SYSTEM AND METHOD FOR GENERATING SECURED AUTHENTICATION IMAGE FILES FOR USE IN DEVICE AUTHENTICATION

US 20100268946A1
Filed: 03/06/2007
Published: 10/21/2010
Est. Priority Date: 03/27/2006
Status: Active Grant

First Claim

Patent Images

1. A method for generating a secure authentication image file, comprising:

reserving a plurality of key address locations in a raw memory image file;

receiving the raw memory image file and the key address location in a key merger application;

receiving a secure key data in the key merger application;

merging the secure key data into the raw memory image file to generate the secure authentication image file; and

erasing the secure key data and the raw memory image file.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure authentication image file is generated for use in authenticating a device. The device performs a secure authentication algorithm on the secure authentication image file and a received plaintext challenge, and outputs a cyphertext response. If the cyphertext response matches a pre-stored cyphertext string associated with the plaintext challenge, then the device is authenticated. The secure authentication image file is pre-generated in a secure environment. A plurality of key address locations are reserved in a raw memory image file. A key merger application merges the secure key data into the raw memory image file to generate a secure authentication image file. A test set of plaintext/cyphertext pairs are generated using the newly created secure authentication image file. To maintain security of the secure authentication image file, the secure key data and the raw memory image file are erased from a working memory. The test set of plaintext/cyphertext pairs are used to verify a production device containing the secure authentication image file.

49 Citations

View as Search Results

19 Claims

1. A method for generating a secure authentication image file, comprising:
- reserving a plurality of key address locations in a raw memory image file;
  
  receiving the raw memory image file and the key address location in a key merger application;
  
  receiving a secure key data in the key merger application;
  
  merging the secure key data into the raw memory image file to generate the secure authentication image file; and
  
  erasing the secure key data and the raw memory image file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the merging comprises:
    - inserting the secure key data into the plurality of key address locations of the raw memory image file
  - 3. The method of claim 1, wherein the plurality of key address locations are distributed within the raw memory image file in a plurality of non-adjacent random memory locations.
  - 4. The method of claim 1, further comprising:
    - programming the secure authentication image file in a secured processor in an accessory.
  - 5. The method of claim 1, wherein the step of reserving a plurality of key address locations in a raw memory image file further comprises:
    - filling the raw memory image file with test data.
  - 6. The method of claim 1, wherein the raw memory image file is the same size as the secure authentication image file.
  - 7. The method of claim 1, wherein the secure authentication image file further includes an authentication algorithm including a hash function.
  - 8. The method of claim 7, further comprising:
    - generating a set of plaintext challenges;
      
      inputting each plaintext challenge of the set of plaintext challenges into the authentication algorithm;
      
      generating a corresponding each cyphertext response from the hash function for the each plaintext challenge; and
      
      storing the each plaintext challenge and the corresponding each cyphertext response as a test vector pair of a resulting set of test vector pairs.
  - 9. The method of claim 8, wherein the set of plaintext challenges are randomly generated plaintext strings.
  - 10. The method of claim 8, wherein the secure authentication image file is programmed in a secured processor in an accessory, further comprising:
    - sending the each plaintext challenge of the set of plaintext challenges to the secured processor of the accessory;
      
      awaiting an accessory response to the each plaintext challenge; and
      
      verifying that the accessory response to the each plaintext challenge matches the corresponding each cyphertext response of the set of text vector pairs.

11. A system for generating a secure authentication image file, comprising:
- a memory for storing a raw memory image file and a secure authentication image file;
  
  a user input for receiving a secure key data;
  
  a processor coupled to the user input and to the memory, the processor comprising;
  
  a key merger application for reserving a plurality of key address locations in the raw memory image file, and for merging the secure key data into the raw memory image file to generate the secure authentication image file, and for erasing the secure key data and the raw memory image file after completion of the generation of the secure authentication image file.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system of claim 11, wherein the key merger application inserts the secure key data into the plurality of key address locations of the raw memory image file.
  - 13. The system of claim 11, wherein the plurality of key address locations are distributed within the raw memory image file in a plurality of non-adjacent random memory locations.
  - 14. The system of claim 11, wherein the raw memory image file further comprises test data.
  - 15. The system of claim 11, wherein the raw memory image file is the same size as the secure authentication image file.
  - 16. The system of claim 11, wherein the secure authentication image file further includes an authentication algorithm including a hash function.
  - 17. The system of claim 16, wherein the processor further generates a set of plaintext challenges, inputs each plaintext challenge of the set of plaintext challenges into the authentication algorithm, and stores a corresponding each cyphertext response from the hash function for the each plaintext challenge.
  - 18. The system of claim 17, wherein the set of plaintext challenges are randomly generated plaintext strings.

19. A method for generating a secure authentication image file, comprising:
- identifying a plurality of key address locations distributed in a plurality of non-adjacent random memory locations in a raw memory image file;
  
  receiving the raw memory image file and the plurality of key address locations in a key merger application;
  
  receiving a secure key data in the key merger application; and
  
  inserting the secure key data into the plurality of key address locations of the raw memory image file to generate a secure authentication image file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Kyocera Corporation
Inventors
TAYLOR, John P.

Granted Patent

US 8,301,888 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

H04M 1/72409   by interfacing with externa...

SYSTEM AND METHOD FOR GENERATING SECURED AUTHENTICATION IMAGE FILES FOR USE IN DEVICE AUTHENTICATION

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

19 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR GENERATING SECURED AUTHENTICATION IMAGE FILES FOR USE IN DEVICE AUTHENTICATION

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

19 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others