Integrity checking for software downloaded from untrusted sources

US 20040158546A1
Filed: 02/06/2003
Published: 08/12/2004
Est. Priority Date: 02/06/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method by which a software publisher prepares a target file to be downloaded quickly and securely from a source computer, said method comprising the steps of:

breaking up the target file into a plurality of chunks; and

creating a manifest file comprising a digest for each chunk.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Computer-implemented methods, apparati, data structures, and computer-readable media for downloading a target file (1) quickly and securely from a source computer (2). The target file (1) is broken up into a plurality of chunks (12). The integrity of each chunk (12) is verified (25) by calculating a digest for each chunk (12) and comparing the calculated digest with a prestored digest (32) for that chunk (12). In several embodiments, a manifest file (3) is created. In these embodiments, the manifest file (3) contains the digest (32) for each chunk (12).

Citations

41 Claims

1. A method by which a software publisher prepares a target file to be downloaded quickly and securely from a source computer, said method comprising the steps of:
- breaking up the target file into a plurality of chunks; and
  
  creating a manifest file comprising a digest for each chunk.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The method of claim 1 wherein:
    - all chunks other than a last chunk contain N bytes; and
      
      the manifest file further comprises an overall number of bytes S of the target file.
  - 3. The method of claim 1 wherein the manifest file is posted on a trusted computer.
  - 4. The method of claim 3 wherein the trusted computer is a computer from the group of computers comprising a software publisher computer and a computer authorized by the software publisher.
  - 5. The method of claim 3 wherein the trusted computer is a computer deemed to be trusted by a downloading computer that downloads the target file from the source computer.
  - 6. The method of claim 5 wherein the downloading computer contains a list of trusted computers.
  - 7. The method of claim 6 wherein the downloading computer modifies the list of trusted computers using a peer-to-peer web of trust.
  - 8. The method of claim 1 wherein:
    - the manifest file is posted on an untrusted computer;
      
      the manifest file contains a header; and
      
      the header contains a preselected maximum number of bytes.
  - 9. The method of claim 8 wherein the manifest file comprises a plurality of records, and each record is digitally signed.
  - 10. The method of claim 8 wherein the manifest file contains a hash of the chunk digests taken as a whole.
  - 11. The method of claim 1 wherein the manifest file is prepended to the target file.
  - 12. The method of claim 1 wherein the manifest file is posted on at least one trusted computer and on at least one untrusted computer.
  - 13. The method of claim 12 wherein a downloading computer first attempts to download the manifest file from an untrusted computer.
  - 14. The method of claim 13 wherein the downloading computer has a preselected number M attempts to download the manifest file from an untrusted computer and, when the downloading computer is not able to download the manifest file from an untrusted computer in M attempts, the downloading computer attempts to download the manifest file from a trusted computer.
  - 15. The method of claim 1 wherein a downloading computer first downloads the manifest file, then uses the manifest file to verify contents of the target file as the downloading computer downloads the target file.
  - 16. The method of claim 15 wherein the downloading computer downloads no more than J bytes of the manifest file, where J is a preselected positive integer.
  - 17. The method of claim 15 wherein the downloading computer downloads the manifest file in a piecewise fashion.
  - 18. The method of claim 1 wherein each digest is calculated by applying a hash function to a chunk of the target file.
  - 19. The method of claim 1 further comprising the step of a downloading computer verifying the digest of each chunk of the target file.
  - 20. The method of claim 19 wherein the verifying comprises calculating a digest for that chunk and comparing the calculated digest with the digest for that chunk contained in the manifest file.
  - 21. The method of claim 20 wherein a chunk is deemed to have integrity when the value of the digest calculated during the verifying step matches the value of the digest contained in the manifest file.
  - 22. The method of claim 20 wherein, when the digest calculated during the verifying step does not match the digest contained in the manifest file, the chunk is deemed to lack integrity, and the downloading from that source computer is aborted.
  - 23. The method of claim 22 wherein the downloading continues from an alternative source computer.
  - 24. The method of claim 23 wherein only those chunks subsequent to chunks already downloaded and verified are retrieved from the alternative source computer.
  - 25. The method of claim 1 wherein a downloading computer wishing to download the target file first downloads the manifest file using a SSL session.
  - 26. The method of claim 1 wherein the manifest file contains a header and a digital signature for the header.
  - 27. The method of claim 26 wherein the digital signature is affixed by the software publisher.
  - 28. The method of claim 26 wherein the digital signature is affixed by a trusted third party.
  - 29. The method of claim 1 wherein a downloading computer stops downloading the target file when S bytes of the target file have been downloaded.
  - 30. The method of claim 1 wherein a downloading computer is given a preselected number Q attempts to download the target file.

31. A computer-readable medium containing computer program instructions for preparing a target file to be downloaded quickly and securely from a source computer, said computer program instructions performing the steps of:
- breaking up the target file into a plurality of chunks; and
  
  digitally signing each chunk.
- View Dependent Claims (32)
- - 32. The computer-readable medium of claim 31 wherein said computer program instructions further perform the steps of:
    - placing a chunk size into a header of the target file; and
      
      imposing a maximum on the number of bytes in the header.

33. A computer-readable medium containing computer program instructions for preparing a target file to be downloaded quickly and securely from a source computer, said computer program instructions performing the steps of:
- breaking up the target file into a plurality of chunks; and
  
  creating a manifest file containing a digest for each chunk.
- View Dependent Claims (34, 35)
- - 34. The computer-readable medium of claim 33 wherein:
    - the manifest file contains an overall size S of the target file; and
      
      all chunks but a last chunk contain N bytes, where N is an integer greater than 1.
  - 35. The computer-readable medium of claim 33 wherein the manifest file is prepended to the target file.

36. A method by which a downloading computer downloads a target file quickly and securely from a source computer, said method comprising the steps of:
- piecewise downloading the target file in a plurality of chunks; and
  
  verifying a digital signature for each chunk.

37. A method by which a downloading computer downloads a target file quickly and securely from a source computer, said method comprising the steps of:
- piecewise downloading the target file in a plurality of chunks; and
  
  verifying the integrity of each chunk by calculating a digest for each chunk and comparing the calculated digest with a prestored digest for that chunk.

38. A target computer file prepared for quick and secure download from a source computer, said target computer file comprising:
- a plurality of chunks;
  
  a digital signature affixed to each chunk; and
  
  a header containing a chunk size and having a preselected maximum number of bytes.

39. A target computer file prepared for quick and secure download from a source computer, said target computer file comprising:
- a plurality of chunks, each chunk except for a last chunk having N bytes, where N is an integer greater than 1; and
  
  associated with the target file, a manifest file containing a digest for each chunk, and further containing N and an overall number of bytes S of the target file.

40. A method by which a software publisher prepares a target file to be downloaded quickly and securely from a source computer, said method comprising the steps of:
- breaking up the target file into a plurality of chunks;
  
  digitally signing each chunk;
  
  placing a chunk size into a header of the target file; and
  
  imposing a maximum on the number of bytes in the header.
- View Dependent Claims (41)
- - 41. The method of claim 40 wherein the source computer is untrusted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NortonLifeLock Inc.
Original Assignee
NortonLifeLock Inc.
Inventors
Sobel, William E., McCorkendale, Bruce

Application Number

US10/359,922
Publication Number

US 20040158546A1
Time in Patent Office

Days
Field of Search
US Class Current

707/1
CPC Class Codes

G06F 8/60   Software deployment

H04L 63/123   received data contents, e.g...

H04L 63/1458   Denial of Service

H04L 67/06   specially adapted for file ...

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/108   characterised by resources ...

Integrity checking for software downloaded from untrusted sources

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Integrity checking for software downloaded from untrusted sources

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links