System for preventing electronic memory tampering
DCFirst Claim
1. A cellular telephone comprising:
- a microprocessor; and
a memory;
wherein the microprocessor performs a hash calculation on contents of the memory to derive an audit hash value, which audit hash value is compared to a valid hash value previously derived from perlormance of the hash calculation on authentic memory contents, said hash calculation and comparison being secure from tampering.
1 Assignment
Litigations
1 Petition
Accused Products
Abstract
Methods and apparatus for preventing tampering with memory in an electronic device, such as a cellular telephone, are disclosed. An electronic device having a memory and a processing means contains logic that is used to perform a one-way hash calculation on the device'"'"'s memory contents whereby an audit hash value, or signature, of such contents is derived. The audit hash value is compared to a an authenticated valid hash value derived from authentic memory contents. A difference between the audit and valid hash values can be indicative of memory tampering. In accordance with another aspect of the invention, electronic device memory contents can be updated by a data transfer device that is authenticated before being permitted access to the memory contents. Data transfer device authentication involves the use of a public/private key encryption scheme. When the data transfer device interfaces with a electronic device and requests memory access, a process to authenticate the data transfer device is initiated.
-
Citations
50 Claims
-
1. A cellular telephone comprising:
-
a microprocessor; and a memory; wherein the microprocessor performs a hash calculation on contents of the memory to derive an audit hash value, which audit hash value is compared to a valid hash value previously derived from perlormance of the hash calculation on authentic memory contents, said hash calculation and comparison being secure from tampering. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. In a cellular telephone, a method for detecting memory tampering, the method comprising the steps of:
-
storing a signed valid hash value produced by performing a hash calculation on selected contents of a memory which memory selected contents are known to be authentic; producing an audit hash value by performing the hash calculation on the selected contents of the memory; and comparing the audit hash value to the valid hash value, whereby a difference between the audit and the valid hash values indicates alteration of the selected memory contents, wherein the steps of storing, producing, and comparing are secure from tampering. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. In a cellular telephone, an apparatus comprising:
-
a microprocessor; a flash memory whose contents include operating instructions for the cellular telephone; and an electronically erasable programmable read-only memory (EEPROM) whose contents include a valid hash value derived by performing a one-way hash calculation over selected portions of authentic flash and EEPROM memory contents; wherein the microprocessor periodically generates an audit hash value by performing the hash calculation over the selected portions, which audit hash value is compared to the authenticated valid hash value to assess whether at least one of the flash and the EEPROM memories have been altered. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A system for preventing unauthorized access to a cellular telephone memory programming capability, the system comprising:
-
a cellular telephone, including a memory for storing data, and a microprocessor having a means for authentication; and a data transfer device including signature means for supplying a signed message to the cellular mobile telephone; wherein the cellular telephone microprocessor assesses the authenticity of the data transfer device based upon an analysis of a signed message supplied by the data transfer device via a first port and a second port of a general purpose computer, wherein the data transfer device is attachable to the first port, and the second port is used to interface with the cellular telephone.
-
-
28. A method for assessing the authenticity of a cellular telephone programming device, the method comprising the steps of:
-
sending a challenge message in response to a programming request via a first port and a second port of a general purpose computer, wherein the cellular telephone programming device is attachable to the first port, and the second port is used to interface with the cellular telephone; signing the challenge message in the cellular telephone programming device; sending the signed challenge message to the cellular telephone; authenticating the challenge message within the cellular telephone; and rejecting the cellular telephone programming device if the challenge message is not received by the authentication step.
-
-
29. In a system comprising a data transfer device for programming a cellular telephone, a method for preventing unauthorized access to memory in the cellular telephone, said method comprising the steps of:
-
sending a programming request from the data transfer device to the cellular telephone via a first port and a second port of a general purpose computer, wherein the data transfer device is attachable to the first port, and the second port is used to interface with the cellular telephone; sending a challenge message from the cellular telephone to the data transfer device in response to the programming request; signing a challengeresponse message within the data transfer device; sending the signed challenge response message to the cellular telephone; authenticating the challenge response message within the cellular telephone; and entering a programming miode if authentication of the signal challenge response message confirms authenticity of the data transfer device.
-
-
30. A system for programming a cellular telephone, the system comprising:
-
a programmer; a general purpose computer having a first and a second port; wherein the programmer is attachable to the first port, and the second port is used to interface with a cellular telephone to be programmed, wherein in response to a request to program the cellular telephone received from the programmer, the cellular telephone returns a challenge which challenge is signed by the programmer and returned to the cellular telephone for authentication, whereby recovery of the challenge through authentication of the signed challenge is indicative of programmer authenticity and causes the cellular telephone to enter into a programming mode. - View Dependent Claims (31)
-
-
32. In a cellular telephone, a system for preventing fraudulent memory access, comprising:
-
security logic; a read only memory containing instruction code; protected random access memory; wherein the security logic prevents accesses to the protected random access memory by elements other than the read only memory; and a hardware-based timer, wherein the security logic prevents accesses to the hardware-based timer by elements other than the read only memory. - View Dependent Claims (33)
-
-
34. An electronic device comprising:
-
a microprocessor; and a memory; wherein the microprocessor performs a hash calculation on contents of the memory to derive an audit hash value, which audit hash value is compared to a valid hash value previously derived from performance of the hash calculation on authentic memory contents, said hash calculation and comparison being secure from tampering. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. In an electronic device, a method for detecting memory tampering, the method comprising the steps of:
-
storing a signed valid hash value produced by performing a hash calculation on selected contents of a memory which memory selected contents are known to be authentic; producing an audit hash value by performing the hash calculation on the selected contents of the memory; and comparing the audit hash value to the valid hash value, whereby a difference between the audit and the valid hash values indicates alteration of the selected memory contents, wherein the steps of storing, producing, and comparing are secure from tampering. - View Dependent Claims (44, 45, 46, 47, 48)
-
-
49. A system for preventing memory access, said system comprising:
-
security logic a read only memory containing instruction code; protected random access memory; wherein the security logic prevents accesses to the protected random access memory by elements other than the read only memory; and a hardware-based timer, wherein the security logic prevents accesses to the hardware-based timer by elements other than the read only memory. - View Dependent Claims (50)
-
Specification