Configurable signature for authenticating data or program code

US 8,006,095 B2
Filed: 08/31/2007
Issued: 08/23/2011
Est. Priority Date: 08/31/2007
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

retrieving configuration information from a protected first memory, wherein the configuration information specifies a plurality of non-contiguous memory locations, wherein the plurality of non-contiguous memory locations store one or more parameters for a signature formula;

retrieving the one or more parameters for the signature formula from the plurality of non-contiguous memory locations based on the configuration information; and

calculating a first signature formula;

wherein the first signature is useable to verify security for a system.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System and method for authenticating data or program code via a configurable signature. Configuration information is retrieved from a protected first memory, e.g., an on-chip register, where the configuration information specifies a plurality of non-contiguous memory locations that store the signature, e.g., in an on-chip memory trailer. The signature is retrieved from the plurality of non-contiguous memory locations based on the configuration information, where the signature is useable to verify security for a system. The signature corresponds to specified data and/or program code stored in a second memory, e.g., in off-chip ROM. The specified data and/or program code may be copied from the second memory to a third memory, and a signature for the specified data and/or program code calculated based on the configuration information. The calculated signature may be compared with the retrieved signature to verify the specified data and/or program code.

Citations

20 Claims

1. A method, comprising:
- retrieving configuration information from a protected first memory, wherein the configuration information specifies a plurality of non-contiguous memory locations, wherein the plurality of non-contiguous memory locations store one or more parameters for a signature formula;
  
  retrieving the one or more parameters for the signature formula from the plurality of non-contiguous memory locations based on the configuration information; and
  
  calculating a first signature formula;
  
  wherein the first signature is useable to verify security for a system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the first signature corresponds to specified data and/or program code stored in a second memory, and wherein the method further comprises:
    - copying the specified data and/or program code from the second memory to a third memory;
      
      retrieving a second signature wherein said calculating the first signature comprises calculating the first signature for the specified data and/or program code using the signature formula; and
      
      comparing the calculated first signature with the retrieved second signature to verify the specified data and/or program code.
  - 3. The method of claim 2, wherein the specified data and/or program code comprises initialization code for the system.
  - 4. The method of claim 2, wherein the system comprises a main processor and an embedded controller, and wherein said copying, said calculating, and said comparing are performed by the embedded controller prior to boot-up of the main processor.
  - 5. The method of claim 2, wherein the configuration information further comprises the one or more parameters for the signature formula.
  - 6. The method of claim 2, wherein the first signature comprises one or more of:
    - a cyclic redundancy check (CRC);
      
      a checksum;
      
      ora hash.
  - 7. The method of claim 2,wherein the protected first memory comprises a register on a chip in the system;
    - wherein the second memory comprises an external memory located off-chip; and
      
      wherein the third memory comprises a random access memory (RAM) on the chip.
  - 8. The method of claim 2, wherein the signature formula comprises multi-byte data distributed over the plurality of non-contiguous memory locations in a trailer, and wherein the configuration information specifies the location and order of each byte of the data.
  - 9. The method of claim 8, wherein the trailer is comprised in the third memory, and wherein, in addition to the plurality of non-contiguous memory locations storing the signature formula, the trailer comprises random values.
  - 10. The method of claim 2, wherein the first memory, the embedded controller, and the third memory are comprised in a system-on-chip (SoC) in the system.

11. A system for authenticating data or program code, comprising:
- an embedded processor; and
  
  a protected first memory coupled to the embedded processor, wherein the protected first memory stores configuration information specifying a plurality of non-contiguous memory locations that store one or more parameters for a signature formula;
  
  wherein the embedded processor is operable to retrieve the one or more parameters for the signature formula from the plurality of non-contiguous memory locations based on the configuration information and to calculate a first signature using the signature formula, wherein the signature is useable to verify security for a system.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, further comprising:
    - a second memory coupled to the embedded processor, wherein the second memory stores data and/or program code, and wherein the first signature corresponds to the data and/or program code stored in the second memory; and
      
      a third memory coupled to the embedded processor, wherein the embedded processor is further operable to;
      
      copy the data and/or program code from the second memory to the third memory;
      
      retrieve a second signaturewherein said calculating the first signature comprises calculating the first signature for the data and/or program code using the signature formula; and
      
      compare the calculated first signature with the retrieved second signature to verify the data and/or program code.
  - 13. The system of claim 12, wherein the data and/or program code comprises initialization code for the system.
  - 14. The system of claim 12, further comprising:
    - a main processor, coupled to the embedded processor;
      
      wherein the embedded processor is operable to perform said copying, said calculating, and said comparing prior to boot-up of the main processor.
  - 15. The system of claim 12, wherein the configuration information further comprises the one or more parameters for the signature formula.
  - 16. The system of claim 12, wherein the signature comprises one or more of:
    - a cyclic redundancy check (CRC);
      
      a checksum;
      
      ora hash.
  - 17. The system of claim 12,wherein the protected first memory comprises a register on a chip in the system;
    - wherein the second memory comprises an external memory located off-chip; and
      
      wherein the third memory comprises a random access memory (RAM) on the chip.
  - 18. The system of claim 12, wherein the signature formula comprises multi-byte data distributed over the plurality of non-contiguous memory locations in a trailer, and wherein the configuration information specifies the location and order of each byte of the data.
  - 19. The system of claim 18, wherein the trailer is comprised in the third memory, and wherein, in addition to the plurality of non-contiguous memory locations storing the signature formula, the trailer comprises random values.
  - 20. The system of claim 12, wherein the first memory, the embedded controller, and the third memory are comprised in a system-on-chip (SoC) in the system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microchip Technology Incorporated
Original Assignee
Standard Microsystems Corporation (Microchip Technology Incorporated)
Inventors
Berenbaum, Alan D., Weiss, Raphael
Primary Examiner(s)
El Hady; Nabil M

Application Number

US11/848,854
Publication Number

US 20090063865A1
Time in Patent Office

1,453 Days
Field of Search

713/2, 713/169, 713/180, 713/193, 713/156, 713/168, 711/152, 711/163
US Class Current

713/180
CPC Class Codes

H04L 9/3247 involving digital signatures

Configurable signature for authenticating data or program code

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Configurable signature for authenticating data or program code

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links