Remote system integrity verification

US 6,925,566 B1
Filed: 07/07/2000
Issued: 08/02/2005
Est. Priority Date: 07/07/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for use in verifying the integrity of a remote unit in a communication system, said method comprising:

generating a random value;

determining memory range information identifying a range of memory space within the remote unit having data to be hashed by a hashing function;

determining position information indicative of a position within a data stream to be generated within the remote unit at which said random value is to be located;

delivering said random value, said memory range information, and said position information to the remote unit for use by the remote unit in performing a hashing operation; and

receiving a hash value from said remote unit, said hash value being a result of a hashing operation performed within said remote unit based upon said random value, said memory range information, and said position information delivered to the remote unit.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The integrity of a remote communication unit (14) in a communication system is verified by comparing a hash value generated within the remote unit (14) to a hash value generated within a local unit (24). An interrogation message is generated within an interrogating entity (10) that includes a random seed value, memory range information identifying a memory range within the remote unit that is to be hashed, and position information identifying a position at which the random seed value is to be located within a data stream generated within the remote unit (14). The interrogation message is then delivered to the remote unit (14) which then performs a hashing operation based upon the parameters within the interrogation message to generate a hash value. The hash value is then returned to the interrogating entity (10) for comparison with a control value.

Citations

16 Claims

1. A method for use in verifying the integrity of a remote unit in a communication system, said method comprising:
- generating a random value;
  
  determining memory range information identifying a range of memory space within the remote unit having data to be hashed by a hashing function;
  
  determining position information indicative of a position within a data stream to be generated within the remote unit at which said random value is to be located;
  
  delivering said random value, said memory range information, and said position information to the remote unit for use by the remote unit in performing a hashing operation; and
  
  receiving a hash value from said remote unit, said hash value being a result of a hashing operation performed within said remote unit based upon said random value, said memory range information, and said position information delivered to the remote unit.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method claimed in claim 1, further comprising the step of:
    - comparing said hash value received from said remote unit to a hash value generated outside said remote unit to determine whether modifications have been made within said remote unit.
  - 3. The method claimed in claim 2, wherein:
    - said hash value generated outside said remote unit is generated within a communication unit that is a replica of said remote unit.
  - 4. The method claimed in claim 2, wherein:
    - said hash value generated outside said remote unit is a result of a hashing operation performed outside the remote unit based upon said random value, said memory range information, and said position information.
  - 5. The method claimed in claim 1, wherein:
    - said steps of generating, determining memory range information, determining position information, and delivering are performed in a location that is different from the location of said remote unit.
  - 6. A computer readable medium having program instructions stored thereon that implements the method of claim 1 when executed within a digital processing device.

7. A communication apparatus for use in verifying the integrity of a remote unit in a communication system, comprising:
- a random value generator for generating a random value;
  
  a memory range determination unit for determining memory range information identifying a memory range within the remote unit for use in generating a data stream that will be processed by a hashing function within the remote unit;
  
  a location determination unit for determining location information that is indicative of a position within the data stream generated within the remote unit at which said random value is located;
  
  a transmitter for transmitting said random value, said memory range information, and said location information to the remote unit for use in performing a hashing operator therein;
  
  a local memory storing information that is representative of information that should be stored in the remote unit; and
  
  a hash unit for performing a hashing operation on information stored within said local memory to generate a control value, said hashing operation being performed using said random value, said memory range information, and said location information.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The communication apparatus of claim 7, further comprising:
    - an interrogation message assembly unit for generating an interrogation message including said random value, said memory range information, and said location information.
  - 9. The communication apparatus of claim 8, wherein:
    - said transmitter transmits said interrogation message to the remote unit via a communication network.
  - 10. The communication apparatus of claim 7, further comprising:
    - a receiver for receiving a hash value from the remote unit, said hash value having been generated within the remote unit by performing a hashing operation within the remote unit based upon said random value, said memory range information, and said location information.
  - 11. The communication apparatus of claim 10, further comprising:
    - a comparison unit for comparing the hash value received from the remote unit to the control value generated by the hash unit.
  - 12. The communication apparatus of claim 7, further comprising:
    - a selection unit for selecting a hashing algorithm from a plurality of hashing algorithms for use by the remote unit to perform said hashing operation; and
      
      means for indicating a selected hashing algorithm to the remote unit.

13. A communication unit for use within a communication system comprising:
- means for receiving an integrity verification request from a requesting entity, said integrity verification request including a random value, placement information indicating a desired position for said random value within a data stream, and memory range information identifying a memory range within the communication unit that is to be processed using a hashing function;
  
  means for generating a data stream using data from said memory range and said random value, said random value being located within said data stream at a position indicated by said placement information;
  
  means for performing a hashing operation on said data stream to generate a hash value; and
  
  means for transmitting said hash value to said requesting entity.
- View Dependent Claims (14, 15, 16)
- - 14. The communication unit claimed in claim 13, wherein:
    - said means for generating a data stream includes means for storing said random value in a memory location within said communication unit corresponding to said placement information and means for reading data from said memory range of said communication unit indicated within said integrity verification request to generate said data stream.
  - 15. The communication unit claimed in claim 13, wherein:
    - said means for generating a data stream includes means for reading data from said memory range of said communication unit to generate a first data stream and means for inserting said random value into said first data stream at a position indicated by said placement information to generate a second data stream.
  - 16. The communication unit claimed in claim 13, further comprising:
    - means for receiving a hashing algorithm from said requesting entity for use by said means for performing a hashing operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CDC Propriete Intellectuelle
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Feigen, Ronald Glen, Lynn, James T., Perona, Richard Allen, Comer, Erwin Perry
Primary Examiner(s)
Morse, Gregory
Assistant Examiner(s)
NALVEN, ANDREW L

Application Number

US09/612,142
Time in Patent Office

1,852 Days
Field of Search

713/187, 713/188, 713/201, 713/194, 713/171, 713/165, 380/258, 380/262, 380/46, 380/283, 714/38
US Class Current

713/187
CPC Class Codes

H04L 43/50   Testing arrangements

H04L 63/102   Entity profiles

H04N 21/24   Monitoring of processes or ...

H04N 21/44236   Monitoring of piracy proces...

H04N 7/173   with two-way working, e.g. ...

Remote system integrity verification

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Remote system integrity verification

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links