×

Firmware verified boot

  • US 8,812,854 B2
  • Filed: 10/12/2010
  • Issued: 08/19/2014
  • Est. Priority Date: 10/13/2009
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented boot process for a computing system, the boot process comprising:

  • verifying, by a processor of the computing system, a first encrypted signature corresponding with a first portion of a read-write portion of firmware of the computing system using a first public-key and a first cryptographic hash algorithm, and halting the boot process if the verification of the first encrypted signature fails;

    verifying, by the processor, that a key-version of a second public-key is greater than or equal to a corresponding highest key-version observed by the computing system, and halting the boot process if the key-version of the second public-key is less than the highest key-version;

    verifying, by the processor, a second encrypted signature corresponding with a second portion of the read-write portion of the firmware using the second public-key and a second cryptographic hash algorithm, and halting the boot process if the verification of the second encrypted signature fails;

    verifying, by the processor, a third encrypted signature corresponding with a third portion of the read-write portion of the firmware using the second public-key and the second cryptographic hash algorithm, and halting the boot process if the verification of the third encrypted signature fails;

    verifying, by the processor, a fourth encrypted signature corresponding with a first portion of an operating-system kernel using the second public-key and the second cryptographic hash algorithm, and halting the boot process if the verification of the fourth encrypted signature fails; and

    verifying, by the processor, a fifth signature corresponding with a second portion of the operating-system kernel using a third public-key and a third cryptographic hash algorithm, and halting the boot process if the verification of the fifth encrypted signature fails.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×