METHOD FOR PROTECTING DATA
First Claim
1. A method of protecting sensitive data comprising the steps of:
- during build time, hashing an image to produce a first hash;
combining sensitive data with the first hash to form a salt; and
storing the salt;
at runtime, hashing the image to produce a second hash;
retrieving the salt;
combining the second hash and the salt to recover the sensitive data;
combining a first value with the image; and
comprising the step of splitting the sensitive data into at least two portions, combining a first value with the image, combining a first portion of the sensitive data with the first hash to form a first salt and combining a second value with the image, combining a second portion of the sensitive data with the first hash to form a second salt.
3 Assignments
0 Petitions
Accused Products
Abstract
In the present disclosure, a hash function is computed over a known image, for example, an address range in a program. The result of the hash function is known to be the same at two distinct points in time, before the program is run, i.e. signing at build-time, and during the running of the program, i.e. run time. The value that the programmer wishes to hide, i.e. the secret value, is also known at build-time. At build-time, the secret value is combined with the hash in such a way that the combining operation can be reversed at run time. This combined value, i.e. the salt, is stored along with the program. Later, at runtime, the program computes the same hash value as was computed at signing time, and does the reverse combining operation in order to reveal the secret value.
-
Citations
25 Claims
-
1. A method of protecting sensitive data comprising the steps of:
-
during build time, hashing an image to produce a first hash; combining sensitive data with the first hash to form a salt; and storing the salt; at runtime, hashing the image to produce a second hash; retrieving the salt; combining the second hash and the salt to recover the sensitive data; combining a first value with the image; and comprising the step of splitting the sensitive data into at least two portions, combining a first value with the image, combining a first portion of the sensitive data with the first hash to form a first salt and combining a second value with the image, combining a second portion of the sensitive data with the first hash to form a second salt. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of protecting sensitive data comprising the steps of:
-
during build time, hashing an image to produce a first hash; hashing the first hash to produce a second hash; combining sensitive data with the second hash to produce a combined value; combining the first hash and the combined value to form a salt; and storing the salt; at runtime, hashing the image to produce a third hash; hashing the third hash to produce a fourth hash; retrieving the salt; combining the third hash and the salt to recover the combined value; comparing the second hash from the recovered combined value with the fourth hash and if they are the same; recovering the sensitive data from the remainder of the combined data. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. (canceled)
-
25. (canceled)
Specification