METHOD AND DEVICE FOR PROVIDING VERIFYING APPLICATION INTEGRITY
First Claim
Patent Images
1. A device for processing an application, the device comprising:
- a communications interface configured to receive the application;
memory configured to store the application and a signed checksum; and
a hardware processing unit configured to;
modify the application to obtain a modified application;
send a checksum generated for the modified application to a trusted entity;
receive a signed checksum from the trusted entity, the signed checksum corresponding to the sent checksum; and
store the signed checksum in the memory.
2 Assignments
0 Petitions
Accused Products
Abstract
A device downloads and installs an APK file for the application, during which the code is modified. A checksum for the modified code is sent to a trusted entity that checks that the received checksum matches a stored checksum for the application. If so, the received checksum is signed and returned to the device where it is stored. The device can then check the integrity of the modified code by calculating a checksum for the modified code that is compared to the signed checksum. The solution is particularly suitable for devices using the Android OS since the DEX during installation is optimized to an ODEX for which there is no certified checksum.
24 Citations
15 Claims
-
1. A device for processing an application, the device comprising:
-
a communications interface configured to receive the application; memory configured to store the application and a signed checksum; and a hardware processing unit configured to; modify the application to obtain a modified application; send a checksum generated for the modified application to a trusted entity; receive a signed checksum from the trusted entity, the signed checksum corresponding to the sent checksum; and store the signed checksum in the memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method for processing an application comprising at a device:
-
receiving by a communications interface the application; modifying by a hardware processor the application to obtain a modified application; sending by the hardware processor via the communications interface a checksum generated for the modified application to a trusted entity; receiving by the hardware processor via the communications interface a signed checksum from the trusted entity, the signed checksum corresponding to the sent checksum; and storing by the hardware processor the signed checksum in memory. - View Dependent Claims (14, 15)
-
Specification