Methods and Apparatus for Batch Bound Authentication

US 20090086981A1
Filed: 09/28/2007
Published: 04/02/2009
Est. Priority Date: 09/28/2007
Status: Active Grant

First Claim

Patent Images

1. A method for verifying data and hardware in a processing system, the method comprising:

reading a processor identifier from a processor in a processing system;

determining whether the processor belongs to a predetermined set of processors associated with a specific vendor, based at least in part on the identifier;

automatically determining whether system firmware in the processing system is authentic, based at least in part on a digital signed message in the processing system; and

determining whether or not to execute the system firmware, based at least in part on the determinations of whether the processor belongs to the predetermined set of processors and whether the system firmware is authentic;

wherein the digitally signed message involves a digital signature applied to a message comprising;

data to identify the system firmware; and

data to identify the predetermined set of processors associated with the specific vendor.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A processing system may include a processing unit and nonvolatile storage responsive to the processing unit. The nonvolatile storage may include a candidate boot code module and an authentication code module. The processing unit may be configured to execute code from the authentication code module before executing code from the candidate boot code module. The authentication code module may have instructions which, when executed by the processing unit, cause the processing unit to read a processor identifier from the processing unit and determine whether the processor belongs to a predetermined set of processors associated with a specific vendor, based at least in part on the identifier, before executing any instructions from the candidate boot code module. The processing system may also test authenticity of the candidate boot code module before executing any instructions from the candidate boot code module. Other embodiments are described and claimed.

36 Citations

View as Search Results

20 Claims

1. A method for verifying data and hardware in a processing system, the method comprising:
- reading a processor identifier from a processor in a processing system;
  
  determining whether the processor belongs to a predetermined set of processors associated with a specific vendor, based at least in part on the identifier;
  
  automatically determining whether system firmware in the processing system is authentic, based at least in part on a digital signed message in the processing system; and
  
  determining whether or not to execute the system firmware, based at least in part on the determinations of whether the processor belongs to the predetermined set of processors and whether the system firmware is authentic;
  
  wherein the digitally signed message involves a digital signature applied to a message comprising;
  
  data to identify the system firmware; and
  
  data to identify the predetermined set of processors associated with the specific vendor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A method according to claim 1, wherein the digitally signed message comprises a message signed using a shared secret technique.
  - 3. A method according to claim 1, wherein the digitally signed message comprises a message signed using a public key encryption technique.
  - 4. A method according to claim 1, further comprising:
    - automatically allowing the processing system to boot in response to determinations that the processor belongs to the predetermined set of processors and the system firmware is authentic; and
      
      automatically terminating a boot process in response to a determination that processor does not belong to the predetermined set of processors or the system firmware is not authentic.
  - 5. A method according to claim 1, wherein the operation of determining whether the processor belongs to the predetermined set of processors associated with the specific vendor comprises:
    - determining whether the processor identifier belongs to a set of processor identifiers assigned to the specific vendor by a processor manufacturer.
  - 6. A method according to claim 1, wherein the operation of determining whether the processor belongs to the predetermined set of processors associated with the specific vendor comprises:
    - obtaining a batch identifier from non-volatile storage in the processing system, wherein the batch identifier defines a batch of processors assigned to the specific vendor by a processor manufacturer; and
      
      determining whether the processor has been assigned to the specific vendor by the processor manufacturer, based at least in part on the processor identifier and the batch identifier.
  - 7. A method according to claim 1, further comprising:
    - before determining whether the processor belongs to the predetermined set of processors, retrieving the data to identify the predetermined set of processors from an augmented authentication code module (AACM) in the processing system.
  - 8. A method according to claim 1, wherein the system firmware comprises a basic input/output system (BIOS).

9. A processing system comprising:
- a processor with a processor identifier;
  
  at least one nonvolatile storage component responsive to the processor;
  
  a candidate boot code module in the at least one nonvolatile storage component; and
  
  an authentication code module in the at least one nonvolatile storage component;
  
  the processor configured to execute code from the authentication code module before executing code from the candidate boot code module; and
  
  wherein the authentication code module comprises instructions which, when executed by the processor, cause the processing system to perform operations comprising;
  
  reading the processor identifier from the processor;
  
  determining whether the processor belongs to a predetermined set of processors associated with a specific vendor, based at least in part on the processor identifier, before executing any instructions from the candidate boot code module; and
  
  testing authenticity of the candidate boot code module before executing any instructions from the candidate boot code module.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. A processing system according to claim 9, wherein:
    - the authentication code module further comprises a secret key of the specific vendor; and
      
      the candidate boot code module comprises a firmware image, signed using the secret key.
  - 11. A processing system according to claim 10, wherein:
    - the secret key of the specific vendor comprises a symmetric cryptographic key.
  - 12. A processing system according to claim 10, wherein:
    - the secret key of the specific vendor comprises an asymmetric cryptographic key.
  - 13. A processing system according to claim 9, wherein the instructions in the authentication code module comprises preliminary boot instructions which, when executed by the processor, cause the processing system to perform operations comprising:
    - automatically allowing the processing system to boot in response to determinations that the processor belongs to the predetermined set of processors and the candidate boot code module is authentic; and
      
      automatically terminating a boot process in response to a determination that processor does not belong to the predetermined set of processors or the candidate boot code module is not authentic.
  - 14. A processing system according to claim 9, wherein the operation of determining whether the processor belongs to the predetermined set of processors associated with the specific vendor comprises:
    - determining whether the processor identifier belongs to a set of processor identifiers assigned to the specific vendor by a processor vendor.
  - 15. A processing system according to claim 9, wherein the operation of determining whether the processor belongs to the predetermined set of processors associated with the specific vendor comprises:
    - obtaining a batch identifier from the at least one nonvolatile storage component, wherein the batch identifier defines a batch of processors assigned to the specific vendor by a processor vendor; and
      
      determining whether the processor has been assigned to the specific vendor by the processor vendor, based at least in part on the processor identifier and the batch identifier.

16. An apparatus comprising:
- a machine-accessible medium; and
  
  an authentication code module in the machine-accessible medium, wherein the authentication code module comprises instructions which, when executed by a processor of a processing system, cause the processing system to perform operations comprising;
  
  reading a processor identifier from the processor;
  
  determining whether the processor belongs to a predetermined set of processors associated with a particular vendor, based at least in part on the processor identifier; and
  
  testing authenticity of a candidate boot code module before executing any instructions from the candidate boot code module.
- View Dependent Claims (17, 18, 19, 20)
- - 17. An apparatus according to claim 16, wherein the authentication code module further comprises:
    - a batch identifier to define a batch of processors assigned to the particular vendor by a processor vendor.
  - 18. An apparatus according to claim 16, wherein the authentication code module further comprises:
    - a digitally signed message involving a digital signature applied to a message comprising data to identify approved system firmware.
  - 19. An apparatus according to claim 16, wherein the authentication code module further comprises:
    - a digitally signed message involving a digital signature applied to a message comprising;
      
      data to identify approved system firmware; and
      
      a batch identifier to define a batch of processors assigned to the particular vendor by a processor vendor.
  - 20. An apparatus according to claim 19, wherein the authentication code module further comprises:
    - a digital key associated with the digitally signed message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Kumar, Mohan J., Gueron, Shay

Granted Patent

US 8,068,614 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/285
CPC Class Codes

G06F 21/572 Secure firmware programming...

G06F 21/575 Secure boot

Methods and Apparatus for Batch Bound Authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

36 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and Apparatus for Batch Bound Authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links