System and method for verifying the integrity of stored information within an electronic device
First Claim
Patent Images
1. Embodied in a memory component, a digitally signed image comprising:
- a post-relocation image being a result formed by alteration of a pre-relocation image of a software module upon loading of the image into the memory component;
information to convert the pre-relocation image to the post-relocation image, the information includes offsets for addressing routines within the software module and the offsets are generated after the software module is compiled and placed into an executable format; and
a digital signature based on the pre-relocation image, the digital signature is a hash value of the pre-relocation image digitally signed by a private key of a selected signatory.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a digitally signed image is embodied in a memory component such as a non-volatile memory. The digitally signed image comprises a post-relocation image and a digital signature. The post-relocation image is an image of a software module altered by a symmetrical relocation function by loading of the image into the memory component. The digital signature is based on the image so that it can be used to analyze data integrity.
47 Citations
17 Claims
-
1. Embodied in a memory component, a digitally signed image comprising:
-
a post-relocation image being a result formed by alteration of a pre-relocation image of a software module upon loading of the image into the memory component;
information to convert the pre-relocation image to the post-relocation image, the information includes offsets for addressing routines within the software module and the offsets are generated after the software module is compiled and placed into an executable format; and
a digital signature based on the pre-relocation image, the digital signature is a hash value of the pre-relocation image digitally signed by a private key of a selected signatory.
-
-
2. Embodied in a memory component, a digitally signed image comprising:
-
a Bound &
Relocated Import Table (BRIT);
an import table;
an export table including a plurality of entries forming a listing of segments of information contained in the image, a selected entry of the plurality of entries includes an identifier of a segment of information associated with the segments of information, the selected entry further includes a second offset being an offset from a starting address of the digitally signed image to an address location of the segment of information;
an image of a software module; and
a digital signature based on the import table, the export table and the image. - View Dependent Claims (3, 4, 5, 6)
-
-
7. A method comprising:
-
reconverting a post-relocation image of a digitally signed image back to a pre-relocation image, the pre-relocation image being an image of a software module prior to relocation where an address with the digitally signed image is changed;
conducting a one-way hash operation on the reconverted, pre-relocation image to produce a reconverted hash value;
recovering a hash value from a digital signature contained in the digitally signed image, the hash value is based on the pre-relocation image of the software module;
comparing the hash value to the reconverted hash value;
determining that an integrity of the post-relocation image remains intact if the hash value matches the reconverted hash value; and
determining that the post-relocation image has been modified beyond any modification caused by relocation when the hash value fails to match the reconverted hash value.
-
-
8. A method for generating a Bound &
- Relocated Import Table (BRIT) within an electronic device, comprising;
(a) locating an import table for a first digitally signed image loaded within the electronic device, each entry of the import table including an identifier and a first offset;
(b) accessing an identifier within a selected entry of the first digitally signed image;
(c) determining whether the identifier matches an identifier within an export table of a second digitally signed image loaded within the electronic device, the identifier for the export table is stored with a corresponding second offset; and
(d) upon determining that the identifier within the selected entry matches the identifier within the export table, producing an address by combining the second offset with a starting address of the second digitally signed image, and loading the identifier within the selected entry and the address into an entry of the BRIT. - View Dependent Claims (9, 10, 11)
- Relocated Import Table (BRIT) within an electronic device, comprising;
-
12. A method comprising:
-
verifying an integrity of a plurality of digitally signed images loaded in an electronic device, the plurality of digitally signed images includes a first digitally signed image and a second digitally signed image by performing a hash operation on an import table, an export table and an image of the first digitally signed image to produce a first resultant hash value;
recovering a first hash value from a digital signature contained in the first digitally signed image, comparing the first hash value with the first resultant hash value, performing a hash operation on the import table, the export table and an image of the second digitally signed image to produce a second resultant hash value;
recovering a second hash value from a digital signature contained in the second digitally signed image, and comparing the second hash value with the second resultant hash value;
determining whether an identifier in an import table of the first digitally signed image matches an identifier in the export table of the second digitally signed image; and
determining whether an entry of a Bound &
Relocated Import Table (BRIT) corresponding to the identifier in the import table points to an address defined by the identifier in the export table.
-
-
13. An electronic device comprising:
-
a processor; and
a non-volatile memory component in communication with the processor, the non-volatile memory component includes including a post-relocation image being an image of a software module altered during relocation in which an address associated with the image is adjusted before loading the post-relocation image into the memory component, information to convert the image into the post-relocation image, the information placed within the non-volatile memory component includes an offset from a starting address of the image of the software module, and a digital signature based on the image of the software module.
-
-
14. An electronic device comprising:
-
a processor; and
a memory in communication with the processor, the memory being loaded with a Bound &
Relocated Import Table (BRIT), an import table, an export table, an image of a software module, and a digital signature based on the import table, the export table and the image, the export table includes a plurality of entries forming a listing of segments of information contained in the image, a selected entry of the plurality of entries includes an identifier of a segment of information associated with the segments of information, the selected entry further includes a second offset being an offset from a starting address of the digitally signed image to an address location of the segment of information. - View Dependent Claims (15, 16)
-
-
17. Embodied in a processor readable medium for execution by a processor, a software program comprising
a first software module to reconvert a post-relocation image of a digitally signed image back to a pre-relocation image, the pre-relocation image being an image of a software module prior to adjustment of an address corresponding to an address location allotted for the post-relocation image; -
a second software module to conduct a hash operation on the reconverted, pre-relocation image to produce a reconverted hash value;
a third software module to recover a hash value from a digital signature contained in the digitally signed image, the hash value is based on the image of the software module;
a fourth software module to compare the hash value to the reconverted hash value;
a fifth software module to determine that an integrity of the post-relocation image remains intact if the hash value matches the reconverted hash value; and
a sixth software module to determine that the post-relocation image has been modified beyond any modifications caused by relocation when the hash value fails to match the reconverted hash value.
-
Specification