Secure boot
First Claim
Patent Images
1. A system for preventing unauthorized replacement of a storage element containing an executable code, comprising:
- first cryptographic means coupled to the storage element for encrypting said executable code based on a secret key to generate an encrypted code in response to an access request during a power-up sequence, said first cryptographic means having an address space mapped to the executable code;
second cryptographic means for decrypting said encrypted code based on said secret key to generate a decrypted code, said second cryptographic means to execute said decrypted code if said decrypted code corresponds to said executable code, said second cryptographic means generating said access request corresponding to said address space of said first cryptographic means; and
communication means for enabling said first cryptographic means to communicate with said second cryptographic means by exchanging said encrypted code and decrypted code.
1 Assignment
0 Petitions
Accused Products
Abstract
A subsystem prevents unauthorized replacement of boot-up firmware (e.g., BIOS) embedded in modifiable non-volatile memory devices such as flash memory. The firmware device is contained in a secure boot device which is responsive to the host processor. The security protection is established by the encryption and decryption of the boot-up instructions using a secret key shared by both the secure boot device and the host processor.
-
Citations
36 Claims
-
1. A system for preventing unauthorized replacement of a storage element containing an executable code, comprising:
-
first cryptographic means coupled to the storage element for encrypting said executable code based on a secret key to generate an encrypted code in response to an access request during a power-up sequence, said first cryptographic means having an address space mapped to the executable code; second cryptographic means for decrypting said encrypted code based on said secret key to generate a decrypted code, said second cryptographic means to execute said decrypted code if said decrypted code corresponds to said executable code, said second cryptographic means generating said access request corresponding to said address space of said first cryptographic means; and communication means for enabling said first cryptographic means to communicate with said second cryptographic means by exchanging said encrypted code and decrypted code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for preventing unauthorized replacement of an executable code, comprising:
-
a first processor to contain said executable code and to encrypt said executable code based on a secret key to generate an encrypted code in response to an access request during a power-up sequence, said first processor having an address space mapped to corresponding to the executable code; a second processor coupled to said first processor, said second processor to generate said access request, and after receiving the encrypted code, to decrypt said encrypted code based on said secret key to generate a decrypted code, and to execute said decrypted code if said decrypted code corresponds to said executable code; and a communication path coupling said first processor to said second processor. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for preventing unauthorized replacement of an executable code contained in a storage element and accessible to a host processor, the method comprising:
-
providing a security processor which is coupled to said storage element, said security processor being responsive to said host processor; mapping an address space of said security processor to the executable code; generating an access request to said security processor during a power-up sequence, the access request corresponding to said address space of said security processor; encrypting the executable code based on a secret key to produce an encrypted code in response to said access request; decrypting said encrypted code based on said secret key to produce a decrypted code; executing said decrypted code if said decrypted code corresponds to said executable code; and establishing a communication path between said host processor and said security processor to allow said host processor to communicate with said security processor. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A system for preventing unauthorized replacement of an information, comprising:
-
first processor to encrypt said information based on a secret key to generate an encrypted information in response to an access request during a power-up sequence, said first processor having an address space mapped to said information; a second processor coupled to said first processor, the second processor to decrypt said encrypted information based on said secret key to generate a decrypted information, said second processor to use said decrypted information if said decrypted information corresponds to said information, said second processor generating said access request corresponding to said address space of said first processor; and a communication path to enable said first processor to communicate with said second processor by exchanging said encrypted information and decrypted information. - View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
-
Specification