Systems, devices, and methods for outputting alerts to indicate the use of a weak hash function
First Claim
Patent Images
1. A method of outputting an alert on a mobile device, the method comprising:
- receiving data that identifies both at least one first hash function and at least one application, wherein each of the at least one first hash function identified in the data is identified as being weak;
identifying a public key associated with a first certificate of a plurality of certificates belonging to a certificate chain;
repeating, for each of the plurality of certificates belonging to the certificate chain,identifying a second hash function used to digitally sign the certificate; and
determining whether the second hash function used to digitally sign the certificate is weak, based on the data,wherein the second hash function used to digitally sign the certificate is determined to be weak if;
the second hash function used to digitally sign the certificate matches any of the at least one first hash function identified in the data, andthe determining is being performed for an application identified in the data; and
outputting the alert when, for at least one certificate of the plurality of certificates belonging to the certificate chain, the second hash function used to digitally sign the at least one certificate is determined to be weak.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems, devices, and methods for outputting an alert on a mobile device to indicate the use of a weak hash function are disclosed herein. In one example embodiment, the method comprises receiving data (e.g. from a server) that identifies at least one first hash function, identifying a hash digest generated using a second hash function, determining if the second hash function is weak using the received data, and outputting an alert indicating that the second hash function is weak if it is determined that the second hash function is weak.
-
Citations
20 Claims
-
1. A method of outputting an alert on a mobile device, the method comprising:
-
receiving data that identifies both at least one first hash function and at least one application, wherein each of the at least one first hash function identified in the data is identified as being weak; identifying a public key associated with a first certificate of a plurality of certificates belonging to a certificate chain; repeating, for each of the plurality of certificates belonging to the certificate chain, identifying a second hash function used to digitally sign the certificate; and determining whether the second hash function used to digitally sign the certificate is weak, based on the data, wherein the second hash function used to digitally sign the certificate is determined to be weak if; the second hash function used to digitally sign the certificate matches any of the at least one first hash function identified in the data, and the determining is being performed for an application identified in the data; and outputting the alert when, for at least one certificate of the plurality of certificates belonging to the certificate chain, the second hash function used to digitally sign the at least one certificate is determined to be weak. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile device comprising a processor and a memory, wherein the mobile device is programmed to execute a plurality of instructions which, when executed, cause the processor to:
-
receive data that identifies both at least one first hash function and at least one application, wherein each of the at least one first hash function identified in the data is identified as being weak; identify a public key associated with a first certificate of a plurality of certificates belonging to a certificate chain; repeat, for each of the plurality of certificates belonging to the certificate chain, identifying a second hash function used to digitally sign the certificate; and determining whether the second hash function used to digitally sign the certificate is weak, based on the data, wherein the second hash function used to digitally sign the certificate is determined to be weak if; the second hash function used to digitally sign the certificate matches any of the at least one first hash function identified in the data, and the determining is being performed for an application identified in the data; and output an alert when, for at least one certificate of the plurality of certificates belonging to the certificate chain, the second hash function used to digitally sign the at least one certificate is determined to be weak. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium on which a plurality of executable instructions is stored, the instructions for causing a mobile device to:
-
receive data that identifies both at least one first hash function and at least one application, wherein each of the at least one first hash function identified in the data is identified as being weak; identify a public key associated with a first certificate of a plurality of certificates belonging to a certificate chain; repeat, for each of the plurality of certificates belonging to the certificate chain, identifying a second hash function used to digitally sign the certificate; and determining whether the second hash function used to digitally sign the certificate is weak, based on the data, wherein the second hash function used to digitally sign the certificate is determined to be weak if; the second hash function used to digitally sign the certificate matches any of the at least one first hash function identified in the data, and the determining is being performed for an application identified in the data; and output an alert when, for at least one certificate of the plurality of certificates belonging to the certificate chain, the second hash function used to digitally sign the at least one certificate is determined to be weak.
-
-
15. A method of transmitting data to a mobile device from a server, the method comprising the server:
-
identifying both at least one first hash function and at least one application, wherein each of the at least one first hash function is identified as being weak; and transmitting data identifying the at least one first hash function and the at least one application to the mobile device, the mobile device; identifying a public key associated with a first certificate of a plurality of certificates belonging to a certificate chain; and repeating, for each of the plurality of certificates belonging to the certificate chain, identifying a second hash function used to digitally sign the certificate; and determining whether the second hash function used to digitally sign the certificate is weak, based on the data, wherein the second hash function used to digitally sign the certificate is determined to be weak if; the second hash function used to digitally sign the certificate matches any of the at least one first hash function identified in the data, and the determining is being performed for an application identified in the data; and outputting an alert when, for at least one certificate of the plurality of certificates belonging to the certificate chain, the second hash function used to digitally sign the at least one certificate is determined to be weak. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification