×

Verifying integrity and guaranteeing execution of code on untrusted computer platform

  • US 9,177,153 B1
  • Filed: 10/10/2006
  • Issued: 11/03/2015
  • Est. Priority Date: 10/07/2005
  • Status: Active Grant
First Claim
Patent Images

1. A software-based method for establishing untampered execution of a target executable in memory of an untrusted computer, comprising:

  • calculating, on a trusted computer, the time for a verification function using a nonce as input to execute on said untrusted computer;

    sending said nonce from said trusted computer to the untrusted computer;

    running said verification function on the untrusted computer, said verification function using said nonce as an input, said verification function being run on memory containing at least the verification function and producing one or more results;

    sending the results to the trusted computer;

    determining, at the trusted computer, whether the results are correct;

    determining, at the trusted computer, whether the execution of said verification function on said untrusted computer has taken the calculated amount of time; and

    indicating, at the trusted computer, if the results are correct and if the verification function has taken the calculated time to execute, that the untrustedcomputer has an untampered execution environment;

    wherein determining whether the verification function and the target executable are unmodified from a value expected by the trusted computer includes;

    using the verification function to determine a checksum over memory that includes the verification function;

    sending the checksum value to the trusted computer;

    determining at the trusted computer whether the checksum value is correct; and

    determining at the trusted computer whether the checksum value is received within an expected elapsed time period;

    using the verification function to compute a cryptographic hash over memory that contains the target executable;

    sending the hash value to the trusted computer; and

    determining at the trusted computer whether the hash value is correct.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×