Fuse-enabled secure bios mechanism with override feature

US 9,798,880 B2
Filed: 10/31/2016
Issued: 10/24/2017
Est. Priority Date: 11/13/2013
Status: Active Grant

First Claim

Patent Images

1. An apparatus for protecting a basic input/output system (BIOS) in a computing system, the apparatus comprising:

a BIOS read only memory (ROM), comprising;

BIOS contents, wherein said BIOS contents are stored as plaintext; and

an encrypted message digest, wherein said encrypted message digest comprises an encrypted version of a first message digest that corresponds to said BIOS contents;

a tamper detector, operatively coupled to said BIOS ROM, configured to generate a BIOS check interrupt at a combination of prescribed intervals and event occurrences, and configured to access said BIOS contents and said encrypted message digest upon assertion of said BIOS check interrupt, and configured to direct a microprocessor to generate a second message digest corresponding to said BIOS contents and a decrypted message digest corresponding to said encrypted message digest, and configured to compare said second message digest with said decrypted message digest, and configured to preclude said operation of said microprocessor when said second message digest and said decrypted message digest are not equal;

a random number generator disposed within said microprocessor, wherein said random number generator generates a random number at completion of a current BIOS check, which is employed to set a following prescribed interval, whereby said prescribed intervals are randomly varied;

a JTAG control chain, configured to program said combination of prescribed intervals and event occurrences within tamper detection microcode storage;

a fuse, configured to indicate whether programming of said combination of prescribed intervals and event occurrences is to be disabled;

a machine specific register, configured to store a value therein; and

an access control element, coupled to said fuse, said machine specific register, and said JTAG control chain, configured to determine that said fuse is blown, and configured to direct said JTAG control chain to enable programming of said combination of prescribed intervals and event occurrences when said value matches an override value within said access control element during a period that said value is stored within said machine specific register.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus for protecting BIOS, including a BIOS ROM, a detector, a generator, JTAG control, a machine specific register, and a controller. The BIOS ROM stores plaintext and an encrypted digest that is an encrypted version of a first digest corresponding to BIOS contents. The detector generates an interrupt at a combination of prescribed intervals and event occurrences, accesses the BIOS contents and the encrypted digest upon the interrupt, and directs a microprocessor to generate a second digest of the BIOS contents and a decrypted digest corresponding to the encrypted digest, compares the second digest with the decrypted digest, and precludes operation of the microprocessor when the second digest and decrypted digest are unequal. A random number is generated at completion of a current BIOS check, and sets a following prescribed interval. JTAG control programs the combination of prescribed intervals and event occurrences.

Citations

21 Claims

1. An apparatus for protecting a basic input/output system (BIOS) in a computing system, the apparatus comprising:
- a BIOS read only memory (ROM), comprising;
  
  BIOS contents, wherein said BIOS contents are stored as plaintext; and
  
  an encrypted message digest, wherein said encrypted message digest comprises an encrypted version of a first message digest that corresponds to said BIOS contents;
  
  a tamper detector, operatively coupled to said BIOS ROM, configured to generate a BIOS check interrupt at a combination of prescribed intervals and event occurrences, and configured to access said BIOS contents and said encrypted message digest upon assertion of said BIOS check interrupt, and configured to direct a microprocessor to generate a second message digest corresponding to said BIOS contents and a decrypted message digest corresponding to said encrypted message digest, and configured to compare said second message digest with said decrypted message digest, and configured to preclude said operation of said microprocessor when said second message digest and said decrypted message digest are not equal;
  
  a random number generator disposed within said microprocessor, wherein said random number generator generates a random number at completion of a current BIOS check, which is employed to set a following prescribed interval, whereby said prescribed intervals are randomly varied;
  
  a JTAG control chain, configured to program said combination of prescribed intervals and event occurrences within tamper detection microcode storage;
  
  a fuse, configured to indicate whether programming of said combination of prescribed intervals and event occurrences is to be disabled;
  
  a machine specific register, configured to store a value therein; and
  
  an access control element, coupled to said fuse, said machine specific register, and said JTAG control chain, configured to determine that said fuse is blown, and configured to direct said JTAG control chain to enable programming of said combination of prescribed intervals and event occurrences when said value matches an override value within said access control element during a period that said value is stored within said machine specific register.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The apparatus as recited in claim 1, wherein said BIOS ROM is disposed separately from said tamper timer and said tamper detector on a system board of the computing system.
  - 3. The apparatus as recited in claim 1, wherein said microprocessor employs the Secure Hash Algorithm to generate said second message digest.
  - 4. The apparatus as recited in claim 1, wherein said microprocessor employs the Advanced Encryption Standard algorithm to generate said decrypted message digest.
  - 5. The apparatus as recited in claim 1, wherein said microprocessor comprises a dedicated crypto/hash unit disposed within execution logic, and wherein said crypto/hash unit generates said second message digest and said decrypted message digest, and wherein said key is exclusively accessed by said crypto/hash unit.
  - 6. The apparatus as recited in claim 1, wherein said random number generator is disposed within execution logic in said microprocessor.
  - 7. The apparatus as recited in claim 5, wherein said key and said tamper timer cannot be accessed by program instructions that are executed by said microprocessor.

8. An apparatus for protecting a basic input/output system (BIOS) in a computing system, the apparatus comprising:
- a BIOS read only memory (ROM), comprising;
  
  BIOS contents, wherein said BIOS contents are stored as plaintext; and
  
  an encrypted message digest, wherein said encrypted message digest comprises an encrypted version of a first message digest that corresponds to said BIOS contents; and
  
  a microprocessor, coupled to said BIOS ROM, said microprocessor comprising;
  
  a tamper detector, operatively coupled to said BIOS ROM, configured to generate a BIOS check interrupt at a combination of prescribed intervals and event occurrences, and configured to access said BIOS contents and said encrypted message digest upon assertion of said BIOS check interrupt, and configured to direct said microprocessor to generate a second message digest corresponding to said BIOS contents and a decrypted message digest corresponding to said encrypted message digest, and configured to compare said second message digest with said decrypted message digest, and configured to preclude said operation of said microprocessor when said second message digest and said decrypted message digest are not equal;
  
  a random number generator disposed within said microprocessor, wherein said random number generator generates a random number at completion of a current BIOS check, which is employed to set a following prescribed interval, whereby said prescribed intervals are randomly varied; and
  
  a JTAG control chain, configured to program said combination of prescribed intervals and event occurrences within tamper detection microcode storage;
  
  a fuse, configured to indicate whether programming of said combination of prescribed intervals and event occurrences is to be disabled;
  
  a machine specific register, configured to store a value therein; and
  
  an access control element, coupled to said fuse, said machine specific register, and said JTAG control chain, configured to determine that said fuse is blown, and configured to direct said JTAG control chain to enable programming of said combination of prescribed intervals and event occurrences when said value matches an override value within said access control element during a period that said value is stored within said machine specific register.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus as recited in claim 8, wherein said BIOS ROM is disposed separately from said tamper timer and said tamper detector on a system board of the computing system.
  - 10. The apparatus as recited in claim 8, wherein said microprocessor employs the Secure Hash Algorithm to generate said second message digest.
  - 11. The apparatus as recited in claim 8, wherein said microprocessor employs the Advanced Encryption Standard algorithm to generate said decrypted message digest.
  - 12. The apparatus as recited in claim 8, said microprocessor further comprising:
    - a dedicated crypto/hash unit disposed within execution logic, wherein said crypto/hash unit generates said second message digest and said decrypted message digest, and wherein said key is exclusively accessed by said crypto/hash unit.
  - 13. The apparatus as recited in claim 8, wherein said random number generator is disposed within execution logic in said microprocessor.
  - 14. The apparatus as recited in claim 12, wherein said key cannot be accessed by program instructions that are executed by said microprocessor.

15. A method for protecting a basic input/output system (BIOS) in a computing system, the method comprising:
- storing BIOS contents as plaintext in a BIOS ROM along with an encrypted message digest that comprises an encrypted version of first message digest that corresponds to the BIOS contents;
  
  via a state of a fuse, indicating whether programming of a combination of prescribed intervals and event occurrences is to be disabled;
  
  storing a value in a machine specific register;
  
  determining that the fuse is blown, and directing a JTAG control chain to enable programming of the combination of prescribed intervals and event occurrences if when the value matches an override value within an access control element during a period that the value is stored within the machine specific register;
  
  programming the combination of prescribed intervals and event occurrences in tamper detection microcode storage;
  
  generating a BIOS check interrupt that interrupts normal operation of the computing system at the combination of prescribed intervals and event occurrences;
  
  upon assertion of the BIOS check interrupt, accessing the BIOS contents and the encrypted message digest, and generating a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the first encrypted message digest using the same algorithms and key that were employed to generate the first message digest and the encrypted message digest;
  
  comparing the second message digest with the decrypted message digest;
  
  precluding operation of the microprocessor when the second message digest and the decrypted message digest are not equal; and
  
  employing a random number generator within the microprocessor to generate a random number at completion of a current BIOS check, which is employed to set a following prescribed interval, whereby the prescribed intervals are randomly varied.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method as recited in claim 15, further comprising:
    - separately disposing the BIOS ROM on a system board of the computing system.
  - 17. The method as recited in claim 15, wherein said accessing comprises:
    - employing the Secure Hash Algorithm to generate the second message digest.
  - 18. The apparatus as recited in claim 15, wherein said accessing further comprises:
    - employing the Advanced Encryption Standard algorithm to generate the decrypted message digest.
  - 19. The method as recited in claim 15, wherein the microprocessor comprises a dedicated crypto/hash unit disposed within execution logic, and wherein the crypto/hash unit generates the second message digest and the decrypted message digest, and wherein the key is exclusively accessed by the crypto/hash unit.
  - 20. The method as recited in claim 15, wherein the random number generator is disposed within execution logic in the microprocessor.
  - 21. The method as recited in claim 19, wherein the key cannot be accessed by program instructions that are executed by the microprocessor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
VIA Technologies Incorporated (VIA Technologies)
Original Assignee
VIA Technologies Incorporated (VIA Technologies)
Inventors
Henry, G. Glenn
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
SARKER, SANCHIT K

Application Number

US15/338,620
Publication Number

US 20170046517A1
Time in Patent Office

358 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/572   Secure firmware programming...

G06F 21/78   to assure secure storage of...

G06F 2221/2139   Recurrent verification

H04L 9/0631   Substitution permutation ne...

H04L 9/0643   Hash functions, e.g. MD5, S...

Fuse-enabled secure bios mechanism with override feature

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Fuse-enabled secure bios mechanism with override feature

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links