Secure and backward-compatible processor and secure software execution thereon

US 20050132217A1
Filed: 01/31/2005
Published: 06/16/2005
Est. Priority Date: 02/07/2003
Status: Active Grant

First Claim

Patent Images

1-115. -115. (canceled)

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure processor assuring application software is executed securely, and assuring only authorized software is executed, monitored modes and secure modes of operation. The former executes application software transparently to that software. The latter verifies execution of the application software is authorized, performs any extraordinary services required by the application software, and verifies the processor has obtained rights to execute the content. The secure processor (1) appears hardware-identical to an ordinary processor, with the effect that application software written for ordinary processors can be executed on the secure processor without substantial change, (2) needs only a minimal degree of additional hardware over and above those portions appearing hardware-identical to an ordinary processor. The secure processor operates without substantial reduction in speed or other resources available to the application software. Functions operating in secure mode might reside in an on-chip non-volatile memory, or might be loaded from external storage with authentication.

140 Citations

View as Search Results

188 Claims

1-115. -115. (canceled)

116. A method comprising:
- distinguishing between a monitored mode and a secure mode;
  
  when in the secure mode;
  
  executing software loaded using a bootstrap loader that cryptographically authenticates the software; and
  
  exiting the secure mode;
  
  when in the monitored mode;
  
  performing application software without substantial change in original code for that application software, wherein the application software sees a processor environment that is not substantially different from an ordinary processor.
- View Dependent Claims (117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127)
- - 117. The method of claim 116, further comprising, when in the secure mode, verifying authorization to perform the application software.
  - 118. The method of claim 116, further comprising, when in the secure mode, checking a cryptographic signature from a trusted source;
    - and verifying that said application software is preserved in integrity and authenticity using the cryptographic signature.
  - 119. The method of claim 116, further comprising performing instructions substantially identical to those performable by a semiconductor die for an ordinary processor otherwise not responsive to said secure mode.
  - 120. The method of claim 116, further comprising, when in the secure mode, performing security services requested by, and authorized for, the application software.
  - 121. The method of claim 116, further comprising:
    - when in the monitored mode, entering the secure mode in response to a technique selected from the group consisting of;
      
      an interrupt, a reset signal, a power on signal, and a timer signal; and
      
      when in the secure mode, determining by which technique the secure mode was entered.
  - 122. The method of claim 116, further comprising:
    - when in the monitored mode;
      
      generating an interrupt in response to a request for services associated with the application software; and
      
      entering the secure mode;
      
      when in the secure mode;
      
      delivering the services in response to the application software; and
      
      exiting the secure mode.
  - 123. The method of claim 116, further comprising, in response to power-on, when in the secure mode:
    - loading additional code from one or more trusted sources;
      
      verifying authenticity of the trusted sources; and
      
      verifying content integrity of the additional code.
  - 124. The method of claim 116, wherein said application software includes at least one instruction for execution in the secure mode, further comprising:
    - performing said at least one instruction on behalf of a set of secure kernel code; and
      
      authenticating additional secure kernel code.
  - 125. The method of claim 116, further comprising:
    - performing a set of secure software;
      
      determining whether additional secure software is authentic;
      
      executing the additional secure software if the secure software is authentic;
      
      determining authorization to perform the additional secure software; and
      
      performing the additional secure software if authorization exists.
  - 126. The method of claim 125, further comprising:
    - loading the additional secure software; and
      
      validating the additional secure software using a cryptographic technique, wherein said validating establishes integrity or origin from a trusted source.
  - 127. The method of claim 125, further comprising:
    - loading additional application software; and
      
      determining authorization to perform the additional application software.

128. A method comprising:
- when a security signal indicates monitored mode;
  
  refusing access to a secure function in response to the security signal;
  
  when the security signal indicates secure mode;
  
  accessing the secure function in response to the security signal;
  
  accessing at least one secure circuit, wherein said secure function includes instructions for launching software content from an external source, measuring trustworthiness of the external source, and facilitating verification of the software content.
- View Dependent Claims (129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140)
- - 129. The method of claim 128, further comprising performing a set of application code in a manner that is substantially identical to performing the set of application code on a substantially identical non-secure processing unit that is not responsive to said security signal.
  - 130. The method of claim 128, further comprising, when the security signal indicates the monitored mode, performing a set of application code.
  - 131. The method of claim 128, further comprising:
    - receiving external instructions from the external source; and
      
      verifying the external instructions as authentic, or originating from a trusted source.
  - 132. The method of claim 128, further comprising:
    - monitoring access to an external device; and
      
      performing at least one secure function in response to an attempt to access the external device in violation of the security signal and a set of access rules.
  - 133. The method of claim 132, wherein said monitoring access to an external device is responsive to at least one of:
    - a number of accesses requested;
      
      a number of instructions performed;
      
      a parameter set when in the secure mode; and
      
      an interval of operation.
  - 134. The method of claim 132, further comprising maintaining a set of secure information for read-only access.
  - 135. The method of claim 134, further comprising reading the set of secure information from a non-volatile memory.
  - 136. The method of claim 134, further comprising:
    - reading the set of secure information from a non-volatile memory; and
      
      disabling writing to the non-volatile memory after packaging.
  - 137. The method of claim 128, further comprising:
    - receiving external data from the external source;
      
      constructing data responsive to the external data;
      
      comparing the data responsive to the external data with at least some of said secure information.
  - 138. The method of claim 137, further comprising:
    - determining a computed cryptographic value as a function of the external data; and
      
      using a public key cryptographic method to verify the computed cryptographic value using a recorded signature value from a trust verifiable source.
  - 139. The method of claim 128, further comprising:
    - requesting additional secure code from the external source;
      
      sending data responsive to the secure information to the external source, wherein the external source is capable of verifying authorization to perform the additional secure code; and
      
      receiving the additional secure code from the external source, wherein the additional secure code includes information that can be used by a secure device to determinate that it has permission to execute or use some software.
  - 140. The method of claim 128, further comprising:
    - requesting application software from the external source;
      
      sending data responsive to the secure information to the external source, wherein the external source is capable of verifying authorization to perform the application software; and
      
      receiving the application software from the external source, wherein the application software includes information that can be used by a secure device to determinate that it has permission to execute or use some software.

141. A method of reading secure information from non-volatile memory associated with a secure processor, comprising:
- disabling writing to non-volatile memory when a processor with which the non-volatile memory is associated is packaged; and
  
  maintaining secure information within the non-volatile memory.

142. The method of claim 142, wherein said disabling includes making substantially inaccessible a non-bonded pin.
- View Dependent Claims (143, 144)
- - 143. The method of claim 142, wherein the secure information is unique to the processor.
  - 144. The method of claim 142, wherein the secure information is secret.

145. A processor chip apparatus comprising:
- a secure switch for switching between a monitored mode and a secure mode;
  
  memory, coupled to the secure switch, including;
  
  security information;
  
  a bootstrap loader, wherein, using the security information, the bootstrap loader cryptographically authenticates software loaded in response to execution of the bootstrap loader;
  
  a processor coupled to the secure switch and the memory, wherein, in operation;
  
  the processor executes the bootstrap loader, in the secure mode, the processor executes the software loaded in response to execution of the bootstrap loader and exits the secure mode, and wherein in the monitored mode, the processor performs application software transparently to the application software.
- View Dependent Claims (146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 173)
- - 146. The apparatus of claim 145, wherein, when in the secure mode, the processor verifies authorization to perform the application software.
  - 147. The apparatus of claim 145, wherein, when in the secure mode, the processor checks a cryptographic signature from a trusted source;
    - and verifies that said application software is preserved in integrity and authenticity using the cryptographic signature.
  - 148. The apparatus of claim 145, wherein, when in the secure mode, the processor performs security services requested by, and authorized for, the application software.
  - 149. The apparatus of claim 145, wherein, when in the monitored mode, the secure switch switches to the secure mode in response to a technique selected from the group consisting of:
    - an interrupt, a reset signal, a power on signal, and a timer signal; and
      
      when in the secure mode, the processor determines by which technique the secure mode was entered.
  - 150. The apparatus of claim 145, wherein:
    - when in the monitored mode;
      
      the processor generates an interrupt in response to a request for services associated with the application software; and
      
      the secure switch switches to the secure mode;
      
      when in the secure mode;
      
      the processor delivers the services in response to the application software; and
      
      the secure switch switches to the monitored mode.
  - 151. The apparatus of claim 145, wherein, in response to a power-on state, when in the secure mode:
    - the processor loads additional code from one or more trusted sources;
      
      the processor verifies authenticity of the trusted sources; and
      
      the processor verifies content integrity of the additional code.
  - 152. The apparatus of claim 145, wherein said application software includes at least one instruction for execution in the secure mode, wherein:
    - the processor performs said at least one instruction on behalf of a set of secure kernel code; and
      
      the processor authenticates additional secure kernel code.
  - 153. The apparatus of claim 145, wherein the processor:
    - performs a set of secure software;
      
      determines whether additional secure software is authentic;
      
      executes the additional secure software if the secure software is authentic;
      
      determines authorization to perform the additional secure software; and
      
      performs the additional secure software if authorization exists.
  - 154. The apparatus of claim 153, wherein the processor:
    - loads the additional secure software; and
      
      validates the additional secure software using a cryptographic technique, wherein said validating establishes integrity or origin from a trusted source.
  - 155. The apparatus of claim 153, wherein the processor:
    - loads additional application software; and
      
      determines authorization to perform the additional application software.
  - 156. The apparatus of claim 153, wherein access rights to internal resources are issued from a trust verifiable authority, wherein in the secure mode, the processor validates trust and verifies access rights as authentic using a public key cryptographic verification technique, and wherein the processor sets up access rights in secure mode and the access rights are unmodifiable in the monitored mode.
  - 157. The apparatus of claim 156, wherein the processor applies the access rights to resources, wherein the resources may be designated as “
    - enabled”
      
      , “
      
      disabled”
      
      , or “
      
      restricted”
      
      .
  - 158. The apparatus of claim 157, wherein the resources include software resources and hardware resources
  - 159. The apparatus of claim 157, wherein the designation is application-specific.
  - 160. The apparatus of claim 157, wherein the designation is user-specific.
  - 161. The apparatus of claim 157, wherein the designation is device-specific.
  - 162. The apparatus of claim 157, wherein the designation is associated with one or more of the group consisting of bandwidth, time-of-use, dates, memory use, a limitation on internal resources, conditional on internal secure data, access rights from a server, rights dependent on secure state, and consumption data.
  - 163. The apparatus of claim 145, wherein said security information includes information maintained in a non-volatile memory, said non-volatile memory having a circuit capable of enabling writing of said non-volatile memory, said circuit being disabled when said secure processor is packaged.
  - 164. The apparatus of claim 145, wherein said security information includes information maintained in a non-volatile memory, said non-volatile memory having a circuit capable of enabling writing of said non-volatile memory, said circuit including a pin which is substantially inaccessible when said secure processor is packaged.
  - 165. The apparatus of claim 145, wherein said security information includes an identity value substantially unique to the apparatus, or a set of private key information substantially unique to the processor;
    - wherein a selected set of content or software is assured to be executed when authorization to consume said content or execute said software exists.
  - 166. The apparatus of claim 145, including means for combining said key information and a substantially unique identity value, with the effect of implementing a digital rights management scheme for enforcing intellectual property rights.
  - 167. The apparatus of claim 145, wherein at least a portion of said secure information is digitally signed using either a public key/secret private key system or a symmetric encryption/decryption key.
  - 168. The apparatus of claim 145, wherein at least a portion of said secure information is encrypted using either a public key/secret private key system or a symmetric encryption/decryption key.
  - 169. The apparatus of claim 145, wherein, in operation, the processor verifies authenticity of a purchase receipt or license or other digital rights management data, wherein the purchase receipt or license or other digital rights management data facilitates verification of a selected set of content or software as authentic and authorized.
  - 170. The apparatus of claim 169, wherein, in an operational configuration, the processor is permitted to consume the content or execute the software in response to an attempt to verify authenticity of a purchase receipt or license or other digital rights management data.
  - 171. The apparatus of claim 169, wherein said receipt includes information sufficient to substantially identify the processor and information sufficient to substantially identify an identity value substantially unique to said content or software.
  - 172. The apparatus of claim 169, wherein, in an operational configuration, the processor is permitted to consume the content or execute the software in response to verifying said digital signature.
  - 173. The apparatus of claim 169, wherein, in an operational configuration, the processor is permitted to consume the content or execute the software in response to an attempt to decrypt a portion of the secure information.

174. A method comprising:
- including a security code verification module in a bootstrap loader;
  
  implementing the bootstrap loader in firmware;
  
  initializing non-volatile memory with a first security code verification value associated with the security code module, wherein security code includes instructions to enable access rights to hardware and software resources, wherein the access rights to resources are issued from a trust verifiable source, and wherein access rights data is verifiable as authentic from a source using a public key cryptographic verification method.
- View Dependent Claims (175, 176, 177, 178, 179, 180, 181, 182, 183, 184, 185, 186, 187, 188)
- - 175. The method of claim 174, further comprising configuring the first security code verification value.
  - 176. The method of claim 174, further comprising:
    - locating security code using the security code verification module;
      
      computing a second security code verification value associated with the security code; and
      
      executing the security code if the first security code verification value verifies correctly with respect to the second security code verification value.
  - 177. The method of claim 174, further comprising:
    - loading security code associated with the security code verification module into volatile memory;
      
      computing a second security code verification value associated with the security code; and
      
      executing the security code if the first security code verification value verifies correctly with respect to the second security code verification value.
  - 178. The method of claim 174, further comprising:
    - loading a first module of security code associated with the security code verification module into volatile memory;
      
      computing a second security code verification value associated with the security code; and
      
      executing the first module of the security code if the first security code verification value verifies correctly with respect to the second security code verification value.
  - 179. The method of claim 178, wherein said first module of security code has been loaded into volatile memory, further comprising:
    - authenticating a second module of the security code using data in the first module of the security code; and
      
      loading the second module of the security code into volatile memory when authenticated.
  - 180. The method of claim 174, further comprising implementing a non-maskable interrupt that is triggered at specified times.
  - 181. The method of claim 180, further comprising executing security code associated with the security code verification module when the non-maskable interrupt is triggered.
  - 182. The method of claim 180, wherein said specified times include on reset.
  - 183. The method of claim 180, further comprising using a timer to trigger the non-maskable interrupt at intervals defined by security code associated with the security code verification module, wherein triggering at intervals facilitates monitoring running applications.
  - 184. The method of claim 180, further comprising switching to a secure mode, different in security level from a backward-compatible monitored mode.
  - 185. The method of claim 180, further comprising embedding chip identities and keys to facilitate a procedure selected from the group consisting of:
    - tracking the chip, implementation of licensing schemes, and authenticated software loading.
  - 186. The method of claim 174, further comprising using the NV memory to maintain secure versioning or sequencing of state.
  - 187. The method of claim 186, wherein said using the NV memory to maintain secure versioning or sequencing of state further comprises maintaining a version or sequence number in the NV memory, wherein access to the version or sequence number is allowed in a security mode and restricted in an application mode.
  - 188. The method of claim 186, further comprising refusing to update a version or sequence number maintained in the NV memory to a previous state.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Broadon Communications Corp. (Acer, Inc.)
Inventors
Yen, Wei, Srinivasan, Pramila, Princen, John, Blythe, David, Saperstein, William, Berndt, Frank

Granted Patent

US 7,380,275 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/51   at application loading time...

G06F 21/52   during program execution, e...

G06F 21/71   to assure secure computing ...

G06F 21/73   by creating or determining ...

G06F 21/74   operating in dual or compar...

Secure and backward-compatible processor and secure software execution thereon

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

140 Citations

188 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and backward-compatible processor and secure software execution thereon

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

140 Citations

188 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links