into a second encrypted executable program, and,
2) store the second encrypted executable program in said memory.
17. The computer system according to claim 16, wherein, said interface is further configured to, based on said authorization response, remove said executable program from the memory and the processing unit.
18. The computer system according to claim 16, wherein said downloading interface is further configured:
a) Using said key, decrypt an encrypted template from memory into a decrypted template;
b) present the decrypted template to the operator of said computer;
c) receive an acceptance response from the operator of said computer; and,
d) based upon said acceptance response, permit said interface to encrypt said executable
program into an encrypted executable program to verify said key as being accurate.
US11/223,175 2005-06-28 2005-09-08 Executable software security system Abandoned US20060294395A1 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US11/223,175 US20060294395A1 (en) 2005-06-28 2005-09-08 Executable software security system
US12/583,250 US8176313B2 (en) 2005-06-28 2009-08-17 Executable software security system
US12/800,476 US20100293390A1 (en) 2005-06-28 2010-05-14 Secure movie download
US12/932,255 US20110197076A1 (en) 2005-06-28 2011-02-22 Total computer security
US13/066,210 US20110288976A1 (en) 2005-06-28 2011-04-09 Total computer security
US13/066,638 US20110314276A1 (en) 2005-06-28 2011-04-20 Communication verification system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/170,229 US7792289B2 (en) 2005-06-28 2005-06-28 Encrypted communications
US11/223,175 US20060294395A1 (en) 2005-06-28 2005-09-08 Executable software security system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US11/170,229 Continuation-In-Part US7792289B2 (en) 2005-06-28 2005-06-28 Encrypted communications

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12/583,250 Continuation US8176313B2 (en) 2005-06-28 2009-08-17 Executable software security system

Publications (1)

Publication Number Publication Date
US20060294395A1 true US20060294395A1 (en) 2006-12-28

Family

ID=46322601

Family Applications (2)

Application Number Title Priority Date Filing Date
US11/223,175 Abandoned US20060294395A1 (en) 2005-06-28 2005-09-08 Executable software security system
US12/583,250 Expired - Fee Related US8176313B2 (en) 2005-06-28 2009-08-17 Executable software security system

Family Applications After (1)

Application Number Title Priority Date Filing Date
US12/583,250 Expired - Fee Related US8176313B2 (en) 2005-06-28 2009-08-17 Executable software security system

Country Status (1)

Country Link
US (2) US20060294395A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8181028B1 (en) * 2008-06-17 2012-05-15 Symantec Corporation Method for secure system shutdown
WO2012160389A1 (en) * 2011-05-25 2012-11-29 Cassidian Limited A secure computer network

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102414251B1 (en) * 2015-10-13 2022-06-29 삼성전자주식회사 Cooking apparatus and control method thereof
US9495627B1 (en) * 2015-12-15 2016-11-15 International Business Machines Corporation Magnetic tunnel junction based chip identification
US10346608B2 (en) 2017-12-12 2019-07-09 John Almeida Virus immune computer system and method
US10642970B2 (en) 2017-12-12 2020-05-05 John Almeida Virus immune computer system and method
US10614254B2 (en) 2017-12-12 2020-04-07 John Almeida Virus immune computer system and method
US10892895B2 (en) * 2018-09-10 2021-01-12 Atense, Inc. Storing and using multipurpose secret data
US10614232B2 (en) 2018-09-10 2020-04-07 John Almeida Storing and using multipurpose secret data

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6085323A (en) * 1996-04-15 2000-07-04 Kabushiki Kaisha Toshiba Information processing system having function of securely protecting confidential information
US20050102173A1 (en) * 2003-07-18 2005-05-12 Barker Lauren N. Method and system for managing regulatory information
US7028192B2 (en) * 1999-11-26 2006-04-11 Hewlett-Packard Development Company, L.P. Method and apparatus that enable a computer user to verify whether they have correctly input their password into a computer

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4847902A (en) * 1984-02-10 1989-07-11 Prime Computer, Inc. Digital computer system for executing encrypted programs
CA1238427A (en) * 1984-12-18 1988-06-21 Jonathan Oseas Code protection using cryptography
US5265159A (en) * 1992-06-23 1993-11-23 Hughes Aircraft Company Secure file erasure
US6272631B1 (en) * 1997-06-30 2001-08-07 Microsoft Corporation Protected storage of core data secrets
JP2001014871A (en) * 1999-06-29 2001-01-19 Toshiba Corp Non-volatile semiconductor storage
US6941284B2 (en) * 2000-11-30 2005-09-06 Pitney Bowes Inc. Method for dynamically using cryptographic keys in a postage meter
US7266699B2 (en) * 2001-08-30 2007-09-04 Application Security, Inc. Cryptographic infrastructure for encrypting a database
JP4349788B2 (en) * 2002-10-31 2009-10-21 パナソニック株式会社 Semiconductor integrated circuit device
KR100585095B1 (en) * 2003-06-26 2006-05-30 삼성전자주식회사 Method and apparatus for protecting data in data transmission system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6085323A (en) * 1996-04-15 2000-07-04 Kabushiki Kaisha Toshiba Information processing system having function of securely protecting confidential information
US7028192B2 (en) * 1999-11-26 2006-04-11 Hewlett-Packard Development Company, L.P. Method and apparatus that enable a computer user to verify whether they have correctly input their password into a computer
US20050102173A1 (en) * 2003-07-18 2005-05-12 Barker Lauren N. Method and system for managing regulatory information

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8181028B1 (en) * 2008-06-17 2012-05-15 Symantec Corporation Method for secure system shutdown
WO2012160389A1 (en) * 2011-05-25 2012-11-29 Cassidian Limited A secure computer network

Also Published As

Publication number Publication date
US8176313B2 (en) 2012-05-08
US20100017623A1 (en) 2010-01-21

Similar Documents

Publication Publication Date Title
US8176313B2 (en) Executable software security system
US7111172B1 (en) System and methods for maintaining and distributing personal security devices
US7421079B2 (en) Method and apparatus for secure key replacement
US5548721A (en) Method of conducting secure operations on an uncontrolled network
US7860243B2 (en) Public key encryption for groups
EP1175036B1 (en) Method and system for generation and management of secret key of public key cryptosystem
US8369521B2 (en) Smart card based encryption key and password generation and management
US20060095769A1 (en) System and method for initializing operation for an information security operation
JP2000357156A (en) System and method for authentication sheet distribution
US7234060B1 (en) Generation and use of digital signatures
WO1998036520A1 (en) Cryptographic key split combiner
CN110188545B (en) Data encryption method and device based on chained database
US20080025497A1 (en) Multiple key encryption with &#34;Red Herrings&#34;
US7694132B2 (en) Secure intermediary communications system
JP2007020065A (en) Decryption backup method, decryption restoration method, attestation device, individual key setting machine, user terminal, backup equipment, encryption backup program, decryption restoration program
CN111770081A (en) Role authentication-based big data confidential file access method
US10402573B1 (en) Breach resistant data storage system and method
US20100293390A1 (en) Secure movie download
CN110830252B (en) Data encryption method, device, equipment and storage medium
US20110288976A1 (en) Total computer security
CN113239405A (en) Electronic archive information management system based on block chain
US20110314276A1 (en) Communication verification system
US20110197076A1 (en) Total computer security
CN108985079A (en) Data verification method and verifying system
CN112448818B (en) Storage medium, communication method, communication device, and communication system

Legal Events

Date Code Title Description
AS Assignment

Owner name: BABEL SECURE LLC, ARIZONA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:OGRAM, MARK;REEL/FRAME:020768/0059

Effective date: 20080327

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION