×

Methods and apparatus for batch bound authentication

  • US 8,068,614 B2
  • Filed: 09/28/2007
  • Issued: 11/29/2011
  • Est. Priority Date: 09/28/2007
  • Status: Expired due to Fees
First Claim
Patent Images

1. A method for verifying data and hardware in a processing system, the method comprising:

  • in a processing system having a system firmware that includes pre-boot authentication logic, reading a processor identifier from a processor in the processing system;

    determining in a processing unit of the processor according to a function, whether the processor belongs to a batch of processors associated with a specific vendor of processing systems, based at least in part on the processor identifier and a batch identifier having a pair of numbers to uniquely identify the batch of processors;

    automatically determining in the processing unit whether the system firmware is authentic, based at least in part on a digitally signed message, including computing a hash of the system firmware, computing a batch bound signature using the hash, a batch bound key, and the batch identifier, and comparing the computed batch bound signature to a batch bound signature stored in the system firmware;

    determining whether or not to execute the system firmware, based at least in part on the determinations of whether the processor belongs to the batch of processors and whether the system firmware is authentic; and

    automatically allowing the processing system to boot in response to determinations that the processor belongs to the batch of processors and the system firmware is authentic, and automatically terminating a boot process in response to a determination that processor does not belong to the batch of processors or the system firmware is not authentic.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×