×

Method for controlling the distribution of software code updates

  • US 7,522,732 B2
  • Filed: 11/09/2004
  • Issued: 04/21/2009
  • Est. Priority Date: 11/09/2004
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for controlling the distribution of a software code update for an embedded software application on a device, wherein the distribution is from a sender to a plurality of devices each including the software application via a plurality of recipients, comprising:

  • assigning an asymmetric key pair, including a public key PU1 and a private key PR1, to the software application;

    securely distributing the private key PR1 to the plurality of recipients and distributing the public key PU1 to the sender;

    assigning an asymmetric key pair, including a public key PU2 and a private key PR2, to the sender;

    securely distributing the private key PR2 to the sender and distributing the public key PU2 to the plurality of recipients;

    generating a random secret session key;

    encrypting the software code update using the secret session key by the sender to produce a secure body of an encrypted message;

    computing an authentication value HV0 over a data area by the sender;

    encrypting HV0 using the private key PR2 by the sender to produce a secure value, MIC;

    encrypting the secret session key and the secure value MIC using the public key PU1 by the sender to produce a secure header of the encrypted message;

    sending the encrypted message, including the secure body and the secure header;

    receiving the encrypted message by one or more of the recipients;

    decrypting the secure header using the private key PR1 to obtain the secret session key and the secure value MIC;

    computing an authentication value HV1 over the same data area;

    decrypting the secure value MIC using the public key PU2 to obtain HV0;

    comparing the authentication value HV0 to the authentication value HV1 to verify that the encrypted message came from the sender and has not been altered; and

    decrypting the secure body using the secret session key to obtain the software code update.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×