Method for securing software updates
First Claim
1. Method for securing updating data from a plurality of apparatuses, each apparatus receiving the updates from a managing center, these updates including data called patch accompanied by a control block encrypted by a private asymmetrical key taken from a list of keys included in the managing center, characterized by following steps:
- selection by means of the apparatus of a current key from a list of public keys, reception and storage in the memory of the updating patch, reception of the encrypted control block, decryption of said block by the current public key, verification that the decrypted control block corresponds to said patch, installation of the patch received, deactivation of the current key and selection of the next key in the list.
2 Assignments
0 Petitions
Accused Products
Abstract
This invention proposes a method for securing updating software in a plurality of decoders based on the generation of a signature by means of a private asymmetrical key. The updating of a decoder is carried out by downloading, from a managing center, a data block including a patch and its signature, said block is stored in a RAM. The signature is decrypted with a current public key from a list contained in a first non-volatile memory of the decoder, then verified and in the case of correspondence, a command leads the installation of the patch in a second non-volatile Flash memory and the deactivation of the current key. The aim of this invention is to considerably reduce the impact of the discovery of a private key by mean of a systematic analysis of the working of the decoder software, or to notably increase the time and the means necessary for the process used to determine said private key.
-
Citations
14 Claims
-
1. Method for securing updating data from a plurality of apparatuses, each apparatus receiving the updates from a managing center, these updates including data called patch accompanied by a control block encrypted by a private asymmetrical key taken from a list of keys included in the managing center, characterized by following steps:
-
selection by means of the apparatus of a current key from a list of public keys, reception and storage in the memory of the updating patch, reception of the encrypted control block, decryption of said block by the current public key, verification that the decrypted control block corresponds to said patch, installation of the patch received, deactivation of the current key and selection of the next key in the list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification