Method and apparatus for protecting SIMLock information in an electronic device
First Claim
1. An electronic device comprising:
- a non-secure first memory for storing usage restriction data including;
static usage restriction data comprising one or more authorization keys, each said key governing a corresponding device usage restriction setting;
dynamic usage restriction data comprising said device usage restriction settings, with changes to each said restriction setting governed by the corresponding authorization key;
a first message authentication code for authenticating said static usage restriction data; and
a second message authentication code for authenticating said dynamic usage restriction data;
a secure circuit holding a permanent device key accessible only through a direct connection to the secure circuit, and further holding a one-time programmable initialization indicator;
a cryptographic circuit coupled to said secure circuit via said direction connection, and wherein said cryptographic circuit is configured to obtain said permanent key from said secure circuit for cryptographic processing by said cryptographic circuit but not to make said permanent key available to any other circuitry in said electronic device; and
a system processor configured to selectively operate in a secure mode for securely accessing said cryptographic circuit, and in non-secure mode for non-securely accessing said cryptographic circuit; and
wherein said cryptographic circuit is configured to;
permanently lock said static usage restriction data to said electronic device by generating said first message authentication code only one time, in conjunction with being accessed in said secure mode at a time when said electronic device is un-initialized as indicated by said initialization indicator, wherein said cryptographic circuit generates said first message authentication code as a function of said permanent key and said static usage restriction data, for storage by said system processor in said first memory and then directs said secure circuit to permanently set said initialization indicator to an initialized state; and
when accessed in a secure state after initialization of said electronic device, allow an authorized user to change one or more of said restriction settings governing usage of said electronic device, based on said cryptographic circuit verifying said static usage restriction data via said first message authentication code, and then generating a new second message authentication code as a function of any updated restriction settings and said permanent key, and providing said new second message authentication code to said system processor, for replacing said second message authentication code currently stored in said first memory.
1 Assignment
0 Petitions
Accused Products
Abstract
The teachings herein present a method and apparatus for protecting usage restriction data that governs usage of an electronic device. A cryptographic circuit supports secure and non-secure accesses. When non-securely accessed, it is operable only to verify the stored usage restriction data, and, when securely accessed, it is operable to generate a new message authentication code for changed usage restriction data, for subsequent authentication of that data. The usage restriction data may be stored in non-secure memory and may include static and dynamic parts. One or more embodiments include a secure circuit indicating whether the device has been initialized. The cryptographic circuit outputs a message authentication code for the static part using a permanent device key from the secure circuit, only if the device has not been initialized, and outputs a message authentication code for the dynamic part as needed to support authorized changes to the dynamic part.
64 Citations
11 Claims
-
1. An electronic device comprising:
-
a non-secure first memory for storing usage restriction data including;
static usage restriction data comprising one or more authorization keys, each said key governing a corresponding device usage restriction setting;
dynamic usage restriction data comprising said device usage restriction settings, with changes to each said restriction setting governed by the corresponding authorization key;
a first message authentication code for authenticating said static usage restriction data; and
a second message authentication code for authenticating said dynamic usage restriction data;a secure circuit holding a permanent device key accessible only through a direct connection to the secure circuit, and further holding a one-time programmable initialization indicator; a cryptographic circuit coupled to said secure circuit via said direction connection, and wherein said cryptographic circuit is configured to obtain said permanent key from said secure circuit for cryptographic processing by said cryptographic circuit but not to make said permanent key available to any other circuitry in said electronic device; and a system processor configured to selectively operate in a secure mode for securely accessing said cryptographic circuit, and in non-secure mode for non-securely accessing said cryptographic circuit; and wherein said cryptographic circuit is configured to; permanently lock said static usage restriction data to said electronic device by generating said first message authentication code only one time, in conjunction with being accessed in said secure mode at a time when said electronic device is un-initialized as indicated by said initialization indicator, wherein said cryptographic circuit generates said first message authentication code as a function of said permanent key and said static usage restriction data, for storage by said system processor in said first memory and then directs said secure circuit to permanently set said initialization indicator to an initialized state; and when accessed in a secure state after initialization of said electronic device, allow an authorized user to change one or more of said restriction settings governing usage of said electronic device, based on said cryptographic circuit verifying said static usage restriction data via said first message authentication code, and then generating a new second message authentication code as a function of any updated restriction settings and said permanent key, and providing said new second message authentication code to said system processor, for replacing said second message authentication code currently stored in said first memory. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of protecting usage restriction data that governs usage of an electronic device comprising:
-
storing said usage restriction data in a non-secure memory of the electronic device as static usage restriction data that can never be changed once the electronic device has been initialized, and further as dynamic usage restriction data that can be changed by an authorized user after the electronic device has been initialized, wherein said static usage restriction data comprises one or more authorization keys, each governing a corresponding one of one or more usage restriction settings comprising said dynamic usage restriction data; further storing in said non-secure memory first and second message authentication codes, for authenticating said static and dynamic usage restriction data, respectively, as a prerequisite for allowing normal operation of said electronic device; generating said first message authentication code as a function of said static usage restriction data and a permanent device key that is accessible only to a cryptographic circuit included in said electronic device, and restricting generation of said first message authentication code to occur only once, when said electronic device undergoes an authorized one-time initialization in a secure mode, so that any changes to said static usage restriction data after said authorized one-time initialization will cause an authorization failure that prevents normal operation of said electronic device; and generating, via said cryptographic circuit, a new second message authentication code as a function of new dynamic usage restriction data, in response to being so commanded by an authorized user accessing said secure device in a secure mode, and correspondingly storing said new second message authentication code in said non-secure memory in conjunction with said new dynamic usage restriction data, thereby allowing said authorized user to make changes to one or more of said usage restriction settings after device initialization; and restricting said electronic device from entering a normal operation mode for use by an end user by requiring, as part of secure startup operations of said electronic device, authentication by said cryptographic circuit of said static usage restriction data according to said first message authentication code, both as stored in said non-secure memory, and further authentication by said cryptographic circuit of said dynamic usage restriction data according to said second message authentication code, both as stored in said non-secure memory. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification