System and method for securely storing firmware

US 20060174109A1
Filed: 02/01/2006
Published: 08/03/2006
Est. Priority Date: 02/02/2005
Status: Active Grant

First Claim

Patent Images

1. A method of providing secure storage for firmware in a computing device that executes from a ROM prior to the loading of the operating system, comprising:

providing a designated secure storage container holding firmware, the firmware being executed prior to the loading of the operating system for the computing device;

encrypting the designated secure storage container using a secure storage encryption key;

including a reference to the encrypted storage container in a build of firmware placed in a ROM image, writing the encrypted secure storage container to secondary storage outside the ROM using at least one unique identifier;

using the reference in the ROM image to retrieve the encrypted secure storage container prior to the loading of the operating system for the computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mechanism for creating and accessing a secure storage area for firmware that stores a “Virtual ROM” module reference or pointer in the actual ROM that includes a unique identifier for the virtual ROM module to be retrieved is discussed. The actual ROM image also contains a generated unique identifier for the whole machine. In retrieving a Virtual ROM module, both the module identifier and the machine identifier are used. Once retrieved, the module is validated using a message digest stored in the Virtual ROM module reference. If required, the Virtual ROM module is then decrypted using a secret key that is stored elsewhere in the actual ROM. Updates to the Virtual ROM module are made in memory by pre-boot code. At a point in time when these updates are complete, the Virtual ROM module is written back out to the location from which it was retrieved. The Virtual ROM module reference that is in the actual ROM is updated to reflect the new message digest value and the module reference and the machine identifier used for the PC are write-disabled. Additionally, if the storage has been encrypted, and a secret key is being used, the region of the actual ROM that contains the secret key is read-disabled.

Citations

20 Claims

1. A method of providing secure storage for firmware in a computing device that executes from a ROM prior to the loading of the operating system, comprising:
- providing a designated secure storage container holding firmware, the firmware being executed prior to the loading of the operating system for the computing device;
  
  encrypting the designated secure storage container using a secure storage encryption key;
  
  including a reference to the encrypted storage container in a build of firmware placed in a ROM image, writing the encrypted secure storage container to secondary storage outside the ROM using at least one unique identifier;
  
  using the reference in the ROM image to retrieve the encrypted secure storage container prior to the loading of the operating system for the computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, comprising further:
    - generating a message digest on the encrypted designated secure storage container; and
      
      including the message digest and the at least one unique identifier in the reference.
  - 3. The method of claim 2 comprising further:
    - generating a new message digest on the retrieved encrypted secure storage container;
      
      identifying a match between the new message digest with the message digest in the reference by comparing the message digests; and
      
      decrypting the secure storage container using the secure storage encryption key.
  - 4. The method of claim 1 wherein the secure storage encryption key is stored in a part of the ROM image loaded into a read-disabled memory location at a point prior to the loading of the operating system for the computing device.
  - 5. The method of claim 1 wherein the at least one unique identifier includes a unique machine identifier for the computing device.
  - 6. The method of claim 5 wherein the unique machine identifier is stored in a part of the ROM image that is loaded into a write-disabled memory location at a point prior to the loading of the operating system for the computing device.
  - 7. The method of claim 1 wherein the at least one unique identifier also includes a globally unique ID (GUID).
  - 8. The method of claim 1, comprising further:
    - accessing the secondary storage over a network.
  - 9. The method of claim 1 wherein the secondary storage is one of the group of a hard drive or removable disk drive.
  - 10. The method of claim 1 wherein the designated secure storage container is an EFI Framework firmware volume.
  - 11. The method of claim 1, comprising further:
    - providing a second designated secure storage container;
      
      generating a unique private-public key pair;
      
      storing the public portion of the unique private-public key pair in the designated secure storage container and the private portion of the unique private-public key pair in the second designated secure storage container, the designated secure storage container storing the public portion being loaded into memory marked as write-disabled, the second designated secure storage container being loaded into memory marked as read-disabled;
      
      signing content created for delivery to other environments with the pre-boot firmware, the signing including the encryption of the content with the private portion of the unique private-public key pair, the content delivered after signing; and
      
      using the public portion of the private-public key pair in the decryption of the signed content.
  - 12. The method of claim 11 wherein the signing process runs a message digest over the content before signing it with the private key.
  - 13. The method of claim 11 wherein the message digest is regenerated in order to verify the signed content before the decryption of the content with the public portion of the private-public key.

14. A system for providing secure storage of firmware for a computing device that executes from a ROM pre-boot, comprising:
- a firmware ROM image, the firmware ROM image including a reference for at least one encrypted designated secure storage container holding firmware to be executed before the loading of the operating system, the reference to the at least one encrypted designated secure storage container including a message digest for the encrypted designated secure storage container that is used to verify the authenticity of the encrypted designated secure storage container prior to executing the firmware from the encrypted designated secure storage container;
  
  the designated secure storage container, the designated secure storage container encrypted with a secure storage encryption key and stored in secondary storage separately from the ROM; and
  
  the secure storage encryption key used to initially encrypt the designated secure storage container and then subsequently decrypt the designated secure storage container following its retrieval from secondary storage, the secure storage container located in a portion of the ROM image marked as read-disabled at a point prior to the loading of the operating system.
- View Dependent Claims (15, 16)
- - 15. The system of claim 14 wherein the firmware ROM image is initially stored in one of the group of ROM (Read-Only Memory), PROM (Programmable ROM), EPROM (Erasable PROM), EEPROM (Electrically Erasable PROM) and Flash memory.
  - 16. The system of claim 14 wherein the firmware ROM image includes a second reference to a second designated encrypted secure storage area.

17. A medium holding computer-executables instructions for providing secure storage for firmware in a computing device that executes from a ROM prior to the loading of the operating system, the instructions comprising:
- instructions for providing a designated secure storage container holding firmware, the firmware being executed prior to the loading of the operating system for the computing device;
  
  instructions for encrypting the designated secure storage container using a secure storage encryption key;
  
  instructions for including a reference to the encrypted storage container in a build of firmware placed in a ROM image, instructions for writing the encrypted secure storage container to secondary storage outside the ROM using at least one unique identifier; and
  
  instructions for using the reference in the ROM image to retrieve the encrypted secure storage container prior to the loading of the operating system for the computing device.
- View Dependent Claims (18, 19, 20)
- - 18. The medium of claim 17 wherein the instructions further comprise:
    - instructions for generating a message digest on the encrypted designated secure storage container; and
      
      instructions for including the message digest and the at least one unique identifier in the reference.
  - 19. The medium of claim 18 wherein the instructions further comprise:
    - instructions for generating a new message digest on the retrieved encrypted secure storage container;
      
      instructions for identifying a match between the new message digest with the message digest in the reference by comparing the message digests; and
      
      decrypting the secure storage container using the secure storage encryption key.
  - 20. The medium of claim 17 wherein the instructions further comprise:
    - instructions for providing a second designated secure storage container;
      
      instructions for generating a unique private-public key pair;
      
      instructions for storing the public portion of the unique private-public key pair in the designated secure storage container and the private portion of the unique private-public key pair in the second designated secure storage container, the designated secure storage container storing the public portion being loaded into memory marked as write-disabled, the second designated secure storage container being loaded into memory marked as read-disabled;
      
      instructions for signing content created for delivery to other environments with the pre-boot firmware, the signing including the encryption of the content with the private portion of the unique private-public key pair, the content delivered after signing; and
      
      instructions for using the public portion of the private-public key pair in the decryption of the signed content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Insyde Software Corp
Original Assignee
Insyde Software Corp
Inventors
Flynn, Rex A.

Granted Patent

US 8,181,020 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/164
CPC Class Codes

G06F 12/1408   by using cryptography for d...

G06F 21/572   Secure firmware programming...

G06F 21/575   Secure boot

G06F 8/66   of program code stored in r...

G06F 9/4406   Loading of operating system

System and method for securely storing firmware

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securely storing firmware

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links