SECURITY HARDENING FOR A WI-FI ROUTER

US 20170180135A1
Filed: 12/22/2015
Published: 06/22/2017
Est. Priority Date: 12/22/2015
Status: Active Grant

First Claim

Patent Images

1. A router comprising:

a processor;

at least one network interface coupled to the processor configured to enable communications via one or more communication networks;

a memory for content and programming;

a program stored in the memory, wherein execution of the program by the processor configures the router to perform acts comprising, during a maintenance stage;

receiving a digital message;

determining whether the digital message has integrity;

determining whether a digital signature of the digital message is correct;

upon determining that at least one of;

(i) the digital message does not have integrity, and (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message;

upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct;

decrypting the digital message;

extracting a new firmware from the digital message; and

flashing an existing firmware in the memory with the new firmware.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system of securing the firmware of a router. Upon determining that a received digital message does not have integrity or the digital signature of the received digital message is not correct, the digital message is ignored or discarded. Otherwise the digital message is decrypted and a new firmware extracted therefrom. The existing firmware is then flashed with the new extracted firmware.

13 Citations

View as Search Results

20 Claims

1. A router comprising:
- a processor;
  
  at least one network interface coupled to the processor configured to enable communications via one or more communication networks;
  
  a memory for content and programming;
  
  a program stored in the memory, wherein execution of the program by the processor configures the router to perform acts comprising, during a maintenance stage;
  
  receiving a digital message;
  
  determining whether the digital message has integrity;
  
  determining whether a digital signature of the digital message is correct;
  
  upon determining that at least one of;
  
  (i) the digital message does not have integrity, and (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message;
  
  upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct;
  
  decrypting the digital message;
  
  extracting a new firmware from the digital message; and
  
  flashing an existing firmware in the memory with the new firmware.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The router of claim 1, wherein only firmware that prevents access via at least one of Telnet and SSH is used to flash the existing firmware in the memory with the new firmware.
  - 3. The router of claim 1, wherein execution of the program further configures the router to perform acts comprising, during a provisioning stage:
    - receiving a provisioning digital message from a firmware server, the provisioning digital message comprising;
      
      a digital certificate and an initial encrypted firmware that, when unencrypted and installed on the router, prevents unauthorized access to the firmware of the router.
  - 4. The router of claim 3, wherein the initial encrypted firmware has a symmetric key encryption.
  - 5. The router of claim 3, wherein execution of the program further configures the router to perform acts comprising, during a provisioning stage:
    - receiving a decryption key operative to decrypt the provisioning digital message received from the firmware server.
  - 6. The router of claim 5, wherein upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct, the decryption key is used to decrypt the digital message.
  - 7. The router of claim 3, wherein a new digital message is received by the router from the firmware server at predetermined intervals.
  - 8. The router of claim 3, further comprising a cellular broadband driver, and wherein a new digital message is received by the router from the firmware server via a cellular network.
  - 9. The router of claim 1, further comprising a security application stored in the memory, wherein the act of at least one of (i) determining whether the digital message has integrity, and (ii) determining whether the digital signature of the digital message is correct, is performed by the security application.
  - 10. The router of claim 1, wherein the act of determining whether the digital message has integrity, is based on determining whether the digital message is in a format of a firmware update.
  - 11. The router of claim 1, wherein the act of determining whether the digital signature of the digital message is correct, comprises comparing the digital signature of the digital message with a digital signature stored in the memory of the router.
  - 12. The router of claim 1, wherein the act of determining whether the digital message has integrity comprises performing at least one of:
    - (i) a cyclic redundancy check (CRC) and (ii) a message digest check.
  - 13. The router of claim 1, wherein the act of determining at least one of (i) whether the digital message does have integrity, and (ii) whether the digital signature of the digital message is correct, comprises:
    - sending the digital message to a remote authentication server; and
      
      receiving a confirmation from the remote authentication server that at least one of (i) the digital message does have integrity, and (ii) that the digital signature of the digital message is correct.

14. A non-transitory computer-readable medium having stored thereon a plurality of sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform a method of securing a firmware of a router, the method comprising:
- receiving a digital message;
  
  determining whether the digital message has integrity;
  
  determining whether a digital signature of the digital message is correct;
  
  upon determining that at least one of;
  
  (i) the digital message does not have integrity, and (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message;
  
  upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct;
  
  decrypting the digital message;
  
  extracting a new firmware from the digital message; and
  
  flashing an existing firmware in the memory with the new firmware.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14, further comprising:
    - receiving a provisioning digital message from a firmware server, the provisioning digital message including a digital certificate and an initial encrypted firmware that, when unencrypted and installed on the router, is operative to prevent unauthorized access to the firmware of the router.
  - 16. The method of claim 15, further comprising, in a provisioning stage receiving a decryption key operative to decrypt the provisioning digital message received from the firmware server.
  - 17. The method of claim 16, wherein upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct, decrypting the digital message with the decryption key.
  - 18. The method of claim 15, wherein a new digital message is received by the router from the firmware server via a cellular network.
  - 19. The method of claim 14, wherein the act of determining whether the digital message has integrity, is based on determining whether the digital message is in a format of a firmware update.
  - 20. The method of claim 14, wherein the act of determining whether the digital signature of the digital message is correct, comprises comparing the digital signature of the digital message with a digital signature stored in the memory of the router.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Original Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Inventors
Hodroj, Samir

Granted Patent

US 9,998,285 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/572   Secure firmware programming...

G06F 8/654   using techniques specially ...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04W 12/10   Integrity

H04W 12/12   Detection or prevention of ...

H04W 12/35   Protecting application or s...

H04W 84/12   WLAN [Wireless Local Area N...

SECURITY HARDENING FOR A WI-FI ROUTER

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SECURITY HARDENING FOR A WI-FI ROUTER

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others