Operating system authenticator
First Claim
Patent Images
1. A method of authenticating that a program being loaded into a computer is valid, said method comprising the steps of:
- storing an identification code unique to said program;
generating an authenticating value as a function of said identification code and at least a given portion of the program being loaded; and
determining the authenticity of the program being loaded in response to comparing said authenticating value with a prestored verifier value which is a predetermined function of a valid program and said identification code.
0 Assignments
0 Petitions
Accused Products
Abstract
An operating system authenticator for determining if an operating system being loaded in a computer is valid. A user'"'"'s identification code or secret key which is unique to the operating system, and a verifier value which is a predetermined function of a valid operating system and the identification code are respectively stored. A hash function, which is a function of the operating system being loaded and the identification code, is generated by the authenticator. After the operating system is loaded, the hash function is used as an authenticating value and compared with the verifier value for determining the authenticity of the loaded operating system.
237 Citations
10 Claims
-
1. A method of authenticating that a program being loaded into a computer is valid, said method comprising the steps of:
-
storing an identification code unique to said program; generating an authenticating value as a function of said identification code and at least a given portion of the program being loaded; and determining the authenticity of the program being loaded in response to comparing said authenticating value with a prestored verifier value which is a predetermined function of a valid program and said identification code.
-
-
2. A method of authenticating that a program being loaded into a computer is valid, said method comprising the steps of:
-
storing a secret key unique to said program; storing a verifier code which is unique to a valid program and said secret key; generating an authenticating value in response to applying said secret key to at least a given portion of the program being loaded; and determining the authenticity of the program being loaded in response to comparing said authenticating value with a prestored verifier value which is a predetermined function of a valid program and said secret key.
-
-
3. A method of authenticating the validity of an operating system being loaded into a computer, said method comprising the steps of:
-
storing an identification code unique to said operating system; storing a verifier value which is a predetermined function of said identification code and a valid operating system; generating an authenticating value as a hash function of said identification code and the operating system being loaded; and determining the authenticity of the operating system being loaded in response to comparing said authenticating value with said verifier value.
-
-
4. In a system for determining the authenticity of a program being loaded in a computer, the combination comprising:
-
means for storing an identification code unique to said program; means for generating an authenticating value which is a function of said identification code and at least a given portion of the program being loaded; and
-
- 5. means for determining the authenticity of the program being loaded in response to comparing said authenticating value and a prestored verifier value which is a predetermined function of a valid program and said identification code.
-
6. In a system for determining the authenticity of an operating system being loaded in a computer, the combination comprising:
-
means for storing a secret key which is unique to said operating system; means for storing a verifier value which is a predetermined function of said secret key and a valid operating system; means for generating an authenticating value which is a function of the secret key and the operating system being loaded; and means for determining the authenticity of the operating system being loaded in response to comparing said authenticating value with said verifier value.
-
-
8. In a system for determining the authenticity of an operating system being loaded in a computer, the combination comprising:
-
means for storing in a first storage location an identification code unique to said operating system; means for storing in a second storage location a verifier value which is a predetermined function of said identification code and a valid operating system; means for sequentially storing said operating system a word at a time in a third storage location; means for comparing the contents of said first and third storage locations, including means for breaking up the result of the comparison into first and second portions; means for taking the product of said first and second portions, with the resultant product being stored in said first storage location in place of what was previously stored, for comparison with the following word of said operating system and so on until the complete operating system has been sequentially stored; means for initially storing a reference word in a fourth storage location; means for comparing the contents of said first and fourth storage locations after each successive word of said operating system has been stored, with the result of the comparison being stored in said fourth storage location in place of what was previously stored; and means for determining the authenticity of the operating system being loaded in response to comparing the contents of said second and fourth storage locations following the complete sequential storage of said operating system.
-
-
9. An apparatus for determining the authenticity of an operating system being loaded in a computer, the combination comprising:
a first storage register in which an identification code for said operating system is stored;
-
10. a second storage register in which a verifier value which is a predetermined function of a valid operating system and said identification code is stored;
-
a third storage register in which said operating system is loaded a word at a time; a fourth storage register; a first gating network connected between said first and fourth registers for passing the contents of said first register to said fourth register during a first timing interval; a first bit-by-bit comparator network having first and second inputs and two outputs; second and third gating networks connected between said third storage register and said first input and said fourth register and said second input, respectively, of said first bit-by-bit comparator for passing the contents thereof during a second timing interval; a multiplier having first and second inputs and an output; fifth and sixth storage registers connected between the first output of said first bit-by-bit comparator and the first input of said multiplier and the second output of said first bit-by-bit comparator and the second input of said multiplier, respectively, with the contents of said fifth and sixth storage register being multiplied in said multiplier; a fourth gating network connected between the output of said multiplier and said fourth storage register for passing the contents of said multiplier to said fourth register during a third timing interval; a seventh storage register having an input and an output and in which is initially stored a reference value; a second bit-by-bit comparator network having first and second inputs and an output; fifth and sixth gating networks connected between the output of said seventh register and the first input, and the output of said fourth register and the second input, respectively, of said second bit-by-bit comparator for passing the contents thereof during a fourth timing interval; an eighth storage register having an input connected to the output of said second bit-by-bit comparator, and also having an output; a seventh gating network connected between the output of said eighth storage register and the input of said seventh storage register for passing the contents of said eighth storage register to said seventh storage register during a fifth timing interval; a third comparator having first and second inputs and an output, with the first input being connected to the output of said second storage register and the second input being connected to the output of said seventh storage register; and an eighth gating network connected to the output of said third comparator for sampling the results of the comparison during a sixth timing interval, with a first signal being provided which is indicative that the operating system being loaded is valid if there is a comparison, and a second signal being provided which is indicative that the operating system being loaded is invalid if there is a lack of comparison.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsAttanasio, Clement Richard, Belady, Laszlo Antal
-
Primary Examiner(s)Cook, Daryl W.
-
Application NumberUS05/607,410Time in Patent Office470 DaysField of Search235/61.7 R, 235/61.7 B, 340/149 A, 340/149 BUS Class Current235/431CPC Class CodesG06F 21/31 User authenticationG06F 21/51 at application loading time...G07C 9/33 by means of a passwordH04L 2209/60 Digital content management,...H04L 9/3226 using a predetermined code,...H04L 9/3236 using cryptographic hash fu...
