论文信息 - Software License Management with Smart Cards

Software License Management with Smart Cards

This paper describes public-key protocols for binding software licenses to tamper-resistant smart cards, for transferring licenses between cards, and for purchasing them on-line. The protocols support software distribution both through retail stores and over the Internet. The user can transfer licenses from several cards onto a single card to avoid juggling between several cards in the reader. The protocols are based on signed delegation certificates that are mostly stored outside the smart card. A smart card reader and cards capable of public-key signatures are the only new hardware needed. The protocols are easy for the user and simple to implement and analyze. We prove the security of the transfer protocol.

Dieter Gollmann | Tuomas Aura | D. Gollmann | T. Aura

[1] Nasir D. Memon,et al. Protecting digital media content , 1998, CACM.

[2] David Paul Maher. Fault Induction Attacks, Tamper Resistance, and Hostile Reverse Engineering in Perspective , 1997, Financial Cryptography.

[3] Tuomas Aura,et al. Distributed Access-Rights Managements with Delegations Certificates , 2001, Secure Internet Programming.

[4] Henning Pagnia,et al. Towards Multiple-Payment Schemes for Digital Money , 1997, Financial Cryptography.

[5] Stefan A. Brands,et al. Untraceable Off-line Cash in Wallet with Observers , 2002 .

[6] Stefan BrandsCWI,et al. Untraceable Oo-line Cash in Wallets with Observers , 1993 .

[7] Butler W. Lampson,et al. Simple Public Key Certificate , 1998 .

[8] Markus G. Kuhn,et al. Tamper resistance: a cautionary note , 1996 .

[9] John Phipps. Physical protection devices , 1989 .

[10] Gustavus J. Simmons,et al. A Software Protection Scheme , 1982, 1982 IEEE Symposium on Security and Privacy.

[11] Jessica Staddon,et al. PKCS #1: RSA Cryptography Specifications Version 2.0 , 1998, RFC.

[12] David Chaum,et al. Transferred Cash Grows in Size , 1992, EUROCRYPT.

[13] Amir Herzberg,et al. Public protection of software , 1985, TOCS.

[14] Steve R. White,et al. ABYSS: ATrusted Architecture for Software Protection , 1987, 1987 IEEE Symposium on Security and Privacy.