Verifying integrity and guaranteeing execution of code on untrusted computer platform
First Claim
1. A software-based method for establishing untampered execution of a target executable in memory of an untrusted computer, comprising:
- calculating, on a trusted computer, the time for a verification function using a nonce as input to execute on said untrusted computer;
sending said nonce from said trusted computer to the untrusted computer;
running said verification function on the untrusted computer, said verification function using said nonce as an input, said verification function being run on memory containing at least the verification function and producing one or more results;
sending the results to the trusted computer;
determining, at the trusted computer, whether the results are correct;
determining, at the trusted computer, whether the execution of said verification function on said untrusted computer has taken the calculated amount of time; and
indicating, at the trusted computer, if the results are correct and if the verification function has taken the calculated time to execute, that the untrustedcomputer has an untampered execution environment;
wherein determining whether the verification function and the target executable are unmodified from a value expected by the trusted computer includes;
using the verification function to determine a checksum over memory that includes the verification function;
sending the checksum value to the trusted computer;
determining at the trusted computer whether the checksum value is correct; and
determining at the trusted computer whether the checksum value is received within an expected elapsed time period;
using the verification function to compute a cryptographic hash over memory that contains the target executable;
sending the hash value to the trusted computer; and
determining at the trusted computer whether the hash value is correct.
2 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and apparatus for verifying integrity and execution state of an untrusted computer. In one embodiment, the method includes placing a verification function in memory on the untrusted computer; invoking the verification function from a trusted computer; determining a checksum value over memory containing both the verification function and the execution state of a processor and hardware on the untrusted computer; sending the checksum value to the trusted computer; determining at the trusted computer whether the checksum value is correct; and determining at the trusted computer whether the checksum value is received within an expected time period.
133 Citations
35 Claims
-
1. A software-based method for establishing untampered execution of a target executable in memory of an untrusted computer, comprising:
-
calculating, on a trusted computer, the time for a verification function using a nonce as input to execute on said untrusted computer; sending said nonce from said trusted computer to the untrusted computer; running said verification function on the untrusted computer, said verification function using said nonce as an input, said verification function being run on memory containing at least the verification function and producing one or more results; sending the results to the trusted computer; determining, at the trusted computer, whether the results are correct; determining, at the trusted computer, whether the execution of said verification function on said untrusted computer has taken the calculated amount of time; and indicating, at the trusted computer, if the results are correct and if the verification function has taken the calculated time to execute, that the untrusted computer has an untampered execution environment; wherein determining whether the verification function and the target executable are unmodified from a value expected by the trusted computer includes; using the verification function to determine a checksum over memory that includes the verification function; sending the checksum value to the trusted computer; determining at the trusted computer whether the checksum value is correct; and determining at the trusted computer whether the checksum value is received within an expected elapsed time period; using the verification function to compute a cryptographic hash over memory that contains the target executable; sending the hash value to the trusted computer; and determining at the trusted computer whether the hash value is correct. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification