Loading data onto an electronic device
First Claim
1. A method of loading data into an electronic device (101, 205), the electronic device comprising a data memory (102) for storing data items and a key memory (105) for storing at least one cryptographic key of a cryptographic public key mechanism, the method comprising loading (S1, S701) a factory public key (PuKF) into the key memory;
- loading (S2, S702) factory software (SW) signed with a factory private key (PrKF) corresponding to the factory public key into the data memory;
characterised in that the method further comprises loading (S4, S704) into the key memory a product public key (PuKP) different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); and
disabling (S705) the factory public key prior to delivering the electronic device to the customer.
1 Assignment
0 Petitions
Accused Products
Abstract
Method of producing an electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism. The method comprises the steps of loading a factory public key into the key memory; and loading factory software signed with a factory private key corresponding to the factory public key into the data memory. The method further comprises the steps of loading into the key memory a product public key different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer the subsequent data items being signed with a corresponding product private key; and disabling the factory public key prior to delivering the electronic device to the customer.
102 Citations
30 Claims
-
1. A method of loading data into an electronic device (101, 205), the electronic device comprising a data memory (102) for storing data items and a key memory (105) for storing at least one cryptographic key of a cryptographic public key mechanism, the method comprising
loading (S1, S701) a factory public key (PuKF) into the key memory; -
loading (S2, S702) factory software (SW) signed with a factory private key (PrKF) corresponding to the factory public key into the data memory;
characterised in that the method further comprises loading (S4, S704) into the key memory a product public key (PuKP) different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); and
disabling (S705) the factory public key prior to delivering the electronic device to the customer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 17, 18, 19)
-
-
16. A system for storing data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the system comprising
a first loader module (106) for loading a factory public key into the key memory; -
a second loader module (108) for loading factory software signed with a factory private key corresponding to the factory public key into the data memory;
characterised in that the system further comprises a third loader module (114) adapted to load into the key memory a product public key different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key; and
to disable the factory public key prior to delivering the electronic device to the customer.
-
-
20. A method of protecting an electronic device from unauthorised reprogramming, the electronic device comprising a data memory and a key memory, the method comprising loading into the key memory a predetermined public key of a cryptographic public key mechanism for verifying subsequent data items to be loaded into the data memory, the subsequent data items being signed with a corresponding private key;
-
characterised in that the method further comprises setting a protectable identifier in the electronic device, where the protectable identifier identifies an entity authorised to reprogram the electronic device. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 29, 30)
if the protectable identifier has said predetermined property, loading the data, the data being signed with said private key;
otherwise aborting loading the data.
-
-
30. A system for loading data into an electronic device protected according to the method of any one of claims 20 through 27, the system comprising a loader module adapted to
detect whether the protectable identifier has a predetermined property; - and
if the protectable identifier has said predetermined property, to load the data, the data being signed with said private key;
otherwise to abort loading the data.
- and
-
28. An electronic device comprising a data memory and a key memory, the key memory having stored therein a predetermined public key of a cryptographic public key mechanism for verifying subsequent data items to be loaded into the data memory, where the subsequent data items are signed with a corresponding private key;
-
characterised in that the electronic device further comprises a one-time-programmable memory having stored therein a protectable identifier, where the protectable identifier identifies an entity authorised to reprogram the electronic device.
-
Specification