Method and Apparatus for Protecting SIMLock Information in an Electronic Device
First Claim
1. An electronic device comprising:
- a first memory for holding stored usage restriction data and a stored message authentication code for authenticating the stored usage restriction data;
a secure circuit holding a permanent device key; and
a cryptographic circuit connected to the secure circuit and operable, when non-securely accessed, to authenticate the stored usage restriction data using the stored message authentication code and the permanent device key but not operable to output a new message authentication code for the stored usage restriction data, and operable, when securely accessed, to generate a new message authentication code using the permanent key and changed usage restriction data that has been generated via authorized modification of the stored usage restriction data, and to output the new message authentication code for storage in the first memory along with the changed usage restriction data.
1 Assignment
0 Petitions
Accused Products
Abstract
The teachings herein present a method and apparatus for protecting usage restriction data that governs usage of an electronic device. A cryptographic circuit supports secure and non-secure accesses. When non-securely accessed, it is operable only to verify the stored usage restriction data, and, when securely accessed, it is operable to generate a new message authentication code for changed usage restriction data, for subsequent authentication of that data. The usage restriction data may be stored in non-secure memory and may include static and dynamic parts. One or more embodiments include a secure circuit indicating whether the device has been initialized. The cryptographic circuit outputs a message authentication code for the static part using a permanent device key from the secure circuit, only if the device has not been initialized, and outputs a message authentication code for the dynamic part as needed to support authorized changes to the dynamic part.
-
Citations
23 Claims
-
1. An electronic device comprising:
-
a first memory for holding stored usage restriction data and a stored message authentication code for authenticating the stored usage restriction data; a secure circuit holding a permanent device key; and a cryptographic circuit connected to the secure circuit and operable, when non-securely accessed, to authenticate the stored usage restriction data using the stored message authentication code and the permanent device key but not operable to output a new message authentication code for the stored usage restriction data, and operable, when securely accessed, to generate a new message authentication code using the permanent key and changed usage restriction data that has been generated via authorized modification of the stored usage restriction data, and to output the new message authentication code for storage in the first memory along with the changed usage restriction data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of protecting usage restriction data that governs usage of an electronic device comprising:
-
storing the usage restriction data as stored usage restriction data in a first memory of the electronic device, along with a stored message authentication code for authenticating the stored usage restriction data; storing a permanent device key in a secure circuit; if in a non-secure mode of operation, authenticating the stored usage restriction data using the stored message authentication code and the permanent device key but not generating any new message authentication codes for the stored usage restriction data; and if in a secure mode of operation, selectively generating a new message authentication code using the permanent key and changed usage restriction data that has been generated via authorized modification of the stored usage restriction data, and outputting the new message authentication code for storage in the first memory along with the changed usage restriction data. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
- 21. A method of protecting usage restriction data that governs usage of an electronic device comprising configuring a cryptographic circuit of the electronic device to perform only authentication of stored usage restriction data retrieved from a memory of the electronic device if the cryptographic circuit is non-securely accessed, and to perform generation of a new message authentication code for subsequent authentication of changed usage restriction data if the cryptographic circuit is securely accessed and commanded to perform said generation of the new message authentication code.
Specification