TAMPER-PROTECTED HARDWARE AND METHOD FOR USING SAME

US 20160359636A1
Filed: 08/19/2016
Published: 12/08/2016
Est. Priority Date: 03/11/2011
Status: Active Grant

First Claim

Patent Images

1. A method for generating a software module, the method comprising:

providing an entity block to be included to the software module, the entity block providing an executable piece of software,generating a fingerprint of the entity block using a hash function, wherein the fingerprint allows the verification of the integrity of the entity block,encrypting the fingerprint using the private key of a public key pair, to thereby generate a digital signature of the entity block,combining the entity block and the encrypted fingerprint to form an integrity protected entity block,encrypting the integrity protected entity block using a random secret key to thereby form an encrypted and integrity protected entity block,encrypting the random secret key using the private key of a public key pair, andgenerating the software module by combining the encrypted and integrity protected entity block, and the encrypted random secret key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One of the various aspects of the invention is related to suggesting various techniques for improving the tamper-resistibility of hardware. The tamper-resistant hardware may be advantageously used in a transaction system that provides the off-line transaction protocol. Amongst these techniques for improving the tamper-resistibility are trusted bootstrapping by means of secure software entity modules, a new use of hardware providing a Physical Unclonable Function, and the use of a configuration fingerprint of a FPGA used within the tamper-resistant hardware.

74 Citations

View as Search Results

17 Claims

1. A method for generating a software module, the method comprising:
- providing an entity block to be included to the software module, the entity block providing an executable piece of software,generating a fingerprint of the entity block using a hash function, wherein the fingerprint allows the verification of the integrity of the entity block,encrypting the fingerprint using the private key of a public key pair, to thereby generate a digital signature of the entity block,combining the entity block and the encrypted fingerprint to form an integrity protected entity block,encrypting the integrity protected entity block using a random secret key to thereby form an encrypted and integrity protected entity block,encrypting the random secret key using the private key of a public key pair, andgenerating the software module by combining the encrypted and integrity protected entity block, and the encrypted random secret key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, wherein the integrity protected entity block is encrypted using symmetric-key encryption.
  - 3. The method according to claim 1, further comprising the step of compressing the entity block prior to encrypting and combining the entity block and the encrypted fingerprint thereof to form the integrity protected entity block.
  - 4. The method according to claim 1, wherein the entity block of the software module comprises instructions to execute another software module.
  - 5. The method according to claim 4, wherein the instructions enable:
    - decryption of an encrypted random secret key of the other software module,decryption of the encrypted and integrity protected entity block of the other software module using the decrypted random secret key, to thereby obtain an integrity protected entity block of the other software module,decryption of an encrypted fingerprint comprised in the integrity protected entity block of the other software module andgeneration of another fingerprint of the entity block using the same hash function as used to generate the encrypted fingerprint of the other software module,verification of the integrity of the entity block of the integrity protected entity block of the other software module by comparing the decrypted fingerprint with the other generated fingerprint, andexecution of the entity block of the other software module, only in case the integrity of the entity block of the other software module is verified.
  - 6. The method according to claim 1, wherein the private key used for encrypting the fingerprint is different from the private key used for encrypting the random secret key.
  - 7. The method according to claim 6, wherein the public keys corresponding to the private keys for encrypting the fingerprint and random secret key, respectively, are signed by a root certification authority using a private signing key of a signing key pair, the public key of which is provided immune to counterfeit in a device to execute the software module.

8. A method for bootstrapping a hardware by executing a set of software modules in a given order, the method comprising:
- a) decrypting an encrypted random secret key of one of said set of software modules to be executed next,b) decrypting an encrypted and integrity protected entity block of the software module to be executed next, using the decrypted random secret key, to thereby obtain an integrity protected entity block of the software module to be executed,c) decrypting an encrypted fingerprint comprised in the integrity protected entity block of the software module to be executed next, andd) generating another fingerprint of the entity block using the same hash function as used to generate the encrypted fingerprint,e) verifying the integrity of the entity block of the integrity protected entity block of the software module to be executed next by comparing the fingerprint decrypted in step c) with the fingerprint generated in step d), andf) only in case the integrity of the entity block of the software module to be executed next is successfully verified, executing the entity block of the software module to be executed next,wherein steps a) to f) are performed for each software module of the set of software modules thereby realizing a chain of trust.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method according to claim 8, wherein the functionality to perform steps a) to f) for the first software module of the set of software modules is implemented in hardware.
  - 10. The method according to claim 8, further comprising:
    - g) obtaining a certificate comprising one or more public keys, wherein the one or more public keys are signed by a root certification authority using a private signing key of a signing key pair, the public key of which is provided immune to counterfeit in the hardware, andh) verifying integrity of the one or more public keys comprises in the certificate using the public key provided immune to counterfeit in the hardware, andwherein one verified public key of the certificate is used for decrypting the encrypted random secret key in step a) and one verified public key of the certificate is used for decrypting the encrypted fingerprint in step c).
  - 11. The method according to claim 10, wherein the functionality to perform steps g) and h) for the first software module of the set of software modules is implemented in hardware.
  - 12. The method according to claim 8, wherein the functionality to perform steps a) to h) for a software module other than the first software module is implemented in hardware within the hardware or is implemented in software within the entity block of the software module executed prior to said given software module.
  - 13. The method according to claim 8, wherein the unsuccessful execution of one or more of steps a) to h) results in interrupting the bootstrapping of the hardware thereby making it temporarily or permanently unusable.
  - 14. The method according to claim 8, wherein the hardware is a tamper-protected hardware module and the functionality provided by the software modules includes at least one of:
    - an interface filter for cooperating with a filter controller of the tamper-protected hardware module and for controlling messages exchanged via an input/output (I/O)-interface of the tamper-protected hardware module for interfacing with a host device comprising the tamper-protected hardware module,a license check module implementing an Identification Friend or Foe (IFF) functionality to analyze the local tamper-protected hardware module,an initial program loader module to coordinate the boot process,an embedded operation system kernel to handle the various operations of the tamper-protected hardware module'"'"'s application module,an implementation of an off-line transaction protocol for a transfer of electronic tokens between two tamper-protected hardware modules, andtermination handler of the off-line transaction protocol, in case of an interruption of the execution of the off-line transaction protocol, including a generation of a proof of loss of electronic tokens in response to the off-line transaction protocol terminating in an unfair state.trusted time source handler comprised in the tamper-protected hardware module,on-line refresh handler of the trusted time source,initialization handler of the I/O-key-unit for real-time I/O-encryption and decryption of information exchanged via an I/O-interface of the tamper-protected hardware module,compensation handler for a loss of electronic tokens using a proof of loss of electronic tokens provided in response to the off-line transaction protocol terminating in an unfair state, anda die-wrapping cocoon fingerprint checking handler of the tamper-protected hardware module, wrapped by said cocoon.
  - 15. The method according to claim 8, further comprising receiving an update of one or more of the software modules from a third party.

16. A device comprising:
- a memory adapted to store a set of set of software modules that are to be executed in a given order; and
  
  a processor adapted to perform the following operations;
  
  a) decrypting an encrypted random secret key of one of said set of software modules to be executed next,b) decrypting an encrypted and integrity protected entity block of the software module to be executed next, using the decrypted random secret key, to thereby obtain an integrity protected entity block of the software module to be executed,c) decrypting an encrypted fingerprint comprised in the integrity protected entity block of the software module to be executed next, andd) generating another fingerprint of the entity block using the same hash function as used to generate the encrypted fingerprint,e) verifying the integrity of the entity block of the integrity protected entity block of the software module to be executed next by comparing the fingerprint decrypted in step c) with the fingerprint generated in step d), andf) only in case the integrity of the entity block of the software module to be executed next is successfully verified, executing the entity block of the software module to be executed next,wherein the processor performs the operations a) to f) are performed for each software module of the set of software modules thereby realizing a chain of trust.

17. A device comprising:
- a memory adapted to store an entity block to be included to the software module, the entity block providing an executable piece of software, anda processor adapted to perform the following operations;
  
  generating a fingerprint of the entity block using a hash function, wherein the fingerprint allows the verification of the integrity of the entity block,encrypting the fingerprint using the private key of a public key pair, to thereby generate a digital signature of the entity block,combining the entity block and the encrypted fingerprint to form an integrity protected entity block,encrypting the integrity protected entity block using a random secret key to thereby form an encrypted and integrity protected entity block,encrypting the random secret key using the private key of a public key pair, andgenerating the software module by combining the encrypted and integrity protected entity block, and the encrypted random secret key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emsycon GmbH
Original Assignee
Emsycon GmbH
Inventors
Kreft, Heinz

Granted Patent

US 9,893,898 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 21/45   Structures or tools for the...

G06F 21/57   Certifying or maintaining t...

G06F 21/71   to assure secure computing ...

G06F 21/73   by creating or determining ...

G06F 21/87   by means of encapsulation, ...

G06Q 20/223   based on the use of peer-to...

G06Q 20/3821   Electronic credentials

G06Q 20/3825   Use of electronic signatures

G09C 1/00   Apparatus or methods whereb...

H04L 2209/56   Financial cryptography, e.g...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0861   Generation of secret inform...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3239   involving non-keyed hash fu...

H04L 9/3247   involving digital signatures

H04L 9/3263 : involving certificates, e.g...

H04L 9/3268 : using certificate validatio...

H04L 9/3278 : using physically unclonable...

View All

TAMPER-PROTECTED HARDWARE AND METHOD FOR USING SAME

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

74 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

TAMPER-PROTECTED HARDWARE AND METHOD FOR USING SAME

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

74 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links