Secure system for remotely waking a computer in a power-down state
First Claim
1. A method for secure remote wake-up of a computer by a network interface card included in the computer, wherein the method comprises:
- receiving a data packet from a network;
comparing a destination address included in the data packet to a destination address of the network interface card;
determining if a wake-up pattern is present in the data packet;
decrypting an encrypted value from the data packet to obtain a decrypted value; and
asserting a wake-up signal if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value, wherein the expected value includes a current date;
retrieving a new encryption key included as part of the data packet if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value; and
storing the new encryption key.
3 Assignments
0 Petitions
Accused Products
Abstract
A secure system and method is provided for remotely waking a computer from a power down state. In one embodiment, a network interface card receives incoming data packets via a network connector. A control module is coupled to the network connector and is configured to search the incoming packets for a wake-up pattern. The control module also verifies that the packet'"'"'s destination address matches the destination address of the network interface card. If the destination addresses match and a wake-up pattern is found, the control module decrypts an encrypted value from the incoming packet and compares the result to an expected value. A successful comparison causes the control module to assert a signal to wake up the host computer. Preferably, a standard public/private key pair encryption scheme is used, and the source of the data packet encrypts the expected value with a private key. All computers which may receive wake-up packets are provided with a public key with which to decrypt values contained in a security field of any wake-up packets. A successful decryption serves to certify that the wake-up packet was transmitted from an authorized source. For added security, the expected value and public/private keys may be changed on a regular basis, or even every time a valid wake-up packet is received. The new value may be provided in the wake-up packet, to be stored by the network card for the next use.
-
Citations
11 Claims
-
1. A method for secure remote wake-up of a computer by a network interface card included in the computer, wherein the method comprises:
-
receiving a data packet from a network;
comparing a destination address included in the data packet to a destination address of the network interface card;
determining if a wake-up pattern is present in the data packet;
decrypting an encrypted value from the data packet to obtain a decrypted value; and
asserting a wake-up signal if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value, wherein the expected value includes a current date;
retrieving a new encryption key included as part of the data packet if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value; and
storing the new encryption key. - View Dependent Claims (2, 3, 4, 5)
waking up the computer from a power down state in response to the wake-up signal.
-
-
4. The method of claim 1, further comprising:
-
creating the data packet with a wake-up pattern, wherein the creating includes;
encrypting the expected value using a private encryption key to produce the encrypted value; and
placing the encrypted value in a security field subsequent to the wake-up pattern; and
transmitting the data packet on the network.
-
-
5. The method of claim 1, wherein the new encryption key is changed each time the computer is remotely awakened.
-
6. A network interface card which comprises:
-
a network connector configured to receive incoming packets;
a control module coupled to the network connector and configured to determine if an incoming packet includes a wake-up pattern, configured to compare a destination address included in the packet to a destination address of the network interface card, and configured to decrypt an encrypted value from a security field in the incoming packet to obtain a decrypted value, wherein the control module is further configured to assert a wake-up signal if the addresses match, a wake-up pattern is included in the packet, and the decrypted value matches an expected value; and
a memory coupled to the control module and configured to store a public encryption key for decrypting the encrypted value, wherein the control module includes a real-time clock for determining the expected value. - View Dependent Claims (7)
-
-
8. A networked computer system comprising:
-
a local computer;
a network coupled to the local computer to transport data packets generated by the local computer;
a remote computer coupled to the network to receive data packets generated by the local computer, wherein the remote computer comprises;
a central processing unit configurable to place the remote computer in a power down mode;
a network interface card coupled between the central processing unit and the network, wherein while the remote computer is in a power down mode, the network interface card is configured to examine a data packet received from the local computer for a wake-up pattern, configured to compare a destination address included in the received data packet to a destination address of the network interface card, and configured to decrypt an encrypted value from the received data packet to produce a decrypted value, wherein the network interface card is further configured to assert an interrupt to the central processing unit if the received data packet includes a wake-up pattern, the destination addresses match, and the decrypted value equals an expected value, wherein the expected value includes a current date, wherein the network interface card is further configured to retrieve and store a new encryption key included as part of the data packet if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value. - View Dependent Claims (9, 10)
-
-
11. A computer readable storage medium which stores software comprising:
-
a means for receiving a data packet from a network;
a means for comparing a destination address included in the data packet to a destination address of a network interface card;
a means for determining if a wake-up pattern is present in the data packet;
a means for decrypting an encrypted value from the data packet to obtain a decrypted value;
a means for asserting a wake-up signal if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value, wherein the expected value includes a current date; and
a means for retrieving a new encryption key included as part of the data packet if the destination addresses match, a wake-up pattern is present, and the decrypted value matches an expected value; and
a means for storing the new encryption key.
-
Specification