Systems and methods using cryptography to protect secure computing environments

US 20080114698A1
Filed: 10/29/2007
Published: 05/15/2008
Est. Priority Date: 08/12/1996
Status: Abandoned Application

First Claim

Patent Images

1. A computer-readable medium comprising program code, the program code being operable, when executed by an electronic appliance comprising a protected processing environment that is resistant to tampering by users of the electronic appliance, to cause the electronic appliance to perform steps comprising:

receiving a first digital signature associated with a load module;

receiving a second digital signature associated with the load module;

authenticating the first digital signature using a first key; and

conditionally executing the load module based at least in part on a result of the authenticating step.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm compromise, and subsets of multiple digital signatures may be used to reduce the scope of any specific compromise.

Citations

21 Claims

1. A computer-readable medium comprising program code, the program code being operable, when executed by an electronic appliance comprising a protected processing environment that is resistant to tampering by users of the electronic appliance, to cause the electronic appliance to perform steps comprising:
- receiving a first digital signature associated with a load module;
  
  receiving a second digital signature associated with the load module;
  
  authenticating the first digital signature using a first key; and
  
  conditionally executing the load module based at least in part on a result of the authenticating step.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer-readable medium of claim 1, in which the first digital signature is associated with a first part of the load module, and the second digital signature is associated with a second, different, part of the load module, the computer-readable medium further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - authenticating the second digital signature.
  - 3. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform steps comprising:
    - after performing the conditionally executing step, authenticating the second digital signature; and
      
      conditionally executing the load module based, at least in part, on a result of the step of authenticating the second digital signature.
  - 4. The computer-readable medium of claim 3, in which the first digital signature is associated with a first part of the load module, and the second digital signature is associated with a second, different, part of the load module.
  - 5. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - randomly selecting the first digital signature for authentication from a set of digital signatures comprising at least the first digital signature and the second digital signature.
  - 6. The computer-readable medium of claim 3, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - randomly selecting the second digital signature for authentication from a set of digital signatures comprising at least the first digital signature and the second digital signature.
  - 7. The computer-readable medium of claim 1, in which the first digital signature is generated by a first entity and the second digital signature is generated by a second entity that is different from the first entity, the computer readable medium further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - authenticating the second digital signature.
  - 8. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform steps comprising:
    - securely receiving the first key, the first key comprising a public key of a first entity; and
      
      securely receiving a public key of a second entity, the public key of the second entity being configured for use in authenticating the second digital signature.
  - 9. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - authenticating the second digital signature.
  - 10. The computer-readable medium of claim 1, further including program code that is operable, when executed by the electronic appliance, to cause the electronic appliance to perform the step of:
    - distributing the load module to a second electronic appliance.
  - 11. The computer-readable medium of claim 1, further including the load module, the load module being operable, when executed by the electronic appliance, to cause the electronic appliance to perform at least one action selected from the group consisting of:
    - recording an aspect of usage of a piece of electronic content, preventing a user of the electronic appliance from making a copy of a piece of electronic content, charging a user of the electronic appliance a fee for viewing a piece of electronic content, enabling the electronic appliance to playa piece of electronic content, and enabling the electronic appliance to perform a financial transaction.

12. A system comprising:
- an electronic appliance comprising a protected processing environment;
  
  means for receiving a first digital signature associated with a load module;
  
  means for receiving a second digital signature associated with the load module;
  
  means for authenticating the first digital signature using a first key; and
  
  means for conditionally executing the load module based at least in part on a result generated by the means for authenticating the first digital signature;
  
  wherein the protected processing environment is operable to impede tampering by a user of the electronic appliance with at least the means for authenticating the first digital signature and the means for conditionally executing the load module.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The system of claim 12, in which the protected processing environment is operable to maintain the first key as a secret from the user of the electronic appliance.
  - 14. The system of claim 13, in which the first key comprises a public key.
  - 15. The system of claim 12, in which the first digital signature is associated with a first part of the load module, and the second digital signature is associated with a second, different, part of the load module, the system further comprising:
    - means for authenticating the second digital signature;
      
      wherein the means for conditionally executing the load module comprises means for conditionally executing the load module based at least in part on a result generated by the means for authenticating the second digital signature.
  - 16. The system of claim 15, in which the means for authenticating the second digital signature is configured to make use of a second key that is different from the first key.
  - 17. The system of claim 12, further comprising:
    - means for authenticating the second digital signature after executing the load module at least a first time; and
      
      means for conditionally executing the load module at least a second time based, at least in part, on a result generated by the means for authenticating the second digital signature.
  - 18. The system of claim 17, in which the first digital signature is associated with a first part of the load module, and the second digital signature is associated with a second, different, part of the load module.
  - 19. The system of claim 12, further comprising:
    - means for randomly selecting the first digital signature for authentication from a set of digital signatures comprising at least the first digital signature and the second digital signature.
  - 20. The system of claim 17, further comprising:
    - means for randomly selecting the second digital signature for authentication from a set of digital signatures comprising at least the first digital signature and the second digital signature.

21-25. -25. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
VAN WIE, DAVID, SHEAR, VICTOR, SIBERT, W.

Application Number

US11/978,962
Publication Number

US 20080114698A1
Time in Patent Office

Days
Field of Search
US Class Current

705/67
CPC Class Codes

G06F 12/1483   using an access-table, e.g....

G06F 21/10   Protecting distributed prog...

G06F 21/51   at application loading time...

G06F 2211/007   Encryption, En-/decode, En-...

G06Q 20/02   involving a neutral party, ...

G06Q 20/085   involving remote charge det...

G06Q 20/12   specially adapted for elect...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/3674   involving authentication

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3825   Use of electronic signatures

G06Q 20/401   Transaction verification

G11B 20/00086   Circuits for prevention of ...

G11B 20/00159   Parental control systems

G11B 20/00173   wherein the origin of the c...

G11B 20/00188   involving measures which re...

G11B 20/00195   using a device identifier a...

G11B 20/0021   involving encryption or dec...

G11B 20/00543   wherein external data is en...

G11B 20/00557   wherein further management ...

G11B 20/00688 : said measures preventing th...

G11B 20/0071 : involving a purchase action

G11B 20/00768 : wherein copy control inform...

G11B 2220/216 : Rewritable discs

G11B 2220/218 : Write-once discs

G11B 2220/2562 : DVDs [digital versatile dis...

G11B 2220/2575 : DVD-RAMs

G11B 27/031 : Electronic editing of digit...

G11B 27/329 : on a disc [VTOC]

H04L 12/40104 : Security; Encryption; Conte...

H04L 12/40117 : Interconnection of audio or...

View All

Systems and methods using cryptography to protect secure computing environments

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods using cryptography to protect secure computing environments

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links