Systems and methods using cryptography to protect secure computing environments

US 7,925,898 B2
Filed: 06/14/2006
Issued: 04/12/2011
Est. Priority Date: 08/12/1996
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method including the following:

at a certification authority, receiving an executable program generated by a party independent of the certification authority;

at the certification authority, testing the executable program and, based on the results of the testing, generating a specification describing the actual operation of the executable program;

at the certification authority, generating a digital certificate certifying that the executable program operates in the manner described in the specification;

receiving the executable program at a user site;

receiving the digital certificate at the user site, the digital certificate specifying a security level;

at the user site, evaluating the digital certificate to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program, said evaluation including comparing the security level to a required security level; and

at the user site, executing the executable program, the execution being dependent on the evaluation of the digital certificate;

wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being operable to protect against tampering, by a user at the user site, with the performance of said step of evaluating the digital certificate.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm compromise, and subsets of multiple digital signatures may be used to reduce the scope of any specific compromise.

551 Citations

10 Claims

1. A method including the following:
- at a certification authority, receiving an executable program generated by a party independent of the certification authority;
  
  at the certification authority, testing the executable program and, based on the results of the testing, generating a specification describing the actual operation of the executable program;
  
  at the certification authority, generating a digital certificate certifying that the executable program operates in the manner described in the specification;
  
  receiving the executable program at a user site;
  
  receiving the digital certificate at the user site, the digital certificate specifying a security level;
  
  at the user site, evaluating the digital certificate to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program, said evaluation including comparing the security level to a required security level; and
  
  at the user site, executing the executable program, the execution being dependent on the evaluation of the digital certificate;
  
  wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being operable to protect against tampering, by a user at the user site, with the performance of said step of evaluating the digital certificate.

2. A method including the following:
- at a certification authority, receiving an executable program generated by a party independent of the certification authority;
  
  at the certification authority, testing the executable program and, based on the results of the testing, generating a specification describing the actual operation of the executable program;
  
  at the certification authority, generating a digital certificate certifying that the executable program operates in the manner described in the specification;
  
  receiving the executable program at a user site;
  
  receiving the digital certificate at the user site;
  
  at the user site, evaluating the digital certificate to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program, said evaluation including comparing a hash value stored in the digital certificate to a hash of at least a portion of the executable program; and
  
  at the user site, executing the executable program, the execution being dependent on the evaluation of the digital certificate;
  
  wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being operable to protect against tampering, by a user at the user site, with the performance of said step of evaluating the digital certificate.
- View Dependent Claims (3)
- - 3. A method as in claim 2, further including:
    - prior to comparing, at the user site, a hash value stored in the digital certificate to a hash of at least a portion of the executable program, decrypting, at the user site, the hash value stored in the digital certificate using a public key associated with the certification authority.

4. A method including the following:
- at a certification authority, receiving an executable program generated by a party independent of the certification authority;
  
  at the certification authority, testing the executable program and, based on the results of the testing, generating a specification describing the actual operation of the executable program;
  
  at the certification authority, generating a digital certificate certifying that the executable program operates in the manner described in the specification;
  
  receiving the executable program at a user site;
  
  receiving the digital certificate at the user site;
  
  at the user site, evaluating the digital certificate to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program; and
  
  at the user site, executing the executable program, the execution being dependent on the evaluation of the digital certificate;
  
  wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being operable to protect against tampering, by a user at the user site, with the performance of said step of evaluating the digital certificate, and wherein the digital certificate includes the specification, and the step of evaluating the digital certificate includes evaluating the specification.

5. A method comprising:
- receiving, at a certification authority, an executable program generated by a party independent of the certification authority;
  
  testing, at the certification authority, the executable program and, based on the results of the testing, generating a specification describing the actual operation of the executable program;
  
  generating, at the certification authority, a digital certificate certifying that the executable program operates in a manner described by the specification;
  
  sending, by the certification authority, the executable program to a user site; and
  
  sending, by the certification authority, the digital certificate to the user site,wherein the user site includes a tamper-resistant execution space configured to evaluate the digital certificate based on a comparison of a hash value stored in the digital certificate to a hash of at least a portion of the executable program to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program.
- View Dependent Claims (6)
- - 6. A method as in claim 5, wherein the user site is further configured to decrypt the hash value stored in the digital certificate using a public key associated with the certification authority prior to comparing the hash value stored in the digital certificate to the hash value of at least a portion of the executable program.

7. A method comprising:
- receiving, at a certification authority, an executable program generated by a party independent of the certification authority;
  
  testing, at the certification authority, the executable program and, based on the results of the testing, generating a specification describing the actual operation of the executable program;
  
  generating, at the certification authority, a digital certificate certifying that the executable program operates in the manner described in the specification;
  
  sending, by the certification authority, the executable'"'"'program to a user site; and
  
  sending, by the certification authority, the digital certificate that includes the specification;
  
  wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being configured to evaluate the digital certificate based on the included specification to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program.

8. A method comprising:
- receiving, at a user site, an executable program;
  
  receiving, at the user site, a digital certificate generated by a certification authority certifying that an executable program operates in a manner described in a specification, the specification being generated by the certification authority and describing the actual operation of the executable program;
  
  evaluating, at the user site, the digital certificate to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program, said evaluation including comparing a hash value stored in the digital certificate to a hash of at least a portion of the executable program; and
  
  executing, at the user site, the executable program, the execution being dependent on the evaluation of the digital certificate;
  
  wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being operable to protect against tampering, by a user of the user site, with the performance of said step of evaluating the digital certificate.
- View Dependent Claims (9)
- - 9. A method as in claim 8, further comprising:
    - prior to comparing, at the user site, the hash value stored in the digital certificate to the hash value of at least a portion of the executable program, decrypting, at the user site, the hash value stored in the digital certificate using a public key associated with the certification authority.

10. A method comprising:
- receiving, at a user site, an executable program;
  
  receiving, at the user site, a digital certificate that includes a specification, the digital certificate being generated by a certification authority certifying that an executable program operates in a manner described in the specification, the specification being generated by the certification authority and describing the actual operation of the executable program;
  
  evaluating, at the user site, the digital certificate to determine (a) if the digital certificate is associated with the executable program, and (b) whether to execute the executable program, said evaluation including comparing a hash value stored in the digital certificate to a hash of at least a portion of the executable program; and
  
  executing, at the user site, the executable program, the execution being dependent on the evaluation of the digital certificate;
  
  wherein the user site includes a tamper-resistant execution space, the tamper-resistant execution space being operable to protect against tampering, by a user of the user site, with the performance of said step of evaluating the digital certificate, andwherein the step of evaluating the digital certificate includes evaluating the specification.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Sibert, W. Olin, Shear, Victor H., Van Wie, David M.
Primary Examiner(s)
Pyzocha; Michael
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US11/454,072
Publication Number

US 20060248353A1
Time in Patent Office

1,763 Days
Field of Search

713/156, 713/175, 713/194, 705/54, 705/57, 726/22, 726/30, 717/177
US Class Current

713/194
CPC Class Codes

G06F 12/1483   using an access-table, e.g....

G06F 21/10   Protecting distributed prog...

G06F 21/51   at application loading time...

G06F 2211/007   Encryption, En-/decode, En-...

G06Q 20/02   involving a neutral party, ...

G06Q 20/085   involving remote charge det...

G06Q 20/12   specially adapted for elect...

G06Q 20/24   Credit schemes, i.e. "pay a...

G06Q 20/3674   involving authentication

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3825   Use of electronic signatures

G06Q 20/401   Transaction verification

G11B 20/00086   Circuits for prevention of ...

G11B 20/00159   Parental control systems

G11B 20/00173   wherein the origin of the c...

G11B 20/00188   involving measures which re...

G11B 20/00195   using a device identifier a...

G11B 20/0021   involving encryption or dec...

G11B 20/00543   wherein external data is en...

G11B 20/00557   wherein further management ...

G11B 20/00688 : said measures preventing th...

G11B 20/0071 : involving a purchase action

G11B 20/00768 : wherein copy control inform...

G11B 2220/216 : Rewritable discs

G11B 2220/218 : Write-once discs

G11B 2220/2562 : DVDs [digital versatile dis...

G11B 2220/2575 : DVD-RAMs

G11B 27/031 : Electronic editing of digit...

G11B 27/329 : on a disc [VTOC]

H04L 12/40104 : Security; Encryption; Conte...

H04L 12/40117 : Interconnection of audio or...

View All

Systems and methods using cryptography to protect secure computing environments

First Claim

2 Assignments

Litigations

0 Petitions

Accused Products

Abstract

551 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods using cryptography to protect secure computing environments

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

551 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links