Apparatus and method for secured control of feature set of a programmable device
First Claim
1. A method for controlling the feature set of a programmable device comprising:
- identifying a programmable device by a unique number;
generating a secret key for each programmable device, the secret key being stored in and readable by the programmable device but being secure from external reading;
creating a database of secret keys correlated to unique numbers at a first location;
calculating an authentication code based on the secret key of the programmable device and an authorized feature set for the programmable device using a secure cryptographic algorithm;
storing the authentication code in a non-secure place in the programmable device;
storing instructions related to executing a feature set in the programmable device;
and thereafter, each time the programmable device is powered on, comparing the stored authentication code with a present calculated authentication code, using the same calculation, andif the stored authentication code and the present calculated authentication code match, allowing the programmable device to function according the authorized feature set.
3 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for controlling the feature set of a programmable device by assigning each programmable device a unique serial number, correlating a secret key with each serial number, and keeping that information in a secure location, such as at the manufacturer. Each optional feature set for the programmable devices is assigned a unique code, and software associated with the programmable device operates according to the feature set identified in the feature set code, if an authentication procedure is passed. The authentication procedure utilizes a secure cryptographic algorithm to calculate an authentication code based on the secret key and the authorized feature set for a programmable device. The authentication code is stored in the programmable device. Periodically, the programmable device automatically self checks itself by recalculating the authentication code. If it matches with the authorized authentication code, the authentication procedure is passed. If it does not match, the authentication procedure is not passed as it tends to indicate that there has been an attempt to tamper with the feature set code or to use an authorization code that is from another programmable device. If the authentication procedure is not passed, the programmable device may be disabled or some other limitation may be imposed on the device.
88 Citations
22 Claims
-
1. A method for controlling the feature set of a programmable device comprising:
-
identifying a programmable device by a unique number; generating a secret key for each programmable device, the secret key being stored in and readable by the programmable device but being secure from external reading; creating a database of secret keys correlated to unique numbers at a first location; calculating an authentication code based on the secret key of the programmable device and an authorized feature set for the programmable device using a secure cryptographic algorithm; storing the authentication code in a non-secure place in the programmable device; storing instructions related to executing a feature set in the programmable device; and thereafter, each time the programmable device is powered on, comparing the stored authentication code with a present calculated authentication code, using the same calculation, and if the stored authentication code and the present calculated authentication code match, allowing the programmable device to function according the authorized feature set. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for controlling the feature set of a programmable device, comprising:
-
a programmable device including a microprocessor, an EEPROM, a secure ROM, and a programming port; a programming device including a computer having a data base and a programming port; software in the computer which generates a table of randomly generated numbers called secret keys which are correlated to a set of unique serial numbers that is stored in the database; software in the programming device and in the programmable device which includes a secure cryptographic algorithm and which generates an authentication code based on the secret key of a programmable device and an operation mode code from which the programmable device operates a certain feature set; so that each programmable device is correlated to a unique serial number, the secret key correlated to each programmable device is stored in the secure ROM, an authorization code is stored the EEPROM; and
each time the programmable device is turned on, a present authentication code is calculated and compared to the authentication code to verify that no tampering with the authorized feature set instruction has occurred. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A method of controlling the feature set of plurality of programmable devices each of which uses a feature set code in a non-secure memory to instruct the programmable device which feature set is available for use, comprising:
-
assigning a unique identification number to each programmable device; assigning a randomly generated number to each identification number; assigning a unique feature set code to each feature set option for the programmable device; storing the each set of identification number and randomly generated number into a secure database held at a secure, location; storing the randomly generated number in a secure ROM of the programmable device; storing an authorized feature set code into a non-secure memory of the programmable device; calculating an authentication code based on the following formula
space="preserve" listing-type="equation">AC=ESK(SK+OMC)where ESK equals an encryption method;
SK equals the randomly generated number; and
OMC equals the feature set code; and
the + sign indicates defined relationship between SK and OMC, so that the authentication code is dependent upon the secure SK, which is correlated to a unique identification number;storing the authentication code in non-secure memory in the programmable device; periodically recalculating and comparing the authentication code to the stored authentication code; allowing the programmable device to function according to the stored feature set code if the recalculated and the stored authentication codes are the same.
-
Specification