Controlled secure code authentication
First Claim
1. A system comprising:
- a client device storing an entire image of a code; and
an authentication device physically arranged adjacent to the client device and coupled to the client device through a local connection, the authentication device configured to;
select a plurality of memory address ranges of an authorized code;
determine a respective portion of the authorized code for each of the plurality memory address ranges;
calculate a respective property of each of the respective portions;
send a request to the client device, the request including a challenge for a property of a particular portion from among a plurality of portions of the code stored within the client device, the challenge comprising data indicating a particular memory address range corresponding to the particular portion of the code;
receive a response to the request from the client device, the response including information associated with the property of the code, the information being generated by the client device based on a portion of the code stored within the client device and comprising the property of the portion of the code;
verify correctness of the response based on the received information; and
based on verifying correctness of the response, determine that the entire image of the code stored within the client device is authorized,wherein the verifying correctness of the response comprises determining that the property of the portion of the code in the response matches the property of the particular portion of the authorized code that is obtained based on stored information of the particular portion of the authorized code in a secure storage associated with the authentication device, the stored information of the particular portion of the authorized code comprising the calculated property of the particular portion of the authorized code corresponding to the particular memory address range of the plurality of memory address ranges of the authorized code.
15 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods, circuits and computer-readable mediums for controlled secure code authentication are provided. In one aspect, a non-transitory computer-readable storage medium having instructions stored thereon which, when executed by one or more processors, cause the one or more processors to perform a method including: sending a request to a client device, the request including a challenge for a property of a particular portion from among a plurality of portions of code stored within the client device, the challenge including data indicating a particular memory address range corresponding to the particular portion of the code, receiving a response to the request from the client device, the response including information associated with the property of the code, verifying correctness of the response based on the received information, and based on verifying correctness of the response, determining that the code is an authorized code.
-
Citations
26 Claims
-
1. A system comprising:
-
a client device storing an entire image of a code; and an authentication device physically arranged adjacent to the client device and coupled to the client device through a local connection, the authentication device configured to; select a plurality of memory address ranges of an authorized code; determine a respective portion of the authorized code for each of the plurality memory address ranges; calculate a respective property of each of the respective portions; send a request to the client device, the request including a challenge for a property of a particular portion from among a plurality of portions of the code stored within the client device, the challenge comprising data indicating a particular memory address range corresponding to the particular portion of the code; receive a response to the request from the client device, the response including information associated with the property of the code, the information being generated by the client device based on a portion of the code stored within the client device and comprising the property of the portion of the code; verify correctness of the response based on the received information; and based on verifying correctness of the response, determine that the entire image of the code stored within the client device is authorized, wherein the verifying correctness of the response comprises determining that the property of the portion of the code in the response matches the property of the particular portion of the authorized code that is obtained based on stored information of the particular portion of the authorized code in a secure storage associated with the authentication device, the stored information of the particular portion of the authorized code comprising the calculated property of the particular portion of the authorized code corresponding to the particular memory address range of the plurality of memory address ranges of the authorized code. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer-readable storage medium having instructions stored thereon which, when executed by one or more processors, cause the one or more processors to perform a method comprising:
-
selecting, by an authentication device, a plurality of memory address ranges of an authorized code; determining, by the authentication device, a respective portion of the authorized code for each of the plurality memory address ranges; calculating, by the authentication device, a respective property of each of the respective portions; sending, from the authentication device, a request to a client device coupled to the authentication device, the request including a challenge for a property of a particular portion from among a plurality of portions of an entire image of a code stored within the client device, the challenge comprising data indicating a particular memory address range corresponding to the particular portion of the code, the authentication device being physically arranged adjacent to the client device and coupled to the client device through a local connection; receiving, at the authentication device, a response to the request from the client device, the response including information associated with the property of a portion of the code stored within the client device; verifying correctness of the response based on the received information; and based on verifying correctness of the response, determining that the entire image of the code stored within the client device is authorized, wherein the verifying correctness of the response comprises determining that the property of the portion of the code in the response matches the property of the particular portion of the authorized code that is obtained based on stored information of the particular portion of the authorized code in a secure storage associated with the authentication device, the stored information of the particular portion of the authorized code comprising the calculated property of the particular portion of the authorized code corresponding to the particular memory address range of the plurality of memory address ranges of the authorized code. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method comprising:
-
selecting, by an authentication device, a plurality of memory address ranges of an authorized code; determining, by the authentication device, a respective portion of the authorized code for each of the plurality memory address ranges; calculating, by the authentication device, a respective property of each of the respective portions; sending, by the authentication device, a request to a client device coupled to the authentication device, the request including a challenge for a property of a particular portion from among a plurality of portions of an entire image of a code stored within the client device, the challenge comprising data indicating a particular memory address range corresponding to the particular portion of the code, the authentication device being physically arranged adjacent to the client device and coupled to the client device through a local connection; receiving, by the authentication device, a response to the request from the client device, the response including information associated with the property of a portion of the code stored within the client device; verifying, by the authentication device, correctness of the response based on the received information; and based on verifying correctness of the response, determining, by the authentication device, that the entire image of the code stored within the client device is authorized, wherein the verifying correctness of the response comprises determining that the property of the portion of the code in the response matches the property of the particular portion of the authorized code that is obtained based on stored information of the particular portion of the authorized code in a secure storage associated with the authentication device, the stored information of the particular portion of the authorized code comprising the calculated property of the particular portion of the authorized code corresponding to the particular memory address range of the plurality of memory address ranges of the authorized code.
-
Specification