Secure End-of-Life Handling of Electronic Devices

US 20090164800A1
Filed: 12/21/2007
Published: 06/25/2009
Est. Priority Date: 12/21/2007
Status: Active Grant

First Claim

Patent Images

1. An electronic device, comprising:

a communications interface;

a secure memory storing a secret key; and

a cryptographic circuit, operatively coupled to the secure memory and the communications interface and configured to(a) calculate a verification token from the secret key, using a first cryptographic operation,(b) calculate an identification token from the verification token, using a second cryptographic operation,(c) output the identification token to the communications interface, responsive to a first command received via the communications interface, and(d) output the verification token to the communications interface, responsive to a second command received via the communications interface, only if a predetermined functionality of the electronic device has been disabled.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus for verifying that an electronic device has been disabled are disclosed. An exemplary electronic device includes a communications interface, a secure memory, storing a secret key, and a cryptographic circuit configured to calculate a verification token from the secret key, using a first cryptographic operation. The cryptographic circuit is further configured to calculate an identification token from the verification token, using a second cryptographic operation. The cryptographic circuit is further configured to output the identification token in response to a first command received via the communications interface. The verification token is output to the communications interface only if a predetermined functionality of the electronic device has been disabled. The electronic device may further comprise a disabling circuit configured to disable the predetermined functionality in response to a disable command.

79 Citations

View as Search Results

22 Claims

1. An electronic device, comprising:
- a communications interface;
  
  a secure memory storing a secret key; and
  
  a cryptographic circuit, operatively coupled to the secure memory and the communications interface and configured to(a) calculate a verification token from the secret key, using a first cryptographic operation,(b) calculate an identification token from the verification token, using a second cryptographic operation,(c) output the identification token to the communications interface, responsive to a first command received via the communications interface, and(d) output the verification token to the communications interface, responsive to a second command received via the communications interface, only if a predetermined functionality of the electronic device has been disabled.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The electronic device of claim 1, further comprising a disabling circuit configured to disable the predetermined functionality of the electronic device in response to a disable command received via the communications interface.
  - 3. The electronic device of claim 2, wherein the cryptographic circuit is configured to output the verification token in response to the disable command.
  - 4. The electronic device of claim 2, wherein the disabling circuit comprises at least one electronic fuse, wherein the electronic fuse is opened in response to the disable command.
  - 5. The electronic device of claim 1, wherein the first or second cryptographic operation, or both, comprises a cryptographic hash function.
  - 6. The electronic device of claim 1, wherein the first or second cryptographic operation, or both, comprises a cryptographic message authentication code (MAC) function.
  - 7. The electronic device of claim 1, wherein the cryptographic circuit is configured to calculate the verification token from the secret key and a predetermined data string, using a cryptographic message authentication code (MAC) function, and wherein the cryptographic circuit is configured to calculate the identification token from the verification token using a cryptographic hash function.

8. A method for verifying disabling of an electronic device, comprising:
- calculating a verification token from a secret key stored in the electronic device, using a first cryptographic operation;
  
  calculating an identification token from the verification token, using a second cryptographic operation; and
  
  outputting the identification token from the electronic device, responsive to a first command; and
  
  outputting the verification token from the electronic device, responsive to a second command, only if a predetermined functionality of the electronic device has been disabled.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, further comprising disabling the predetermined functionality of the electronic device in response to a disable command.
  - 10. The method of claim 9, wherein the second command is the disable command.
  - 11. The method of claim 9, wherein disabling the predetermined functionality of the electronic device comprises opening at least one electronic fuse.
  - 12. The method of claim 8, wherein the first or second cryptographic operation, or both, comprises a cryptographic hash function.
  - 13. The method of claim 8, wherein the first or second cryptographic operation, or both, comprises a cryptographic message authentication code (MAC) function.
  - 14. The method of claim 8, wherein calculating the verification token comprises calculating the verification token from the secret key and a predetermined data string, using a cryptographic message authentication code (MAC) function, and wherein calculating the identification token comprises calculating the identification token from the verification token using a cryptographic hash function.

15. A system for verifying that an electronic device has been disabled, comprising:
- a database comprising identification tokens corresponding to a plurality of electronic devices, wherein each identification token is cryptographically generated from a secret key in the corresponding electronic device; and
  
  a verification module configured to(a) receive a verification token cryptographically generated from the secret key in one of the plurality of electronic devices,(b) calculate a candidate identifier from the verification token, using a cryptographic operation, and(c) compare the candidate identifier to one or more of the identification tokens to determine whether the verification token is valid.
- View Dependent Claims (16, 17, 18)
- - 16. The system of claim 15, wherein the cryptographic operation comprises a cryptographic hash function.
  - 17. The system of claim 15, wherein the cryptographic operation comprises a cryptographic message authentication code (MAC) function.
  - 18. The system of claim 15, wherein the verification module is further configured to:
    - receive a serial number corresponding to the one of the plurality of electronic devices;
      
      retrieve a target identification token from the database of identification tokens, using the serial number; and
      
      compare the candidate identifier to the target identification token to determine whether the verification token is valid.

19. A method for verifying that an electronic device has been disabled, comprising:
- receiving a verification token cryptographically generated from a secret key in one of a plurality of electronic devices;
  
  calculating a candidate identifier from the verification token, using a cryptographic operation; and
  
  comparing the candidate identifier to one or more of a plurality of stored identification tokens corresponding to the plurality of electronic devices, wherein each identification token is cryptographically generated from the secret key in the corresponding electronic device, to determine whether the verification token is valid.
- View Dependent Claims (20, 21, 22)
- - 20. The method of claim 19, wherein the cryptographic operation comprises a cryptographic hash function.
  - 21. The method of claim 19, wherein the cryptographic operation comprises a cryptographic message authentication code (MAC) function.
  - 22. The method of claim 19, further comprising:
    - receiving a serial number corresponding to the one of the plurality of electronic devices; and
      
      retrieving a target identification token from the database of stored identification tokens, using the serial number;
      
      wherein comparing the candidate identifier to one or more of a plurality of stored identification tokens comprises comparing the candidate identifier to the target identification token to determine whether the verification token is valid.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Johansson, Petri Mikael, Stahl, Per

Granted Patent

US 8,060,748 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/72   in cryptographic circuits

G06F 21/74   operating in dual or compar...

G06F 21/76   in application-specific int...

G06F 21/88   Detecting or preventing the...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2105   Dual mode as a secondary as...

Secure End-of-Life Handling of Electronic Devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

79 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure End-of-Life Handling of Electronic Devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links