ELECTRONIC DEVICES, INFORMATION PRODUCTS, PROCESSES OF MANUFACTURE AND APPARATUS FOR ENABLING CODE DECRYPTION IN A SECURE MODE USING DECRYPTION WRAPPERS AND KEY PROGRAMMING APPLICATIONS, AND OTHER STRUCTURES

US 20080114993A1
Filed: 11/14/2006
Published: 05/15/2008
Est. Priority Date: 11/14/2006
Status: Active Grant

First Claim

Patent Images

1. An electronic device comprising:

a non-volatile store holding a plurality of encrypted sub-applications, and application-specific identifications to respectively identify the encrypted sub-applications, and at least one wrapper having a representation of code to call a function and supply a said application-specific identification to the called function to determine a storage location and access the storage location for contents and to call for decryption of the encrypted sub-application using the contents of the storage location as a key; and

a processor coupled to said non-volatile store and operable to access the representation of code and execute the code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic device (1640) includes a non-volatile store (1620) holding a plurality of encrypted sub-applications (SubApp n), and application-specific identifications (ASIDs) to respectively identify the encrypted sub-applications (SubApp n), and at least one wrapper having a representation of code to call (2220) a function (KPPA2) and supply a said application-specific identification (ASID) to the called function (KPPA2) to determine a storage location (UU) and access (2250) the storage location (UU) for contents and to call (2260) for decryption of the encrypted sub-application (SubApp n) using the contents of the storage location (UU) as a key; and a processor (1660) coupled to said non-volatile store (1620) and operable to access the representation of code and execute the code (2220, 2260). Various electronic devices, information products, processes of manufacture, and apparatus are disclosed and claimed.

71 Citations

View as Search Results

25 Claims

1. An electronic device comprising:
- a non-volatile store holding a plurality of encrypted sub-applications, and application-specific identifications to respectively identify the encrypted sub-applications, and at least one wrapper having a representation of code to call a function and supply a said application-specific identification to the called function to determine a storage location and access the storage location for contents and to call for decryption of the encrypted sub-application using the contents of the storage location as a key; and
  
  a processor coupled to said non-volatile store and operable to access the representation of code and execute the code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The electronic device claimed in claim 1 wherein the function comprises a key retrieval application that includes a call for access to information in a second storage location that depends on the application specific identification, a call for access to a third storage location, a call for decryption of the information of the second storage location based on the third storage location, and a store of the decryption result as the contents to the first-named storage location.
  - 3. The electronic device claimed in claim 1 wherein a said wrapper includes a plurality of sub-application wrappers corresponding to a plurality of the encrypted sub-applications respectively.
  - 4. The electronic device claimed in claim 1 wherein a said wrapper further has a representation of code, prior to the call to the function, to invoke a secure mode.
  - 5. The electronic device claimed in claim 1 wherein said representation of code of a said wrapper includes a pass of a parameter for execution of the decrypted sub-application and includes a check of a flag to selectively bypass the decryption of the encrypted sub-application to go to the pass of a parameter.
  - 6. The electronic device claimed in claim 1 wherein said processor is on a chip having a stored chip-specific key and a programmable second non-volatile memory with an encrypted form of the first key encrypted with the stored chip-specific key, said processor operable to execute the function to decrypt the encrypted form of the first key to recover the first key itself inside the chip to said storage location and further to access and decrypt the sub-application using the recovered first key inside the chip and further to launch the recovered sub-application whereby a functionality of the electronic device is realized.
  - 7. The electronic device claimed in claim 1 wherein said processor includes an element that has different states depending on whether decryption of a particular sub-application has already occurred or not, and said processor is operable to bypass at least some of the decryption of the encrypted sub-application when the element has a state indicating that decryption of that encrypted sub-application has already occurred.
  - 8. The electronic device claimed in claim 1 further comprising at least one peripheral to form an apparatus selected from the group consisting of 1) cell phone handset, 2) gateway, 3) scanner, 4) camera, 5) voice over packet device, 6) video device, 7) audio device, 8) position-assisted device, 9) personal area network device, 10) set top box.

9. A process of manufacturing an electronic device including a non-volatile storage coupled with a processor chip that has a stored chip-specific key and a volatile on-chip secure memory, the process of manufacturing comprising:
- loading the volatile on-chip secure memory with a key programming application and with a first encrypted form of a first key encrypted by a second key;
  
  operating the processor chip by the key programming application in a secure mode to decrypt the first encrypted form of the first key to recover the first key itself inside the processor chip, generate a second encrypted form of the first key so that the first key is encrypted by the chip-specific key inside the processor chip, and store the second encrypted form of the first key in non-volatile form somewhere in the electronic device; and
  
  providing a key retrieval application in non-volatile form somewhere in the electronic device to call for decrypting the second encrypted form of the first key at run-time.
- View Dependent Claims (10, 11, 13)
- - 10. The process claimed in claim 9 wherein the key programming application initiates the providing of the key retrieval application.
  - 11. The process claimed in claim 9 further comprising obliterating the key programming application from the on-chip volatile secure memory.
  - 13. The process claimed in claim 9 further comprising coupling the processor to at least one peripheral to form an apparatus selected from the group consisting of 1) cell phone handset, 2) gateway, 3) scanner, 4) camera, 5) voice over packet device, 6) video device, 7) audio device, 8) position-assisted device, 9) personal area network device, 10) set top box.

12. The process claimed in 9 wherein the loading includes loading initialization instructions for accessing the secure mode and executing the initialization instructions on the processor chip to load the key programming application into the volatile on-chip secure memory.

14. An information product comprising:
- a plurality of encrypted sub-applications;
  
  application-specific identifications to respectively identify the encrypted sub-applications; and
  
  at least one wrapper having a representation of code to call a function and supply a said application-specific identification to the called function to determine a decryption key and to call for decryption of the encrypted sub-application using the decryption key.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The information product claimed in claim 14 wherein said representation of code of a said wrapper includes a pass of a parameter for execution of the decrypted sub-application and includes a check of a flag to selectively bypass the decryption of the encrypted sub-application to go to the pass of a parameter.
  - 16. The information product claimed in claim 14 wherein the code to call a function, instead of code of that function, is part of the information product.
  - 17. The information product claimed in claim 14 further comprising an information storage material and physical alterations to the information storage material representing the plurality of encrypted sub-applications, the application-specific identifications and the at least one wrapper.
  - 18. The information product claimed in claim 14 further comprising a key programming application associated with the sub-applications.

19. A process of manufacturing an information product, the process comprising:
- providing application code;
  
  dividing the application code into the a plurality of sub-applications;
  
  encrypting the sub-applications with at least one key;
  
  adding a plurality of sub-application wrappers and identifications corresponding to the encrypted sub-applications respectively; and
  
  signing as a whole the sub-applications, the wrappers, and the identifications all together.
- View Dependent Claims (20)
- - 20. The process claimed in claim 19 further comprising associating a key programming application with the sub-applications.

21. An apparatus for processing a unit of an electronic device having a processor chip and for use with an encrypted application encrypted with a first key, the apparatus comprising:
- a control processor;
  
  an interface coupled to said control processor; and
  
  a storage coupled to said control processor and storing a key programming application including instruction code to operate the processor chip to cryptographically process the first key, said control processor operable to deliver the key programming application from said storage into the processor chip via said interface.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The apparatus claimed in claim 21 for use with the processor chip having a stored chip-specific key located and usable inside the processor chip, wherein the key programming application has code to call for re-encryption of the first key with the stored chip-specific key to provide a device-unit-bound form.
  - 23. The apparatus claimed in claim 22 wherein the key programming application code represents at least one operation to store a key retrieval application on-chip, the key retrieval application having instruction code for run-time recovery of the first key itself from the device-unit-bound form.
  - 24. The apparatus claimed in claim 21 further comprising a said unit of electronic device coupled to said interface.
  - 25. The apparatus claimed in claim 21 wherein said control processor is further operable to transfer control to the processor chip to execute the key programming application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Texas Instruments, Inc.
Original Assignee
Texas Instruments, Inc.
Inventors
Paksoy, Erdal, Shankar, Narendar M.

Granted Patent

US 8,032,764 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/193
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 21/629   to features or functions of...

G06F 2221/2107   File encryption

ELECTRONIC DEVICES, INFORMATION PRODUCTS, PROCESSES OF MANUFACTURE AND APPARATUS FOR ENABLING CODE DECRYPTION IN A SECURE MODE USING DECRYPTION WRAPPERS AND KEY PROGRAMMING APPLICATIONS, AND OTHER STRUCTURES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

71 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

ELECTRONIC DEVICES, INFORMATION PRODUCTS, PROCESSES OF MANUFACTURE AND APPARATUS FOR ENABLING CODE DECRYPTION IN A SECURE MODE USING DECRYPTION WRAPPERS AND KEY PROGRAMMING APPLICATIONS, AND OTHER STRUCTURES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

71 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others