SECURITY HARDENING FOR A WI-FI ROUTER
First Claim
Patent Images
1. A router comprising:
- a processor;
at least one network interface coupled to the processor configured to enable communications via one or more communication networks;
a memory for content and programming;
a program stored in the memory, wherein execution of the program by the processor configures the router to perform acts comprising, during a maintenance stage;
receiving a digital message;
determining whether the digital message has integrity;
determining whether a digital signature of the digital message is correct;
upon determining that at least one of;
(i) the digital message does not have integrity, and (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message;
upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct;
decrypting the digital message;
extracting a new firmware from the digital message; and
flashing an existing firmware in the memory with the new firmware.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system of securing the firmware of a router. Upon determining that a received digital message does not have integrity or the digital signature of the received digital message is not correct, the digital message is ignored or discarded. Otherwise the digital message is decrypted and a new firmware extracted therefrom. The existing firmware is then flashed with the new extracted firmware.
13 Citations
20 Claims
-
1. A router comprising:
-
a processor; at least one network interface coupled to the processor configured to enable communications via one or more communication networks; a memory for content and programming; a program stored in the memory, wherein execution of the program by the processor configures the router to perform acts comprising, during a maintenance stage; receiving a digital message; determining whether the digital message has integrity; determining whether a digital signature of the digital message is correct; upon determining that at least one of;
(i) the digital message does not have integrity, and (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message;upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct; decrypting the digital message; extracting a new firmware from the digital message; and flashing an existing firmware in the memory with the new firmware. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium having stored thereon a plurality of sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform a method of securing a firmware of a router, the method comprising:
-
receiving a digital message; determining whether the digital message has integrity; determining whether a digital signature of the digital message is correct; upon determining that at least one of;
(i) the digital message does not have integrity, and (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message;upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct; decrypting the digital message; extracting a new firmware from the digital message; and flashing an existing firmware in the memory with the new firmware. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification