Loading data onto an electronic device

US 7,587,600 B2
Filed: 09/08/2003
Issued: 09/08/2009
Est. Priority Date: 09/16/2002
Status: Active Grant

First Claim

Patent Images

1. A method of loading data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the method comprising:

loading a factory public key (PuK_F) into the key memory;

loading factory software signed with a factory private key (PrK_F) corresponding to the factory public key into the data memory;

loading into the key memory a product public key (PuK_P) different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrK_P); and

disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of protecting an electronic device from unauthorized reprogramming, the electronic device comprising a data memory and a key memory, the method comprising loading into the key memory a predetermined public key of a cryptographic public key mechanism for verifying subsequent data items to be loaded into the data memory, the subsequent data items being signed with a corresponding private key; characterized in that the method further comprises setting a permanent identifier in the electronic device, the permanent identifier including an identifier identifying an entity authorized to reprogram the electronic device and an indicator identifying a selected one of a number of categories of public keys.

34 Citations

View as Search Results

30 Claims

1. A method of loading data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the method comprising:
- loading a factory public key (PuK_F) into the key memory;
  
  loading factory software signed with a factory private key (PrK_F) corresponding to the factory public key into the data memory;
  
  loading into the key memory a product public key (PuK_P) different from the factory public key for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrK_P); and
  
  disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method according to claim 1, wherein the method further comprises the step of setting a protectable identifier in the electronic device indicative of a completion of a production process.
  - 3. The method according to claim 2, wherein the step of loading the factory public key comprises the steps of:
    - detecting whether the protectable identifier is set;
      
      if the protectable identifier is set, aborting the step of loading the factory public key;
      
      otherwise loading the factory public key.
  - 4. The method according to claim 2, wherein the step of loading the product public key comprises the steps of:
    - detecting whether the protectable identifier is set;
      
      if the protectable identifier is set, loading the product public key;
      
      otherwise aborting the step of loading the product public key.
  - 5. The method according to claim 2 wherein such steps are performed in a mobile telephone having associated with it an International Mobile Equipment Identity;
    - and the protectable identifier comprises the International Mobile Equipment Identity and a further identifier stored in a one time programmable arrangement.
  - 6. The method according to claim 1 wherein such steps are performed in a mobile telephone.
  - 7. The method according to claim 1 wherein the steps performed in the data memory and the key memory occur in selected blocks of a flash memory.
  - 8. The method according to claim 1 wherein the method further comprises the step of loading a hash value of a secret data item into the key memory.
  - 9. The method according to claim 8, wherein the secret data item is selected individually for each electronic device.
  - 10. The method according to claim 8 wherein the hash value is determined by a method that depends on the electronic device.
  - 11. The method according to claim 1 wherein the step of loading a product public key further comprises the step of loading a digital certificate comprising the product public key, the digital certificate being associated with a validity period limiting the validity of the public key.
  - 12. The method according to claim 1 wherein the step of loading a product public key further comprises the step of loading a digital certificate comprising the product public key;
    - and the method further comprises the step of subsequently invalidating the digital certificate by sending a predetermined message to the electronic equipment.
  - 13. The method according to claim 1 wherein the product public key is selected from a predetermined set of customer public keys.
  - 14. The method according to claim 13, wherein the set of customer public keys comprises a prototype public key for use with prototypes of the electronic device.

15. A method of re-customizing an electronic device, the method comprising the steps of:
- detecting whether a protectable identifier is set in the electronic device;
  
  obtaining the hash value of the secret data item from the key memory;
  
  comparing the obtained hash value with a reference hash value calculated from a reference secret data item; and
  
  if the protectable identifier is set and if the obtained hash value corresponds to the calculated reference hash value, initiating loading re-customization data signed with a product private key (PrK_P) into the electronic device;
  
  otherwise aborting re-customizing the electronic device;
  
  loading a factory public key (PuK_F) into the key memory;
  
  loading a factory software signed with a factory private key (PrK_F) corresponding to the factory public key (PuK_F) into the data memory;
  
  loading a product public key (PuK_P) different from the factory public key (PuK_F) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer into the key memory, the subsequent data items being signed with the corresponding product private key (PrK_P); and
  
  disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of product public key (PuK_P) caused the factory public key (PuK_F) to be disabled.

16. A system for storing data into an electronic device, the electronic device comprising a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism, the system comprising:
- a first loader module for loading a factory public key (PuK_F) into the key memory;
  
  a second loader module for loading factory software signed with a factory private key (PrK_F) corresponding to the factory public key (PuK_F) into the data memory;
  
  wherein the system further comprises a third loader module adapted;
  
  to load into the key memory a product public key different from the factory public key (PuK_F) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrK_P); and
  
  to disable the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.

17. A system for re-customizing an electronic device having stored therein data that has been loaded into the electronic device, the system having a loader module comprising:
- means to detect whether a protectable identifier is set in the electronic device;
  
  means to obtain the hash value of the secret data item from the key memory;
  
  means to compare the obtained hash value with a reference hash value calculated from a reference secret data item; and
  
  if the protectable identifier is set and if the obtained hash value corresponds to the calculated reference hash value;
  
  means to initiate loading re-customization data signed with the product private key (PrK_P) into the electronic device;
  
  otherwise to abort re-customizing the electronic device;
  
  means for loading a factory public key (PuK_F) into the key memory;
  
  means for loading a factory software signed with a factory private key (PrK_F) corresponding to the factory public key (PuK_F) into the data memory;
  
  means for loading a product public key (PuK_P) different from the factory public key (PuK_F) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer into the key memory, the subsequent data items being signed with the corresponding product private key (PrK_P); and
  
  means for disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of product public key (PuK_P) caused the factory public key (PuK_F) to be disabled.

18. An electronic device comprising:
- a data memory for storing data itemsa key memory for storing at least one cryptographic key of a cryptographic public key mechanism,means for receiving a factory public key (PuK_F) into the key memory;
  
  means for receiving factory software signed with a factory a private key (PrK_F) corresponding to the factory public key (PuK_F) loaded into the data memory,means for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer using a product public key (PuK_P) different from the factory public key (PuK_F), wherein the subsequent data items are signed with a corresponding product private key (PrK_P) and the factory public key (PuK_F) is disabled prior to delivering the electronic device to the customer, wherein the loading of product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.

19. A computer program comprising code means embodied on a computer readable medium and adapted to be executed by a processor operable to perform the steps of:
- storing data into an electronic device including a data memory for storing data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism;
  
  loading into the key memory a product public key (PuK_P) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrK_P);
  
  the product public key (PuK_P) being different from a factory public key (PuK_F) stored in the key memory and used for verifying any factory software to be loaded into the data memory and signed with a factory private key (PrK_F) corresponding to the factory public key (PuK_F); and
  
  disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.

20. A method of protecting an electronic device having a data memory and a key memory, from unauthorized reprogramming, the method comprising the steps of:
- loading a factory public key (PuK_F) into the key memory;
  
  loading factory software signed with a factory private key (PrK_F) corresponding to the factory public key into the data memory;
  
  loading into the key memory a product public key (PuK_P) different from the factory public key (PuK_F) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrK_P);
  
  setting a protectable identifier in the electronic device, where the protectable identifier identifies an entity authorized to reprogram the electronic device; and
  
  disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
- - 21. The method according to claim 20, wherein the protectable identifier identifies a selected one of a number of categories of public keys.
  - 22. The method according to claim 20, wherein the protectable identifier is indicative of a selected one of a number of stages in the life cycle of the electronic device.
  - 23. The method according to claim 20, wherein the protectable identifier identifies a state in a security state diagram, each state representing a stage in the life cycle of the electronic device.
  - 24. The method according to claim 23, wherein at least one of the transitions between states in the security state diagram relate to a corresponding change in the protectable identifier.
  - 25. The method according to claim 20, wherein the protectable identifier is stored in a one time programmable (OTP) memory.
  - 26. The method according to claim 25, wherein the protectable identifier comprises an identifier identifying an entity authorized to reprogram the electronic device, a product state indicator, a lock status of the one time programmable memory, and a product identifier identifying the electronic device.
  - 27. The method according to claim 20, wherein the public key is comprised in a digital signature which is encoded to be directly readable from within Java.
  - 28. The method of loading data into an electronic device protected according to the method of claim 20, the method comprising the further steps of:
    - detecting whether the protectable identifier has a predetermined property; and
      
      if the protectable identifier has said predetermined property, loading the data, the data being signed with said private key;
      
      otherwise aborting loading the data.

29. A system for protecting an electronic device comprising:
- a data memory in the electronic device for storing data items; and
  
  a key memory in the electronic device for storing at least one cryptographic key of a cryptographic public key mechanism;
  
  means for loading a factory public key (PuK_F) into the key memory;
  
  means for loading factory software signed with a factory private key (PrKF) corresponding to the factory public key (PuK_F) into the data memory;
  
  means for loading into the key memory a product public key (PuK_P) different from the factory public key (PuK_F) for verifying subsequent data items to be loaded into the data memory after delivering the electronic device to a customer, the subsequent data items being signed with a corresponding product private key (PrK_P); and
  
  means for disabling the factory public key (PuK_F) prior to delivering the electronic device to the customer, wherein the loading of the product public key (PuK_P) causes the factory public key (PuK_F) to be disabled.

30. A system for loading data into an electronic device, comprising:
- the electronic device having a data memory, the data memory adapted to store data items and a key memory for storing at least one cryptographic key of a cryptographic public key mechanism;
  
  the electronic device adapted to receive a factory public key (PuK_F) into the key memory and factory software signed with a factory private key (PrK_F) corresponding to the factory public key (PuK_F) into the data memory;
  
  means for providing a product public key (PuK_P) different from the factory public key (PuK_F) for verifying subsequent data items to be loaded into the data memory of the electronic device after delivering the electronic device to a customer;
  
  the subsequent data items being signed with a corresponding product private key (PrK_P) wherein the loading of product public key (PuK_P) causes the factory public key (PuK_F) to be disable prior to delivering the electronic device to the customer;
  
  a means to set a protectable identifier in the electronic device, where the protectable identifier identifies an entity authorized to reprogram the electronic device; and
  
  a loader module adapted to detect whether the protectable identifier has a predetermined property; and
  
  if the protectable identifier has said predetermined property, to load the data, the data being signed with said private key;
  
  otherwise to abort loading the data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Schalin, Patrik, Bodensjö, Marcus, Osthoff, Harro, Smeets, Bernard
Primary Examiner(s)
Sheikh; Ayaz R
Assistant Examiner(s)
Su; Sarah

Application Number

US10/527,031
Publication Number

US 20060236111A1
Time in Patent Office

2,192 Days
Field of Search

713/176, 713/173, 380/30
US Class Current

713/176
CPC Class Codes

G06F 12/1466   Key-lock mechanism

G06Q 10/087   Inventory or stock manageme...

G06Q 20/3552   Downloading or loading of p...

G07F 7/1008   Active credit-cards provide...

H04L 2209/80   Wireless network architectu...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Loading data onto an electronic device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

Loading data onto an electronic device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links