Integrated circuit and system for installing computer code thereon

US 8,751,811 B2
Filed: 12/14/2010
Issued: 06/10/2014
Est. Priority Date: 12/14/2009
Status: Active Grant

First Claim

Patent Images

1. An integrated circuit comprising:

a communication circuit configured to provide technical information representing capabilities of the integrated circuit to a computing device external to the integrated circuit;

a combiner configured to obtain a cryptographic challenge and combine the technical information with the cryptographic challenge, wherein the combiner concatenates the technical information and the challenge;

a key storage comprising a cryptographic signing key; and

a signer configured to produce a signature over the combined technical information and the cryptographic challenge using the cryptographic signing key and provide the signature to the external computing device; and

an application receiver configured to receive, after the signature is provided to the external computing device, application computer code, install the received application computer code in a code memory of the integrated circuit to enable the integrated circuit with a new functionality, and receive application information from the external computing device, wherein the combiner is configured to combine a further challenge with the application information after the application computer code has been installed.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An integrated circuit 100 is provided, which is configured for authentication itself and technical information concerning the integrated circuit or its installed software to an external computing device 200. The integrated circuit 100 comprises a signer 130 for producing a signature over the information and a challenge using a cryptographic signing key, and a communication module 110 for providing the information and the signature to the computing device 200. In response to receiving the information and the authentication, the computing device 200 may install new application code on the integrated circuit. After the installation, the integrated circuit may authenticate information concerning the new application code to other computing devices. The integrated circuit is advantageously a multiple application smart card, since it allows application providers to obtain trust in the multiple application smart card without having a relationship with its manufacturer.

14 Citations

19 Claims

1. An integrated circuit comprising:
- a communication circuit configured to provide technical information representing capabilities of the integrated circuit to a computing device external to the integrated circuit;
  
  a combiner configured to obtain a cryptographic challenge and combine the technical information with the cryptographic challenge, wherein the combiner concatenates the technical information and the challenge;
  
  a key storage comprising a cryptographic signing key; and
  
  a signer configured to produce a signature over the combined technical information and the cryptographic challenge using the cryptographic signing key and provide the signature to the external computing device; and
  
  an application receiver configured to receive, after the signature is provided to the external computing device, application computer code, install the received application computer code in a code memory of the integrated circuit to enable the integrated circuit with a new functionality, and receive application information from the external computing device, wherein the combiner is configured to combine a further challenge with the application information after the application computer code has been installed.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 13, 14, 15, 16, 17, 18, 19)
- - 2. The integrated circuit as in claim 1, wherein the communication circuit is further configured to receive the cryptographic challenge from the external computing device.
  - 3. The integrated circuit as in claim 1, wherein the integrated circuit comprises a clock and the cryptographic challenge comprises a timestamp obtained from the clock.
  - 4. The integrated circuit as in claim 1, wherein the integrated circuit comprises a counter, the cryptographic challenge comprises a nonce obtained from the counter, and the counter is configured to increase a count when the nonce is obtained.
  - 5. The integrated circuit as in any one of the preceding claims, wherein the integrated circuit comprises:
    - a code memory configured to store computer code; and
      
      a processor configured to execute code stored in the code memory, wherein the combiner is configured to combine the cryptographic challenge with the technical information representing the capabilities of the computer code.
  - 6. The integrated circuit as in claim 1, wherein the cryptographic signing key is a private key from a public-private key pair.
  - 7. The integrated circuit as in claim 6, wherein providing the technical information comprises:
    - providing a certificate to the external computing device; and
      
      authenticating the certificate, wherein the certificate comprises a public key from the public-private key pair.
  - 8. A system configured to install application computer code, the system comprising the integrated circuit and the external computing device of claim 1, wherein the external computing device is configured to use a signature verifier configured to verify the signature.
  - 9. The system of claim 8, wherein the signing key is a symmetric key and the signature verifier is configured to contact a third party server to verify the signature.
  - 10. The system of claim 8, wherein the external computing device comprises:
    - 1. an information comparator configured to compare the technical information received from the integrated circuit with a predetermined set of required technical capabilities, wherein the external computing device is configured to allow installing application computer code based on the comparison.
  - 13. The integrated circuit of claim 1, wherein the combiner queries components of the integrated circuit for the technical information concerning their capabilities.
  - 14. The integrated circuit of claim 1, wherein the combiner obtains the technical information from an operating system of the integrated circuit.
  - 15. The integrated circuit of claim 1, wherein the combiner computes a hash function over the challenge and the technical information.
  - 16. The integrated circuit of claim 10, wherein the information comparator is integrated in an application uploader of the external computing device.
  - 17. The integrated circuit of claim 1, wherein the combiner is configured to only use the technical information stored in a Read Only Memory (ROM).
  - 18. The integrated circuit of claim 1, wherein the communication circuit comprises connector pads.
  - 19. The integrated circuit of claim 1, wherein the key storage is a Read Only Memory (ROM).

11. A method comprising:
- 2. obtaining a cryptographic challenge combining technical information representing capabilities of an integrated circuit to a computing device external to the integrated circuit with the cryptographic challenge, wherein the technical information and the challenge are concatenated;
  
  3. producing a signature over the combined technical information and the cryptographic challenge using a cryptographic signing key;
  
  4. providing the signature to the external computing device;
  
  5. receiving application computer code after the providing of the signature to the external computing device;
  
  6. installing the received application computer code in a code memory of the integrated circuit to enable the integrated circuit with a new functionality;
  
  7. receiving application information from the external computing device; and
  
  8. combining a further challenge with the application information after the application computer code has been installed.
- View Dependent Claims (12)
- - 12. The method of claim 11, comprising:
    - verifying the signature by the external computing device; and
      
      installing the application computer code on the integrated circuit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP B.V. (NXP Semiconductors NV)
Original Assignee
NXP B.V. (NXP Semiconductors NV)
Inventors
Meyn, Hauke, Malzahn, Ralf
Primary Examiner(s)
Gee, Jason K.
Assistant Examiner(s)
LWIN, MAUNG T

Application Number

US12/967,349
Publication Number

US 20110145586A1
Time in Patent Office

1,274 Days
Field of Search

None
US Class Current

713/176
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/72   in cryptographic circuits

G11B 20/00086   Circuits for prevention of ...

H04L 9/3247   involving digital signatures

Integrated circuit and system for installing computer code thereon

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Integrated circuit and system for installing computer code thereon

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links