Code authentication upon bootup for cable modems
First Claim
1. A method (10) for operating a cable modem comprising:
- inserting (13) a RSA-SHA-1 based signature and related authenticated attributes at an end of the code file; and
validating (16) the code file during each reboot operation of the cable modem to confirm that the signature in a header equals the authenticated attributes signed by a private key that created the RSA-SHA-1 based signature.
4 Assignments
0 Petitions
Accused Products
Abstract
An exemplary embodiment of a method (10) for authenticating software in a cable modem makes use of a secure key and certificate stored in flash memory. In this exemplary embodiment, the code employs a key to validate (16) a signature that is generated for each new build of the code. During build of the code, the code is digitally signed (12) using e.g., a Motorola RSA private key. The message digest and the signature are then stored at the end of code file itself (13). Each time the modem (52) reboots, the code can validate (16) that the image in flash has not been modified. This validation function (16) can be accomplished e.g., by calling an RSA Signature Verification function to confirm that the signature in the header equals the message digest signed by the manufacturer'"'"'s private key or the manufacturer'"'"'s CVC.
29 Citations
20 Claims
-
1. A method (10) for operating a cable modem comprising:
-
inserting (13) a RSA-SHA-1 based signature and related authenticated attributes at an end of the code file; and
validating (16) the code file during each reboot operation of the cable modem to confirm that the signature in a header equals the authenticated attributes signed by a private key that created the RSA-SHA-1 based signature. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method (40) for authenticating software in a cable modem comprising:
-
storing (42) an RSA SHA-1 based signature, one or more authenticated attributes, and a Subject Public Key from the manufacturer'"'"'s CVC in flash memory during download of new code to the cable modem; and
during a reboot process, validating (43) that the image in flash has not been modified.
-
-
7. A method (10) for authenticating code in an electronic device comprising:
-
generating (11) the code;
signing (12) the code using a signing key;
validating (16) the code during a reboot process of the electronic device by verifying that a signature in a header equals signed authenticated attributes. - View Dependent Claims (8, 9)
-
-
10. An apparatus (52) including self-authenticating code comprising:
-
a memory (51) storing the code; and
a processor (55a) coupled to the memory (51) and inserting an RSA-SHA-1 based signature and related authenticated attributes at an end of the code file, and validating the code file during each reboot operation of the cable modem to confirm that the signature in a header equals the authenticated attributes signed by a private key that created the RSA-SHA-1 based signature. - View Dependent Claims (11, 12, 13, 14)
-
-
15. An apparatus (50) for communicating new code to a plurality of electronic devices (52a-n) via a network (53) comprising:
-
a server (54) stored a current version of code to be downloaded to the plurality of electronic devices (52a-n);
a memory (51a-n) disposed in each of the plurality of electronic devices (52a-n) to store code having an RSA-SHA-1 based signature and related authenticated attributes stored at an end of the code file; and
a processor (55a-n) disposed in each of the plurality of electronic devices (52a-n) communicating with the server (54), said processor (55a-n) being coupled to the memory (51a-n) and validating the code file during each reboot operation to confirm that the signature in a header equals the authenticated attributes signed by a private key that created the RSA-SHA-1 based signature. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A method (20) for authenticating code in a device comprising:
-
calculating (21) an on-the-fly SHA-1 message digest over a stored Code Header and the Code Image;
comparing (22) a new message digest with a message digest that was stored;
if the new message digest is not the same as the stored message digest, declaring (24) the image to be invalid and sending (25) a syslog message to a system operator informing the system operator of a tampered image and shutting down the device; and
if the new message digest is the same as the stored message digest, then;
calling (27) an RSA Signature Verification function to confirm that a signature equals signed Authenticated Attributes;
if the signature is valid, executing (29) the code normally; and
if the signature is not valid, sending (25) sends a syslog message to the system operator informing the system operator of a tampered image and shutting the device down.
-
Specification