Security hardening for a Wi-Fi router
First Claim
Patent Images
1. A router comprising:
- a processor;
at least one network interface coupled to the processor configured to enable communications via one or more communication networks;
a memory for content and programming;
a program stored in the memory, wherein execution of the program by the processor configures the router to perform acts comprising, during a provisioning stage;
receiving a provisioning digital message from a firmware server, the provisioning digital message comprising a digital certificate and an initial encrypted firmware that, when unencrypted and installed on the router, prevents unauthorized access to an existing firmware of the router;
the program being further executed by the processor to configure the router to perform acts comprising, during a maintenance stage;
receiving a digital message;
determining whether the digital message has integrity;
determining whether a digital signature of the digital message is correct;
upon determining that at least one of;
(i) the digital message does not have integrity, or (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message; and
upon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct;
decrypting the digital message;
extracting a new firmware from the digital message; and
flashing the existing firmware of the router in the memory with the new firmware.
5 Assignments
0 Petitions
Accused Products
Abstract
A method and system of securing the firmware of a router. Upon determining that a received digital message does not have integrity or the digital signature of the received digital message is not correct, the digital message is ignored or discarded. Otherwise the digital message is decrypted and a new firmware extracted therefrom. The existing firmware is then flashed with the new extracted firmware.
11 Citations
20 Claims
-
1. A router comprising:
-
a processor; at least one network interface coupled to the processor configured to enable communications via one or more communication networks; a memory for content and programming; a program stored in the memory, wherein execution of the program by the processor configures the router to perform acts comprising, during a provisioning stage; receiving a provisioning digital message from a firmware server, the provisioning digital message comprising a digital certificate and an initial encrypted firmware that, when unencrypted and installed on the router, prevents unauthorized access to an existing firmware of the router; the program being further executed by the processor to configure the router to perform acts comprising, during a maintenance stage; receiving a digital message; determining whether the digital message has integrity; determining whether a digital signature of the digital message is correct; upon determining that at least one of;
(i) the digital message does not have integrity, or (ii) the digital signature of the digital message is not correct, ignoring or discarding the digital message; andupon determining that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct; decrypting the digital message; extracting a new firmware from the digital message; and flashing the existing firmware of the router in the memory with the new firmware. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable medium having stored thereon a plurality of sequences of instructions which, when executed by one or more processors, cause the one or more processors to perform a method of securing a firmware of a router, the method comprising:
-
receiving a digital message; sending the digital message to a remote authentication server; in response to receiving, from the remote authentication server, a first confirmation that at least one of;
(i) the digital message does not have integrity, or (ii) a digital signature of the digital message is not correct, ignoring or discarding the digital message;in response to receiving, from the remote authentication server, a second confirmation that (i) the digital message does have integrity, and (ii) the digital signature of the digital message is correct; decrypting the digital message; extracting a new firmware from the digital message; and flashing an existing firmware with the new firmware. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification