Abstract: A method for protecting an item of software, wherein at least one challenge is associated with the protected item of software, and at least one response accesses one private keying material. The challenge has no access to the private keying material. The challenge and the response are generating shared secret information, respectively, in accordance with an asymmetric confidentiality scheme. The response proves that it discovered the shared secret and the challenge validates the proof. The challenge proof validation procedure uses the public keying material that corresponds to the response private keying material.