CERTIFYING DEVICE, VERIFYING DEVICE, VERIFYING SYSTEM, COMPUTER PROGRAM AND INTEGRATED CIRCUIT

US 20090204806A1
Filed: 07/02/2007
Published: 08/13/2009
Est. Priority Date: 07/03/2006
Status: Active Grant

First Claim

Patent Images

1. An authentication system composed of a requesting device and a verifying device, the requesting device requesting verification from the verifying device,the requesting device including:

a storage unit storing a plurality of computer programs that are to run on the requesting device, the computer programs being hierarchically related to each other;

a measuring unit operable to, each time one of the plurality of computer programs is loaded, measure an amount of characteristics of said one of the plurality of computer programs;

a generation unit which is tamper-resistant and is operable to, while a computer program that is one of the plurality of computer programs is loaded, generate certification information reflecting amounts of characteristics of the computer program and other computer programs that have already been loaded and are required to run the computer program; and

an output unit operable to output the generated certification information,the verifying device including;

an obtaining unit operable to obtain the certification information;

a storing unit preliminarily storing verification information reflecting amounts of characteristics which are to be obtained from the computer program and the other computer programs when the computer program and the other computer programs are not tampered with; and

a judging unit operable to judge, using the verification information and the obtained certification information, whether or not the requesting device is authentic.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication system that can show having an authentic computer program, can certify the authenticity of itself, and can verify the certification. The authentication system is composed of a terminal (requesting device) and a card (verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. With this structure, the terminal is forced to update the program when it attempts to use the secret information.

81 Citations

View as Search Results

36 Claims

1. An authentication system composed of a requesting device and a verifying device, the requesting device requesting verification from the verifying device,the requesting device including:
- a storage unit storing a plurality of computer programs that are to run on the requesting device, the computer programs being hierarchically related to each other;
  
  a measuring unit operable to, each time one of the plurality of computer programs is loaded, measure an amount of characteristics of said one of the plurality of computer programs;
  
  a generation unit which is tamper-resistant and is operable to, while a computer program that is one of the plurality of computer programs is loaded, generate certification information reflecting amounts of characteristics of the computer program and other computer programs that have already been loaded and are required to run the computer program; and
  
  an output unit operable to output the generated certification information,the verifying device including;
  
  an obtaining unit operable to obtain the certification information;
  
  a storing unit preliminarily storing verification information reflecting amounts of characteristics which are to be obtained from the computer program and the other computer programs when the computer program and the other computer programs are not tampered with; and
  
  a judging unit operable to judge, using the verification information and the obtained certification information, whether or not the requesting device is authentic.
- View Dependent Claims (2)
- - 2. The authentication system of claim 1 using a configuration certification technology specified in Trusted Computing Group (TCG), whereinthe generation unit constitutes a Trusted Platform Module specified in the TCG, andthe judging unit makes the judgment on authenticity of the requesting device by performing a verification process specified in the TCG.

3. A requesting device for requesting verification of authenticity of the requesting device itself from a verifying device, comprising:
- a storage unit storing a plurality of computer programs that are to run on the requesting device, the computer programs being hierarchically related to each other;
  
  a measuring unit operable to, each time one of the plurality of computer programs is loaded, measure an amount of characteristics of said one of the plurality of computer programs;
  
  a generation unit which is tamper-resistant and is operable to, while a computer program that is one of the plurality of computer programs is loaded, generate certification information reflecting amounts of characteristics of the computer program and other computer programs that have already been loaded and are required to run the computer program; and
  
  an output unit operable to output the generated certification information.
- View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 4. The requesting device of claim 3 using a configuration certification technology specified in Trusted Computing Group (TCG), whereinthe generation unit constitutes a Trusted Platform Module specified in the TCG.
  - 5. The requesting device of claim 3, whereinthe generation unit includes a plurality of platform configuration registers for storing amounts of characteristics, andthe generation unit receives specification of one of the platform configuration registers from the verifying device, and generates the certification information in accordance with an amount of characteristics stored in the register indicated by the received specification.
  - 6. The requesting device of claim 3 further comprising:
    - an obtaining unit operable to obtain another certification information for certifying authenticity of the verifying device, said another certification information having been generated based on at least an amount of characteristics of a computer program for operating the verifying device; and
      
      a judging unit operable to judge, using the obtained another certification information, whether or not the verifying device is authentic.
  - 7. The requesting device of claim 3 further comprising a second generation unit which is tamper-resistant, whereinthe storage unit further stores a second computer program for operating the requesting device, the second computer program including a plurality of computer instructions,the second generation unit requests verification of authenticity of the second generation unit itself from the generation unit,the generation unit verifies authenticity of the second generation unit,the measuring unit further measures a second amount of characteristics when the second computer program is loaded, the second amount of characteristics being an amount of characteristics of the second computer program,the second generation unit, when the generation unit has confirmed authenticity of the second generation unit, generates second certification information for requesting verification of authenticity of the requesting device, based on at least the second amount of characteristics, andthe output unit further outputs the second certification information.
  - 8. The requesting device of claim 3, whereinthe verifying device is a card storing second certification information for certifying authenticity of the verifying device itself, andthe generation unit, when the verifying device has confirmed authenticity of the requesting device successfully, obtains the second certification information from the verifying device, and judges, using the obtained second certification information, whether or not the verifying device is authentic.
  - 9. The requesting device of claim 8, whereinwhen the verifying device has confirmed authenticity of the requesting device itself, the requesting device further requests verification of authenticity of itself from a second verifying device,the storage unit further stores a plurality of second computer programs that are to run on the requesting device, the second computer programs being hierarchically related to each other,the measuring unit, each time one of the plurality of second computer programs is loaded, measures an amount of characteristics of said one of the plurality of second computer programs,the requesting device further comprisesa second generation unit which is tamper-resistant and is operable to, while a second computer program that is one of the plurality of second computer programs is loaded, generate second certification information reflecting amounts of characteristics of the second computer program and other second computer programs that have already been loaded and are required to run the second computer program, andthe output unit further outputs the generated second certification information to the second verifying device.
  - 10. The requesting device of claim 3 further comprising:
    - a requesting unit operable to send a request for secret information to the verifying device;
      
      a receiving unit operable to receive either the secret information or an update program, depending on a result of a judgment which is made by the verifying device to confirm whether or not the requesting device is authentic; and
      
      an update unit operable to, when the receiving unit has received the update program, update the computer program stored in the storage unit in accordance with the received update program.
  - 11. The requesting device of claim 10, whereinthe secret information is an encrypted device key that was generated by encrypting a device key assigned to the requesting device, based on a device identifier for identifying the requesting device,the receiving unit receives the encrypted device key when the verifying device has confirmed authenticity of the requesting device,the requesting device further comprisesa decrypting unit operable to generate a device key by decrypting the received encrypted device key, based on the device identifier for identifying the requesting device.
  - 12. The requesting device of claim 10, whereinthe generation unit generates the certification information based on amounts of characteristics measured by the measuring unit and a device identifier for identifying the requesting device.
  - 13. The requesting device of claim 10, whereinthe secret information is an encrypted device key that was generated by encrypting a device key,the requesting device further comprises an encrypting unit,the receiving unit receives the encrypted device key when the verifying device has confirmed authenticity of the encrypting unit,the encrypting unit generates a double-encrypted device key by encrypting the received encrypted device key, based on the device identifier for identifying the requesting device, andthe requesting device further comprisesa device key holding unit operable to hold the generated double-encrypted device key.
  - 14. The requesting device of claim 13, whereinthe encrypting unit includes:
    - a storage subunit storing an encryption program including a plurality of computer instructions constituting an encryption algorithm; and
      
      a microprocessor that operates in accordance with the encryption program,the receiving unit, when the verifying device has failed to confirm authenticity of the encrypting unit, receives, as the update program, an authentic encryption program including a plurality of computer instructions constituting an encryption algorithm, and overwrites the encryption program stored in the storage subunit with the received authentic encryption program, andthe encrypting unit achieves a function of the encryption algorithm as the microprocessor operates in accordance with the authentic encryption program.
  - 15. The requesting device of claim 14, whereinwhen it has been confirmed that the encryption program for performing an individual encryption was deleted, the receiving unit further receives, from the verifying device, a key that is indispensably required for decrypting the received encrypted device key.

16. A verifying device for verifying authenticity of a requesting device in which a plurality of computer programs hierarchically related to each other, the verifying device comprising:
- an obtaining unit operable to obtain, from the requesting device, certification information while one computer program among the plurality of computer programs is loaded, the certification information reflecting (a) an amount of characteristics of the one computer program and (b) amounts of characteristics of other computer programs that have already been loaded and are required to run the one computer program;
  
  a storing unit preliminarily storing verification information reflecting amounts of characteristics which are to be obtained from the one computer program and the other computer programs when the one computer program and the other computer programs are not tampered with; and
  
  a judging unit operable to judge, using the verification information and the obtained certification information, whether or not the requesting device is authentic.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 17. The verifying device of claim 16 using a configuration certification technology specified in Trusted Computing Group (TCG), whereinthe judging unit makes the judgment on authenticity of the requesting device by performing a verification process specified in the TCG.
  - 18. The verifying device of claim 16 being either a card or a server device.
  - 19. The verifying device of claim 18, whereinthe obtain unit obtains certification information that was generated in accordance with an amount of characteristics stored in a platform configuration register specified by the verifying device, andthe judging unit makes the judgment on authenticity of the requesting device, using the obtained certification information and an amount of characteristics to be stored in the platform configuration register.
  - 20. The verifying device of claim 18 further comprising:
    - a storage unit storing a plurality of computer programs that are to run on the verifying device, the computer programs being hierarchically related to each other;
      
      a measuring unit operable to, each time one of the plurality of computer programs is loaded, measure an amount of characteristics of said one of the plurality of computer programs;
      
      a generation unit which is tamper-resistant and is operable to generate certification information while one computer program among the plurality of computer programs is loaded, the certification information reflecting (a) an amount of characteristics of the one computer program and (b) amounts of characteristics of other computer programs that have already been loaded and are required to run the one computer program; and
      
      an output unit operable to output the generated certification information.
  - 21. The verifying device of claim 18, whereinthe obtaining unit further obtains second certification information for certifying authenticity of the requesting device, the second certification information having been generated based on at least an amount of characteristics of a second computer program for operating the requesting device, andthe judging unit further makes the judgment on authenticity of the requesting device by using the obtained second certification information.
  - 22. The verifying device of claim 18 being a card and further comprising:
    - a certification information storage unit storing second certification information indicating authenticity of the verifying device; and
      
      an output unit operable to output the second certification information when the judging unit has confirmed authenticity of the requesting device successfully.
  - 23. The verifying device of claim 16 further comprising:
    - an information holding unit holding secret information safely;
      
      a program storage unit storing an update program for updating a computer program including a plurality of computer instructions for operating the requesting device; and
      
      an output unit operable to output the secret information held by the information holding unit to the requesting device when authenticity of the requesting device has been confirmed, and output the update program stored in the program storage unit to the requesting device when unauthenticity of the requesting device has been confirmed.
  - 24. The verifying device of claim 23, whereinthe information holding unit holds, as the secret information, an encrypted device key that was generated by encrypting a device key assigned to the requesting device, based on a device identifier for identifying the requesting device, andthe output unit outputs the encrypted device key when authenticity of the requesting device has been confirmed.
  - 25. The verifying device of claim 23, whereinthe obtaining unit obtains the certification information that was generated based on the amount of characteristics and a device identifier for identifying the requesting device,the verifying device further comprisesa verification information obtaining unit operable to obtain verification information that was generated based on an authentic amount of characteristics and the device identifier of the requesting device, the authentic amount of characteristics being an amount of characteristics of an authentic computer program, andthe judging unit makes the judgment on authenticity of the requesting device, using the certification information and the verification information.
  - 26. The verifying device of claim 23, whereinthe obtaining unit obtains the certification information that was generated based on the amount of characteristics and a device identifier for identifying the requesting device,the verifying device further comprisesan authentic amount of characteristics obtaining unit operable to obtain an authentic amount of characteristics, the authentic amount of characteristics being an amount of characteristics of an authentic computer program;
    - anda verification information generating unit operable to generate verification information for verifying authenticity of the requesting device, based on the obtained authentic amount of characteristics, and based on the device identifier of the requesting device, andthe judging unit makes the judgment on authenticity of the requesting device, using the certification information and the verification information.
  - 27. The verifying device of claim 23 further comprising:
    - an identifier obtaining unit operable to obtain a device identifier for identifying the requesting device;
      
      an encrypting unit operable to generate an encrypted device key by encrypting a device key assigned to the requesting device, based on the obtained device identifier; and
      
      a device key storing unit operable to store the generated encrypted device key into the information holding unit.
  - 28. The verifying device of claim 23, whereinthe requesting device includes an encrypting unit operable to encrypt an encrypted device key,the information holding unit holds the encrypted device key as the secret information,the judging unit makes the judgment on authenticity of the requesting device, by judging whether or not the encrypting unit of the requesting device is authentic, andthe output unit outputs the encrypted device key to the requesting device when authenticity of the encrypting unit has been confirmed.
  - 29. The verifying device of claim 28, whereinthe encrypting unit of the requesting device includes (i) a storage subunit storing an encryption program including a plurality of computer instructions constituting an encryption algorithm, and (ii) a microprocessor that operates in accordance with the encryption program,the program storage unit stores, as the update program, an authentic encryption program including a plurality of computer instructions constituting the encryption algorithm, andthe output unit outputs the authentic encryption program to the requesting device when unauthenticity of the encrypting unit has been confirmed.
  - 30. The verifying device of claim 29, whereinthe output unit outputs a key required for decrypting the encrypted device key when the judging unit has confirmed that the encryption program for performing an individual encryption was deleted.

31. A requesting method for use in a requesting device for requesting verification of authenticity of the requesting device itself from a verifying device, whereinthe requesting device includes (i) a storage unit storing a plurality of computer programs that are to run on the requesting device, the computer programs being hierarchically related to each other, and (ii) a generation unit which is tamper-resistant,the certifying method comprising the steps of:
- measuring, each time one of the plurality of computer programs is loaded, an amount of characteristics of said one of the plurality of computer programs;
  
  generating, using the generation unit while a computer program that is one of the plurality of computer programs is loaded, certification information reflecting amounts of characteristics of the computer program and other computer programs that have already been loaded and are required to run the computer program; and
  
  outputting the generated certification information.

32. A computer-readable recording medium storing a computer program for certification for use in a requesting device for requesting verification of authenticity of the requesting device itself from a verifying device, whereinthe requesting device includes (i) a storage unit storing a plurality of computer programs that are to run on the requesting device, the computer programs being hierarchically related to each other, and (ii) a generation unit which is tamper-resistant,the computer program causing a computer to execute the steps of:
- measuring, each time one of the plurality of computer programs is loaded, an amount of characteristics of said one of the plurality of computer programs;
  
  generating, using the generation unit while a computer program that is one of the plurality of computer programs is loaded, certification information reflecting amounts of characteristics of the computer program and other computer programs that have already been loaded and are required to run the computer program; and
  
  outputting the generated certification information.

33. An integrated circuit constituting a requesting device for certifying authenticity of the requesting device itself to a verifying device, whereinthe requesting device includes a storage unit storing a plurality of computer programs that are to run on the requesting device, the computer programs being hierarchically related to each other,the integrated circuit comprising:
- a measuring unit operable to, each time one of the plurality of computer programs is loaded, measure an amount of characteristics of said one of the plurality of computer programs;
  
  a generation unit which is tamper-resistant and is operable to, while a computer program that is one of the plurality of computer programs is loaded, generate certification information reflecting amounts of characteristics of the computer program and other computer programs that have already been loaded and are required to run the computer program; and
  
  an output unit operable to output the generated certification information.

34. A verifying method for use in a verifying device for verifying authenticity of a requesting device in which a plurality of computer programs hierarchically related to each other run, the verifying method comprising the step ofobtaining, from the requesting device, certification information while one computer program among the plurality of computer programs is loaded, the certification information reflecting (a) an amount of characteristics of the one computer program and (b) amounts of characteristics of other computer programs that have already been loaded and are required to run the one computer program,the verifying device includinga storing unit preliminarily storing verification information reflecting amounts of characteristics which are to be obtained from the one computer program and the other computer programs when the one computer program and the other computer programs are not tampered with, andthe verifying method also comprising the step ofjudging, using the verification information and the obtained certification information, whether or not the requesting device is authentic.

35. A recording medium storing a computer program for verification for use in a verifying device for verifying authenticity of a requesting device in which a plurality of computer programs hierarchically related to each other run, the computer program causing a computer to execute the step ofobtaining, from the requesting device, certification information while one computer program among the plurality of computer programs is loaded, the certification information reflecting (a) an amount of characteristics of the one computer program and (b) amounts of characteristics of other computer programs that have already been loaded and are required to run the one computer program,the verifying device includinga storing unit preliminarily storing verification information reflecting amounts of characteristics which are to be obtained from the one computer program and the other computer programs when the one computer program and the other computer programs are not tampered with, andthe computer program also causing the computer to execute the step ofjudging, using the verification information and the obtained certification information, whether or not the requesting device is authentic.

36. An integrated circuit constituting a verifying device for verifying authenticity of a requesting device in which a plurality of computer programs hierarchically related to each other, the integrated circuit comprising:
- an obtaining unit operable to obtain, from the requesting device, certification information while one computer program among the plurality of computer programs is loaded, the certification information reflecting (a) an amount of characteristics of the one computer program and (b) amounts of characteristics of other computer programs that have already been loaded and are required to run the one computer program;
  
  a storing unit preliminarily storing verification information reflecting amounts of characteristics which are to be obtained from the one computer program and the other computer programs when the one computer program and the other computer programs are not tampered with; and
  
  a judging unit operable to judge, using the verification information and the obtained certification information, whether or not the requesting device is authentic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sovereign Peak Ventures, LLC (Dominion Harbor Enterprises, LLC)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Matsushima, Hideki, Ito, Yoshikatsu, Ito, Takayuki, Haga, Tomoyuki, Kanemura, Kouichi

Granted Patent

US 8,296,561 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/445   by mutual authentication, e...

G06F 21/51   at application loading time...

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 2221/2129   Authenticate client device ...

H04L 9/0822   using key encryption key

H04L 9/0866   involving user or device id...

H04L 9/3234   involving additional secure...

CERTIFYING DEVICE, VERIFYING DEVICE, VERIFYING SYSTEM, COMPUTER PROGRAM AND INTEGRATED CIRCUIT

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

CERTIFYING DEVICE, VERIFYING DEVICE, VERIFYING SYSTEM, COMPUTER PROGRAM AND INTEGRATED CIRCUIT

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links