METHOD AND APPARATUS FOR VALIDATING INTEGRITY OF A MOBILE COMMUNICATION
First Claim
1. A method for validating integrity of a mobile communication device, the method comprising:
- provisioning the mobile communication device, wherein the provisioning comprises deleting existing software from the mobile communication device and installing trusted software on the mobile communication device;
installing an integrity verification application on the mobile communication device, wherein the integrity verification application comprises a list of expected signatures for data on the mobile communication device;
running the integrity verification application to validate the data based on the expected signatures;
establishing a first pass indicator and a second pass indicator, wherein establishing the first pass indicator and the second pass indicator comprises;
receiving a first instance of the first pass indicator;
performing a first integrity check calculation on non-volatile memory of the mobile communication device using the first instance of the first pass indicator as a seed value to provide a first integrity check value;
receiving the second pass indicator;
splitting a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and
storing the split of the second pass indicator in the non-volatile memory of the mobile communication device;
thereafter, receiving a second instance of the first pass indicator as a challenge for verification, and in response to receiving the second instance of the first pass indicator;
performing a second integrity check calculation on the non-volatile memory of the mobile communication device using the second instance of the first pass indicator as a seed value to provide a second integrity check value, the second integrity check calculation being different from the first integrity check calculation;
determining the second pass indicator based on the split of the second pass indicator and the second integrity check value; and
displaying the second pass indicator as an indication of the integrity.
4 Assignments
0 Petitions
Accused Products
Abstract
A method for validating integrity of a mobile communication device includes provisioning the mobile communication device by deleting existing software and installing an integrity verification application. The method also includes establishing a first pass indicator and a second pass indicator including receiving a first instance of the first pass indicator. The method also includes receiving a second instance of the first pass indicator as a challenge for verification. In response to receiving the second instance of the first pass indicator, the second pass indicator may be displayed as an indication of the integrity.
8 Citations
20 Claims
-
1. A method for validating integrity of a mobile communication device, the method comprising:
-
provisioning the mobile communication device, wherein the provisioning comprises deleting existing software from the mobile communication device and installing trusted software on the mobile communication device; installing an integrity verification application on the mobile communication device, wherein the integrity verification application comprises a list of expected signatures for data on the mobile communication device; running the integrity verification application to validate the data based on the expected signatures; establishing a first pass indicator and a second pass indicator, wherein establishing the first pass indicator and the second pass indicator comprises; receiving a first instance of the first pass indicator; performing a first integrity check calculation on non-volatile memory of the mobile communication device using the first instance of the first pass indicator as a seed value to provide a first integrity check value; receiving the second pass indicator; splitting a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and storing the split of the second pass indicator in the non-volatile memory of the mobile communication device; thereafter, receiving a second instance of the first pass indicator as a challenge for verification, and in response to receiving the second instance of the first pass indicator; performing a second integrity check calculation on the non-volatile memory of the mobile communication device using the second instance of the first pass indicator as a seed value to provide a second integrity check value, the second integrity check calculation being different from the first integrity check calculation; determining the second pass indicator based on the split of the second pass indicator and the second integrity check value; and displaying the second pass indicator as an indication of the integrity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile communication device comprising:
-
a provisioning module configured to provision the mobile communication device, wherein the provisioning comprises deleting existing software from the mobile communication device and installing trusted software on the mobile communication device; a first integrity verification application comprising a list of expected signatures for data on the mobile communication device; an initialization module configured to establish a first pass indicator and a second pass indicator, the initialization module comprising; an input module configured to receive the first pass indicator and the second pass indicator; a first integrity check calculation module configured to calculate a first integrity check on non-volatile memory of the mobile communication device using the first pass indicator as a seed value to provide a first integrity check value; a splitting module configured to split a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and a storing module configured to store the split of the second pass indicator in the non-volatile memory of the mobile communication device; a second integrity verification module configured to receive the first pass indicator as a challenge for verification, the second integrity verification module comprising; a second integrity check calculation module configured to calculate a second integrity check on the non-volatile memory of the mobile communication device using the first pass indicator as a seed value to provide a second integrity check value; a determining module configured to determine the second pass indicator based on the split of the second pass indicator and the second integrity check value; and a display module configured to display the second pass indicator as an indication of integrity during operation. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for validating a mobile communication device, the method comprising:
-
deleting existing software from the mobile communication device and installing trusted software on the mobile communication device; installing an integrity verification application on the mobile communication device, wherein the integrity verification application comprises a list of expected signatures for data on the mobile communication device; establishing a first pass indicator and a second pass indicator, wherein establishing the first pass indicator and the second pass indicator comprises; receiving the first pass indicator; performing a first integrity check calculation on non-volatile memory of the mobile communication device using the first pass indicator as a seed value to provide a first integrity check value; receiving the second pass indicator; splitting a parameter of the second pass indicator against the first integrity check value to provide a split of the second pass indicator; and storing the split of the second pass indicator in the non-volatile memory of the mobile communication device receiving a second instance of the first pass indicator as a challenge for verification, in response to receiving the second instance of the first pass indicator; performing a second integrity check calculation on the non-volatile memory of the mobile communication device to provide a second integrity check value, the second integrity check calculation being different from the first integrity check calculation; determining the second pass indicator based on the split of the second pass indicator and the second integrity check value; and displaying the second pass indicator as an indication of integrity during operation. - View Dependent Claims (17, 18, 19, 20)
-
Specification