Loading data onto an electronic device
First Claim
1. A method of loading data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the method comprising:
- loading a factory public key (PuKF) into the key memory;
loading factory software signed with a factory private key (PrKF) corresponding to the factory public key into the data memory;
loading into the key memory a product public key (PuKP) different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); and
disabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuKP) causes the factory public key (PuKF) to be disabled.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of protecting an electronic device from unauthorized reprogramming, the electronic device comprising a data memory and a key memory, the method comprising loading into the key memory a predetermined public key of a cryptographic public key mechanism for verifying subsequent data items to be loaded into the data memory, the subsequent data items being signed with a corresponding private key; characterized in that the method further comprises setting a permanent identifier in the electronic device, the permanent identifier including an identifier identifying an entity authorized to reprogram the electronic device and an indicator identifying a selected one of a number of categories of public keys.
34 Citations
30 Claims
-
1. A method of loading data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the method comprising:
-
loading a factory public key (PuKF) into the key memory; loading factory software signed with a factory private key (PrKF) corresponding to the factory public key into the data memory; loading into the key memory a product public key (PuKP) different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); and disabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuKP) causes the factory public key (PuKF) to be disabled. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of re-customizing an electronic device, the method comprising the steps of:
-
detecting whether a protectable identifier is set in the electronic device; obtaining the hash value of the secret data item from the key memory; comparing the obtained hash value with a reference hash value calculated from a reference secret data item; and
if the protectable identifier is set and if the obtained hash value corresponds to the calculated reference hash value, initiating loading re-customization data signed with a product private key (PrKP) into the electronic device;
otherwise aborting re-customizing the electronic device;loading a factory public key (PuKF) into the key memory; loading a factory software signed with a factory private key (PrKF) corresponding to the factory public key (PuKF) into the data memory; loading a product public key (PuKP) different from the factory public key (PuKF) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer into the key memory, the subsequent data items being signed with the corresponding product private key (PrKP); and disabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of product public key (PuKP) caused the factory public key (PuKF) to be disabled.
-
-
16. A system for storing data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the system comprising:
-
a first loader module for loading a factory public key (PuKF) into the key memory; a second loader module for loading factory software signed with a factory private key (PrKF) corresponding to the factory public key (PuKF) into the data memory;
wherein the system further comprises a third loader module adapted;to load into the key memory a product public key different from the factory public key (PuKF) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); and to disable the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuKP) causes the factory public key (PuKF) to be disabled.
-
-
17. A system for re-customizing an electronic device having stored therein data that has been loaded into the electronic device, the system having a loader module comprising:
-
means to detect whether a protectable identifier is set in the electronic device; means to obtain the hash value of the secret data item from the key memory; means to compare the obtained hash value with a reference hash value calculated from a reference secret data item; and
if the protectable identifier is set and if the obtained hash value corresponds to the calculated reference hash value;
means to initiate loading re-customization data signed with the product private key (PrKP) into the electronic device;
otherwise to abort re-customizing the electronic device;means for loading a factory public key (PuKF) into the key memory; means for loading a factory software signed with a factory private key (PrKF) corresponding to the factory public key (PuKF) into the data memory; means for loading a product public key (PuKP) different from the factory public key (PuKF) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer into the key memory, the subsequent data items being signed with the corresponding product private key (PrKP); and means for disabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of product public key (PuKP) caused the factory public key (PuKF) to be disabled.
-
-
18. An electronic device comprising:
-
a data memory for storing data items a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, means for receiving a factory public key (PuKF) into the key memory; means for receiving factory software signed with a factory a private key (PrKF) corresponding to the factory public key (PuKF) loaded into the data memory, means for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer using a product public key (PuKP) different from the factory public key (PuKF), wherein the subsequent data items are signed with a corresponding product private key (PrKP) and the factory public key (PuKF) is disabled prior to delivering the electronic device to the customer, wherein the loading of product public key (PuKP) causes the factory public key (PuKF) to be disabled.
-
-
19. A computer program comprising code means embodied on a computer readable medium and adapted to be executed by a processor operable to perform the steps of:
-
storing data into an electronic device including a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism; loading into the key memory a product public key (PuKP) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP);
the product public key (PuKP) being different from a factory public key (PuKF) stored in the key memory and used for verifying any factory software to be loaded into the data memory and signed with a factory private key (PrKF) corresponding to the factory public key (PuKF); anddisabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuKP) causes the factory public key (PuKF) to be disabled.
-
-
20. A method of protecting an electronic device having a data memory and a key memory, from unauthorized reprogramming, the method comprising the steps of:
-
loading a factory public key (PuKF) into the key memory; loading factory software signed with a factory private key (PrKF) corresponding to the factory public key into the data memory; loading into the key memory a product public key (PuKP) different from the factory public key (PuKF) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); setting a protectable identifier in the electronic device, where the protectable identifier identifies an entity authorized to reprogram the electronic device; and disabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuKP) causes the factory public key (PuKF) to be disabled. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. A system for protecting an electronic device comprising:
-
a data memory in the electronic device for storing data items; and a key memory in the electronic device for storing at least one cryptographic key of a cryptographic public key mechanism; means for loading a factory public key (PuKF) into the key memory; means for loading factory software signed with a factory private key (PrKF) corresponding to the factory public key (PuKF) into the data memory; means for loading into the key memory a product public key (PuKP) different from the factory public key (PuKF) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrKP); and means for disabling the factory public key (PuKF) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuKP) causes the factory public key (PuKF) to be disabled.
-
-
30. A system for loading data into an electronic device, comprising:
-
the electronic device having a data memory, the data memory adapted to store data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism; the electronic device adapted to receive a factory public key (PuKF) into the key memory and factory software signed with a factory private key (PrKF) corresponding to the factory public key (PuKF) into the data memory; means for providing a product public key (PuKP) different from the factory public key (PuKF) for verifying subsequent data items to be loaded into the data memory of the electronic device after delivering the electronic device to a customer;
the subsequent data items being signed with a corresponding product private key (PrKP) wherein the loading of product public key (PuKP) causes the factory public key (PuKF) to be disable prior to delivering the electronic device to the customer;a means to set a protectable identifier in the electronic device, where the protectable identifier identifies an entity authorized to reprogram the electronic device; and a loader module adapted to detect whether the protectable identifier has a predetermined property; and
if the protectable identifier has said predetermined property, to load the data, the data being signed with said private key;
otherwise to abort loading the data.
-
Specification