System and method for verifying the integrity of stored information within an electronic device

US 6,928,548 B1
Filed: 09/29/2000
Issued: 08/09/2005
Est. Priority Date: 09/29/2000
Status: Expired due to Fees

First Claim

Patent Images

1. Embodied in a memory component, a digitally signed image comprising:

a post-relocation image being a result formed by alteration of a pre-relocation image of a software module upon loading of the image into the memory component;

information to convert the pre-relocation image to the post-relocation image, the information includes offsets for addressing routines within the software module and the offsets are generated after the software module is compiled and placed into an executable format; and

a digital signature based on the pre-relocation image, the digital signature is a hash value of the pre-relocation image digitally signed by a private key of a selected signatory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a digitally signed image is embodied in a memory component such as a non-volatile memory. The digitally signed image comprises a post-relocation image and a digital signature. The post-relocation image is an image of a software module altered by a symmetrical relocation function by loading of the image into the memory component. The digital signature is based on the image so that it can be used to analyze data integrity.

47 Citations

View as Search Results

17 Claims

1. Embodied in a memory component, a digitally signed image comprising:
- a post-relocation image being a result formed by alteration of a pre-relocation image of a software module upon loading of the image into the memory component;
  
  information to convert the pre-relocation image to the post-relocation image, the information includes offsets for addressing routines within the software module and the offsets are generated after the software module is compiled and placed into an executable format; and
  
  a digital signature based on the pre-relocation image, the digital signature is a hash value of the pre-relocation image digitally signed by a private key of a selected signatory.

2. Embodied in a memory component, a digitally signed image comprising:
- a Bound &
  
  Relocated Import Table (BRIT);
  
  an import table;
  
  an export table including a plurality of entries forming a listing of segments of information contained in the image, a selected entry of the plurality of entries includes an identifier of a segment of information associated with the segments of information, the selected entry further includes a second offset being an offset from a starting address of the digitally signed image to an address location of the segment of information;
  
  an image of a software module; and
  
  a digital signature based on the import table, the export table and the image.
- View Dependent Claims (3, 4, 5, 6)
- - 3. The digitally signed image of claim 2, wherein the import table comprises a plurality of entries, each entry includes an identifier that indicates what segment of information contained in another digitally signed image is required by the image.
  - 4. The digitally signed image of claim 3, wherein the identifier includes a unique sequence of byte values.
  - 5. The digitally signed image of claim 3, wherein the identifier includes a unique sequence of alphanumeric characters.
  - 6. The digitally signed image of claim 3, wherein each entry of the import table further includes an offset to a corresponding entry of the BRIT.

7. A method comprising:
- reconverting a post-relocation image of a digitally signed image back to a pre-relocation image, the pre-relocation image being an image of a software module prior to relocation where an address with the digitally signed image is changed;
  
  conducting a one-way hash operation on the reconverted, pre-relocation image to produce a reconverted hash value;
  
  recovering a hash value from a digital signature contained in the digitally signed image, the hash value is based on the pre-relocation image of the software module;
  
  comparing the hash value to the reconverted hash value;
  
  determining that an integrity of the post-relocation image remains intact if the hash value matches the reconverted hash value; and
  
  determining that the post-relocation image has been modified beyond any modification caused by relocation when the hash value fails to match the reconverted hash value.

8. A method for generating a Bound &
- Relocated Import Table (BRIT) within an electronic device, comprising;
  
  (a) locating an import table for a first digitally signed image loaded within the electronic device, each entry of the import table including an identifier and a first offset;
  
  (b) accessing an identifier within a selected entry of the first digitally signed image;
  
  (c) determining whether the identifier matches an identifier within an export table of a second digitally signed image loaded within the electronic device, the identifier for the export table is stored with a corresponding second offset; and
  
  (d) upon determining that the identifier within the selected entry matches the identifier within the export table, producing an address by combining the second offset with a starting address of the second digitally signed image, and loading the identifier within the selected entry and the address into an entry of the BRIT.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8 further comprising:
    - repeating the operations of (a)-(d) for each remaining entry of the import table for loading resultant address and identifier pairs into different entries of the BRIT.
  - 10. The method of claim 8, wherein the;
    - producing of the address by combining the second offset with the starting address of the second digitally signed image comprises an arithmetic operation.
  - 11. The method of claim 8, wherein prior to locating an import table for the first digitally signed image, the method further comprises locating a plurality of digitally signed images loaded within the electronic device.

12. A method comprising:
- verifying an integrity of a plurality of digitally signed images loaded in an electronic device, the plurality of digitally signed images includes a first digitally signed image and a second digitally signed image by performing a hash operation on an import table, an export table and an image of the first digitally signed image to produce a first resultant hash value;
  
  recovering a first hash value from a digital signature contained in the first digitally signed image, comparing the first hash value with the first resultant hash value, performing a hash operation on the import table, the export table and an image of the second digitally signed image to produce a second resultant hash value;
  
  recovering a second hash value from a digital signature contained in the second digitally signed image, and comparing the second hash value with the second resultant hash value;
  
  determining whether an identifier in an import table of the first digitally signed image matches an identifier in the export table of the second digitally signed image; and
  
  determining whether an entry of a Bound &
  
  Relocated Import Table (BRIT) corresponding to the identifier in the import table points to an address defined by the identifier in the export table.

13. An electronic device comprising:
- a processor; and
  
  a non-volatile memory component in communication with the processor, the non-volatile memory component includes including a post-relocation image being an image of a software module altered during relocation in which an address associated with the image is adjusted before loading the post-relocation image into the memory component, information to convert the image into the post-relocation image, the information placed within the non-volatile memory component includes an offset from a starting address of the image of the software module, and a digital signature based on the image of the software module.

14. An electronic device comprising:
- a processor; and
  
  a memory in communication with the processor, the memory being loaded with a Bound &
  
  Relocated Import Table (BRIT), an import table, an export table, an image of a software module, and a digital signature based on the import table, the export table and the image, the export table includes a plurality of entries forming a listing of segments of information contained in the image, a selected entry of the plurality of entries includes an identifier of a segment of information associated with the segments of information, the selected entry further includes a second offset being an offset from a starting address of the digitally signed image to an address location of the segment of information.
- View Dependent Claims (15, 16)
- - 15. The electronic device of claim 14, wherein the import table loaded within the memory comprises a plurality of entries, each entry includes an identifier that indicates what segment of information contained in another digitally signed image is required by the image.
  - 16. The electronic device of claim 15, wherein the identifier associated with a particular entry include a unique sequence of byte values.

17. Embodied in a processor readable medium for execution by a processor, a software program comprisinga first software module to reconvert a post-relocation image of a digitally signed image back to a pre-relocation image, the pre-relocation image being an image of a software module prior to adjustment of an address corresponding to an address location allotted for the post-relocation image;
- a second software module to conduct a hash operation on the reconverted, pre-relocation image to produce a reconverted hash value;
  
  a third software module to recover a hash value from a digital signature contained in the digitally signed image, the hash value is based on the image of the software module;
  
  a fourth software module to compare the hash value to the reconverted hash value;
  
  a fifth software module to determine that an integrity of the post-relocation image remains intact if the hash value matches the reconverted hash value; and
  
  a sixth software module to determine that the post-relocation image has been modified beyond any modifications caused by relocation when the hash value fails to match the reconverted hash value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Fish, Andrew J., Hale, Robert P.
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Baum, Ronald

Application Number

US09/675,113
Time in Patent Office

1,775 Days
Field of Search

713/187, 713/197
US Class Current

713/187
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/57   Certifying or maintaining t...

G06F 21/79   in semiconductor storage me...

System and method for verifying the integrity of stored information within an electronic device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

47 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for verifying the integrity of stored information within an electronic device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

47 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links