Method and system for distributing programs using tamper resistant processor

US 7,270,193 B2
Filed: 02/13/2001
Issued: 09/18/2007
Est. Priority Date: 02/14/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A program distribution device for distributing executable programs through a network to a client device having a tamper resistant processor which is provided with a unique secret key and a unique public key corresponding to the unique secret key in advance, the program distribution device comprising:

a first communication path set up unit configured to set up a first communication path between the program distribution device and the client device for communications other than transfer of the executable programs;

a second communication path set up unit configured to set up a second communication path directly connecting the program distribution device and the tamper resistant processor within the client device and dedicated for transfer of the executable programs such that the executable programs are not accessible by any other parts of the client device, the first and second communication paths being set up as different channels on an identical transmission line or as different transmission lines;

an encryption processing unit configured to produce an encrypted program by encrypting an executable program to be distributed to the client device and executed within the tamper resistant processor, by using the unique public key of the tamper resistant processor which is not shared with any other parts of the client device; and

a transmission unit configured to transmit the encrypted program to the tamper resistant processor through the second communication path so that the encrypted program is directly delivered to the tamper resistant processor and the encrypted program can be decrypted and executed only within the tamper resistant processor which is an only entity that has the unique secret key corresponding to the unique public key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A scheme for distributing executable programs through a network from a program distribution device to a client device having a tamper resistant processor which is provided with a unique secret key and a unique public key corresponding to the unique secret key in advance is disclosed. In this scheme, a first communication path is set up between the program distribution device and the client device, and a second communication path directly connecting the program distribution device and the tamper resistant processor is set up on the first communication path. Then, the encrypted program is transmitted from the program distribution device to the tamper resistant processor through the second communication path.

61 Citations

View as Search Results

19 Claims

1. A program distribution device for distributing executable programs through a network to a client device having a tamper resistant processor which is provided with a unique secret key and a unique public key corresponding to the unique secret key in advance, the program distribution device comprising:
- a first communication path set up unit configured to set up a first communication path between the program distribution device and the client device for communications other than transfer of the executable programs;
  
  a second communication path set up unit configured to set up a second communication path directly connecting the program distribution device and the tamper resistant processor within the client device and dedicated for transfer of the executable programs such that the executable programs are not accessible by any other parts of the client device, the first and second communication paths being set up as different channels on an identical transmission line or as different transmission lines;
  
  an encryption processing unit configured to produce an encrypted program by encrypting an executable program to be distributed to the client device and executed within the tamper resistant processor, by using the unique public key of the tamper resistant processor which is not shared with any other parts of the client device; and
  
  a transmission unit configured to transmit the encrypted program to the tamper resistant processor through the second communication path so that the encrypted program is directly delivered to the tamper resistant processor and the encrypted program can be decrypted and executed only within the tamper resistant processor which is an only entity that has the unique secret key corresponding to the unique public key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The program distribution device of claim 1, further comprising:
    - a user authentication unit configured to carry out authentication of a user who is using the client device, by using a user ID of the user received from the client device through the first communication path.
  - 3. The program distribution device of claim 1, further comprising:
    - a processor authentication unit configured to carry out authentication of the tamper resistant processor, by verifying a certificate certifying that the tamper resistant processor surely has the unique secret key and the unique public key, which is received from the client device through the second communication path.
  - 4. The program distribution device of claim 1, wherein the encryption processing unit encrypts the executable program by using the unique public key received from the tamper resistant processor through the second communication path.
  - 5. The program distribution device of claim 1, wherein the encryption processing unit encrypts the executable program by using a common key, and encrypts the common key by using the unique public key received from the tamper resistant processor through the second communication path;
    - andthe transmission unit transmits the encrypted program along with an encrypted common key to the tamper resistant processor through the second communication path.
  - 6. The program distribution device of claim 1, wherein communications through the second communication path are cipher communications.

7. A client device for receiving programs distributed from a program distribution device through a network, the client device comprising:
- a tamper resistant processor which is provided with a unique secret key and a unique public key corresponding to the unique secret key in advance;
  
  a first communication path set up unit configured to set up a first communication path between the program distribution device and the client device for communications other than transfer of the executable programs;
  
  a second communication path set up unit configured to set up a second communication path directly connecting the program distribution device and the tamper resistant processor within the client device and dedicated for transfer of the executable programs such that the executable programs are not accessible by any other parts of the client device, the first and second communication paths being set up as different transmission lines; and
  
  a program receiving unit configured to receive an encrypted program obtained by encrypting an executable program to be distributed to the client device and executed within the tamper resistant processor, by using the unique public key of the tamper resistant processor which is not shared with any other parts of the client device, from the program distribution device through the second communication path, so that the encrypted program is directly delivered to the tamper resistant processor and the encrypted program can be decrypted and executed only within the tamper resistant processor which is an only entity that has the unique secret key corresponding to the unique public key.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The client device of claim 7, further comprising:
    - a user authentication unit configured to carry out authentication of a user who is using the client device with respect to the program distribution device, by transmitting a user ID of the user to the program distribution device through the first communication path.
  - 9. The client device of claim 7, further comprising:
    - a certification unit configured to carry out authentication of the tamper resistant processor with respect to the program distribution device, by transmitting a certificate certifying that the tamper resistant processor surely has the unique secret key and the unique public key, through the second communication path.
  - 10. The client device of claim 7, wherein the program receiving unit receives the encrypted program which is encrypted by using the unique public key notified from the tamper resistant processor to the program distribution device through the second communication path.
  - 11. The client device of claim 7, wherein the program receiving unit receives the encrypted program which is encrypted by using a common key, and an encrypted common key which is encrypted by using the unique public key notified from the tamper resistant processor to the program distribution device through the second communication path.
  - 12. The client device of claim 7, wherein communications through the second communication path are cipher communications.

13. A program distribution system, comprising:
- a program distribution device connected to a network, for distributing executable programs through the network; and
  
  a client device connected to the network, for receiving the executable programs distributed from the program distribution device through the network;
  
  wherein the client device has;
  
  a tamper resistant processor which is provided with a unique secret key and a unique public key corresponding to the unique secret key in advance;
  
  a client side first communication path set up unit configured to set up a first communication path between the program distribution device and the client device for communications other than transfer of the executable programs;
  
  a client side second communication path set up unit configured to set up a second communication path directly connecting the program distribution device and the tamper resistant processor within the client device and dedicated for transfer of the executable programs such that the executable programs are not accessible by any other parts of the client device, the first and second communication paths being set up as different channels on an identical transmission line or as different transmission lines; and
  
  a program receiving unit configured to receive an encrypted program from the program distribution device through the second communication path; and
  
  the program distribution device has;
  
  a server side first communication path set up unit configured to set up the first communication path between the program distribution device and the client device for communications other than the transfer of the executable programs;
  
  a server side second communication path set up unit configured to set up the second communication path directly connecting the program distribution device and the tamper resistant processor within the client device and dedicated for transfer of the executable programs;
  
  an encryption processing unit configured to produce the encrypted program by encrypting an executable program to be distributed to the client device and executed within the tamper resistant processor, by using the unique public key of the tamper resistant processor which is not shared with any other parts of the client device; and
  
  a transmission unit configured to transmit the encrypted program to the tamper resistant processor through the second communication path so that the encrypted program is directly delivered to the tamper resistant processor and the encrypted program can be decrypted and executed within the tamper resistant processor which is an only entity that has the unique secret key corresponding to the unique public key.

14. A method for distributing executable programs through a network from a program distribution device to a client device having a tamper resistant processor which is provided with a unique secret key and a unique public key corresponding to the unique secret key in advance, the method comprising the steps of:
- setting up a first communication path between the program distribution device and the client device for communications other than transfer of the executable programs;
  
  setting up a second communication path directly connecting the program distribution device and the tamper resistant processor within the client device and dedicated for transfer of the executable programs such that the executable programs are not accessible by any other parts of the client device, the first and second communication paths being set up as different channels on an identical transmission line or as different transmission lines;
  
  producing an encrypted program by encrypting an executable program to be distributed to the client device and executed within the tamper resistant processor, by using the unique public key of the tamper resistant processor which is not shared with any other parts of the client device, at the program distribution device; and
  
  transmitting the encrypted program from the program distribution device to the tamper resistant processor through the second communication path so that the encrypted program is directly delivered to the tamper resistant processor and the encrypted program can be decrypted and executed only within the tamper resistant processor which is an only entity that has the unique secret key corresponding to the unique public key.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The method of claim 14, further comprising the step of:
    - carrying out authentication of a user who is using the client device, by using a user ID of the user received from the client device through the first communication path.
  - 16. The method of claim 14, further comprising the step of:
    - carrying out authentication of the tamper resistant processor, by verifying a certificate certifying that the tamper resistant processor surely has the unique secret key and the unique public key, which is received from the client device through the second communication path.
  - 17. The method of claim 14, wherein the producing step encrypts the executable program by using the unique public key received from the tamper resistant processor through the second communication path.
  - 18. The method of claim 14, wherein the producing step encrypts the executable program by using a common key, and encrypts the common key by using the unique public key received from the tamper resistant processor through the second communication path;
    - andthe transmitting step transmits the encrypted program along with an encrypted common key to the tamper resistant processor through the second communication path.
  - 19. The method of claim 14, wherein communications through the second communication path are cipher communications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Original Assignee
Kabushiki Kaisha Toshiba (Toshiba Corporation)
Inventors
Saito, Takeshi, Teramoto, Keiichi, Hashimoto, Mikio, Fujimoto, Kensaku, Shirakawa, Kenji
Primary Examiner(s)
TRUONG, THANHNGA B

Application Number

US09/781,284
Publication Number

US 20010014157A1
Time in Patent Office

2,408 Days
Field of Search

713/165, 713/167, 713/187, 713/715, 713/168, 713/175, 713193-194, 380277-278, 726/3, 709/201, 709/203, 717172-173, 717177-178
US Class Current

713/175
CPC Class Codes

G06F 21/109   by using specially-adapted ...

G06F 21/123   by using dedicated hardware...

G06F 21/72   in cryptographic circuits

Method and system for distributing programs using tamper resistant processor

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

61 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for distributing programs using tamper resistant processor

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links