Method and apparatus for validating integrity of a mobile communication
First Claim
Patent Images
1. A method for validating integrity of a mobile communication device, the method comprising:
- provisioning the mobile communication device, wherein the provisioning comprises deleting existing software from the mobile communication device and installing trusted software on the mobile communication device;
installing an integrity verification application on the mobile communication device, wherein the integrity verification application comprises a list of expected signatures for data on the mobile communication device;
running the integrity verification application to validate the data based on the expected signatures;
establishing a first pass indicator and a second pass indicator, wherein establishing the first pass indicator and the second pass indicator comprises;
receiving a first instance of the first pass indicator;
performing a first integrity check calculation on non-volatile memory of the mobile communication device using the first instance of the first pass indicator as a seed value to provide a first integrity check value;
receiving the second pass indicator;
splitting a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and
storing the split of the second pass indicator in the non-volatile memory of the mobile communication device;
thereafter, receiving a second instance of the first pass indicator as a challenge for verification, and in response to receiving the second instance of the first pass indicator;
performing a second integrity check calculation on the non-volatile memory of the mobile communication device using the second instance of the first pass indicator as a seed value to provide a second integrity check value, the second integrity check calculation being different from the first integrity check calculation;
determining the second pass indicator based on the split of the second pass indicator and the second integrity check value; and
displaying the second pass indicator as an indication of the integrity.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for validating integrity of a mobile communication device includes provisioning the mobile communication device by deleting existing software and installing an integrity verification application. The method also includes establishing a first pass indicator and a second pass indicator including receiving a first instance of the first pass indicator. The method also includes receiving a second instance of the first pass indicator as a challenge for verification. In response to receiving the second instance of the first pass indicator, the second pass indicator may be displayed as an indication of the integrity.
29 Citations
20 Claims
-
1. A method for validating integrity of a mobile communication device, the method comprising:
-
provisioning the mobile communication device, wherein the provisioning comprises deleting existing software from the mobile communication device and installing trusted software on the mobile communication device; installing an integrity verification application on the mobile communication device, wherein the integrity verification application comprises a list of expected signatures for data on the mobile communication device; running the integrity verification application to validate the data based on the expected signatures; establishing a first pass indicator and a second pass indicator, wherein establishing the first pass indicator and the second pass indicator comprises; receiving a first instance of the first pass indicator; performing a first integrity check calculation on non-volatile memory of the mobile communication device using the first instance of the first pass indicator as a seed value to provide a first integrity check value; receiving the second pass indicator; splitting a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and storing the split of the second pass indicator in the non-volatile memory of the mobile communication device; thereafter, receiving a second instance of the first pass indicator as a challenge for verification, and in response to receiving the second instance of the first pass indicator; performing a second integrity check calculation on the non-volatile memory of the mobile communication device using the second instance of the first pass indicator as a seed value to provide a second integrity check value, the second integrity check calculation being different from the first integrity check calculation; determining the second pass indicator based on the split of the second pass indicator and the second integrity check value; and displaying the second pass indicator as an indication of the integrity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile communication device comprising:
-
a provisioning module configured to provision the mobile communication device, wherein the provisioning comprises deleting existing software from the mobile communication device and installing trusted software on the mobile communication device; a first integrity verification application comprising a list of expected signatures for data on the mobile communication device; an initialization module configured to establish a first pass indicator and a second pass indicator, the initialization module comprising; an input module configured to receive the first pass indicator and the second pass indicator; a first integrity check calculation module configured to calculate a first integrity check on non-volatile memory of the mobile communication device using the first pass indicator as a seed value to provide a first integrity check value; a splitting module configured to split a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and a storing module configured to store the split of the second pass indicator in the non-volatile memory of the mobile communication device; a second integrity verification module configured to receive the first pass indicator as a challenge for verification, the second integrity verification module comprising; a second integrity check calculation module configured to calculate a second integrity check on the non-volatile memory of the mobile communication device using the first pass indicator as a seed value to provide a second integrity check value; a determining module configured to determine the second pass indicator based on the split of the second pass indicator and the second integrity check value; and a display module configured to display the second pass indicator as an indication of integrity during operation. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for validating a mobile communication device, the method comprising:
-
deleting existing software from the mobile communication device and installing trusted software on the mobile communication device; installing an integrity verification application on the mobile communication device, wherein the integrity verification application comprises a list of expected signatures for data on the mobile communication device; establishing a first pass indicator and a second pass indicator, wherein establishing the first pass indicator and the second pass indicator comprises; receiving the first pass indicator; performing a first integrity check calculation on non-volatile memory of the mobile communication device using the first pass indicator as a seed value to provide a first integrity check value; receiving the second pass indicator; splitting a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and storing the split of the second pass indicator in the non-volatile memory of the mobile communication device receiving a second instance of the first pass indicator as a challenge for verification, in response to receiving the second instance of the first pass indicator; performing a second integrity check calculation on the non-volatile memory of the mobile communication device to provide a second integrity check value, the second integrity check calculation being different from the first integrity check calculation; determining the second pass indicator based on the split of the second pass indicator and the second integrity check value; and displaying the second pass indicator as an indication of integrity during operation. - View Dependent Claims (17, 18, 19, 20)
-
Specification