Secure Boot Method and Method for Generating a Secure Boot Image

US 20120210115A1
Filed: 10/24/2011
Published: 08/16/2012
Est. Priority Date: 02/11/2011
Status: Active Grant

First Claim

Patent Images

1. A secure boot method, comprising:

verifying, by an initial boot loader, a first digital signature included in a first boot loader using a public key;

executing the first boot loader upon determining the first digital signature to be valid;

verifying, by the first boot loader, a first message authentication code included in a second boot loader using a unique key; and

executing the second boot loader upon determining the first message authentication code to be valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a secure boot method, an initial boot loader verifies a first digital signature included in a first boot loader using a public key. The first boot loader is executed if the first digital signature is valid. The first boot loader verifies a first message authentication code included in a second boot loader using a unique key. The second boot loader is executed if the first message authentication code is valid.

Citations

21 Claims

1. A secure boot method, comprising:
- verifying, by an initial boot loader, a first digital signature included in a first boot loader using a public key;
  
  executing the first boot loader upon determining the first digital signature to be valid;
  
  verifying, by the first boot loader, a first message authentication code included in a second boot loader using a unique key; and
  
  executing the second boot loader upon determining the first message authentication code to be valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The secure boot method of claim 1, wherein verifying the first digital signature comprises:
    - reading the public key from a public key storing unit; and
      
      checking integrity of an execution image included in the first boot loader by verifying the first digital signature using the read public key.
  - 3. The secure boot method of claim 1, wherein verifying the first message authentication code comprises:
    - reading the unique key from a unique key storing unit;
      
      generating a message authentication code using the read unique key and an execution image included in the second boot loader; and
      
      comparing the generated message authentication code to the first message authentication code.
  - 4. The secure boot method of claim 3, wherein the unique key is read from the unique key storing unit via a unique key firewall, andwherein the unique key firewall is configured to block an access to the unique key storing unit after a boot operation is completed.
  - 5. The secure boot method of claim 3, wherein the unique key storing unit is a secure peripheral device inaccessible after a boot operation is completed.
  - 6. The secure boot method of claim 3, wherein a physical address of the unique key storing unit is not included in mapping information managed by a memory management unit.
  - 7. The secure boot method of claim 1, further comprising:
    - reading the public key from a public key storing unit; and
      
      verifying a second digital signature included in the second boot loader using the read public key,wherein the second boot loader is executed upon determining the first message authentication code and the second digital signature to be valid.
  - 8. The secure boot method of claim 1, further comprising:
    - verifying a second digital signature included in the second boot loader using a public key included in the first boot loader,wherein the second boot loader is executed upon determining the first message authentication code and the second digital signature to be valid.
  - 9. The secure boot method of claim 1, further comprising:
    - comparing, by the second boot loader, first purpose information included in the first boot loader to second purpose information included in the second boot loader; and
      
      terminating a system upon determining a mismatch between the first purpose information and the second purpose information.
  - 10. The secure boot method of claim 1, further comprising:
    - comparing a first build number included in the second boot loader stored in a nonvolatile memory device to a second build number included in an update boot loader stored in a volatile memory device;
      
      overwriting the second boot loader with the update boot loader in the nonvolatile memory device upon determining that the second build number is higher than the first build number;
      
      generating a message authentication code using the unique key and an execution image included in the update boot loader; and
      
      writing the generated message authentication code as the first message authentication code to the update boot loader stored in the nonvolatile memory device.
  - 11. The secure boot method of claim 1, further comprising:
    - verifying, by the second boot loader, a second message authentication code included in a kernel using the unique key; and
      
      executing the kernel upon determining the second message authentication code to be valid.

12. A method of generating a secure boot image of a system performing a secure boot operation, the method comprising:
- writing a boot image and a preliminary boot image to a nonvolatile memory device included in the system;
  
  verifying, by an initial boot loader, a digital signature included in the boot image using a public key;
  
  executing the boot image upon determining the digital signature to be valid;
  
  requesting, by the boot image, an authentication; and
  
  generating an execution boot image based on the preliminary boot image and a message authentication code generated using a unique key.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The method of claim 12, wherein the unique key is unique to the boot image among a plurality of copies of the boot image.
  - 14. The method of claim 12, wherein requesting the authentication comprises:
    - receiving a first password; and
      
      comparing the first password to a second password included in the boot image.
  - 15. The method of claim 12, wherein requesting the authentication comprises:
    - generating an encrypted message by encrypting an original message using a public authentication key included in the boot image;
      
      generating a response message by decrypting the encrypted message using a private authentication key corresponding to the public authentication key; and
      
      comparing the response message to the original message.
  - 16. The method of claim 12, wherein the preliminary boot image includes a first preliminary boot loader, a second preliminary boot loader and a preliminary kernel, and wherein generating the execution boot image comprises:
    - removing the boot image from the nonvolatile memory device;
      
      moving the first preliminary boot loader, the second preliminary boot loader and the preliminary kernel to locations corresponding to a first boot loader, a second boot loader and a kernel in the nonvolatile memory device, respectively; and
      
      writing a first message authentication code and a second message authentication code to the moved second preliminary boot loader and the moved preliminary kernel, respectively.

17. A secure boot system comprising:
- an integrated circuit comprising;
  
  a processor for executing a boot image having a message authentication code and a digital signature; and
  
  a unique key storing unit storing a unique key for authenticating the message authentication code.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The secure boot system of claim 17, wherein the unique key storing unit further comprises:
    - a memory device storing the unique key;
      
      a unique key firewall; and
      
      a control circuit controlling the unique key firewall not to output the unique key after a boot operation is completed by the secure boot system.
  - 19. The secure boot system of claim 18, wherein the memory device is one-time programmable.
  - 20. The secure boot system of claim 17, wherein the processor further comprises a secure kernel in communication with the unique key storing unit.
  - 21. The secure boot system of claim 17, further comprising a memory management unit disposed between the processor and the unique key storing unit, wherein the memory management unit does not store a physical address of the unique key storing unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Kang, Myung-Hee, Park, Dong-Jin, Jang, Won-Churl

Granted Patent

US 8,914,627 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/2
CPC Class Codes

G06F 21/575   Secure boot

G06F 2221/034   Test or assess a computer o...

G06F 9/4401   Bootstrapping security arra...

H04L 9/3242   involving keyed hash functi...

H04L 9/3247   involving digital signatures

H04W 12/06   Authentication

Secure Boot Method and Method for Generating a Secure Boot Image

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Secure Boot Method and Method for Generating a Secure Boot Image

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links