Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
1998-09-25
2002-05-07
Decady, Albert (Department: 2132)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
C713S166000, C713S168000, C713S194000, C380S259000
Reexamination Certificate
active
06385727
ABSTRACT:
FIELD OF THE INVENTION
The invention relates generally to security in programmed devices, and, more particularly, to an apparatus for providing a secure environment for processing confidential data and/or confidential programmed steps such as software and the like.
BACKGROUND OF THE INVENTION
The financial value of data and/or programmed instructions (e.g., software) is often dependent upon its general availability to the interested public. For example, if information in the form of data or programmed instructions is made available free of charge on the Internet, the commercial value of that information will quickly fall toward zero as few people will pay to receive something they can readily obtain for free. Thus, the desirability of maintaining the secrecy of data and/or programmed instructions with respect to all but paying purchasers of the secret information has long been known.
There are many contexts in which the concept of deriving value from information by limiting access thereto has been exploited. For example, conditional access broadcasting networks such as cable television networks and, more recently, direct satellite broadcasting networks are based on the premise of limiting access to broadcasted information to paying subscribers. Even more recently, the idea of limiting access to broadcasted data has been expanded to the computer networking context by Hughes Network Systems' DirecPC™ product. The DirecPC™ product broadcasts requested information to a requesting computing device (typically, a personal computer) via a satellite as a means to expedite information delivery from the Internet.
Most such broadcasting systems employ one or more cryptographic techniques to control access to the broadcasted information. For example, most such systems employ one or more keys to encrypt broadcasted data in accordance with a mathematical algorithm that makes it very difficult to decrypt the data in a reasonable amount of time absent knowledge of the key used to encrypt the data. An explanation of many such cryptographic techniques including an explanation of the Data Encryption Standard (DES) algorithm that is frequently employed to encrypt broadcasted information is contained in Schneier, Applied Cryptography, (Second Ed. 1996), which is hereby incorporated in its entirety by reference.
The need to protect the secrecy of information is not limited to the broadcasting context. There are many applications wherein it is important from, for example, a commercial standpoint to maintain the secrecy of information as it is locally processed by a personal computer. By way of example, not limitation, in some applications it is desirable to permit processing of secret data while maintaining the secrecy of the data to the outside world. By way of another example, in some instances it is desirable to permit secret execution of programmed instructions (e.g., software) within a processor without permitting access to the decrypted instructions themselves outside of the processor.
Various devices have been developed for maintaining the secrecy of information. However, since the secret information protected by these devices often have significant commercial value, a sub-culture of individuals commonly referred to as “hackers” has developed. These individuals spend considerable amounts of time attempting to frustrate or “hack” the security measures of these devices in an effort to usurp the commercial value of the secret information. The hackers have had varying levels of success in their efforts. Accordingly, there is a need for an improved, more flexible, apparatus for providing a secure environment for processing information which achieves a higher level of security against hackers than known devices. In addition, there is a need for such an apparatus that overcomes memory limitations inherent in secure devices and whose software can be upgraded in the field.
It is a well known assumption of accepted cryptographic practice that secrecy must reside entirely in the keys of the system. In other words, for a device to be deemed secure, an attacker having access to all information about the system except for the keys must still be unable to decrypt encrypted information in a reasonable amount of time. Thus, the secrecy of the key material is of paramount importance in a device for providing a secure environment.
To this end, devices for encrypting, decrypting and/or maintaining the secrecy of information typically include a secure memory of some type for storing key material and other possibly sensitive data. In order to control access to that key material, it is often necessary to limit access to the secure memory to trusted software and/or hardware components. More specifically, it is often necessary to place restrictions on when, who, and under what circumstances the memory storing key material can be addressed.
One problem with limiting access to a memory is testability. Another problem is limiting access to field deployed units while still allowing initial programming in the factory. In order to verify that the memory is functioning properly before releasing a device into the field, it is often necessary to have full read/write access thereto. Moreover, such access must typically be provided after a device is completely, or nearly completely constructed. As a result, such devices often include a testing mode wherein, upon occurrence of a certain condition or event, the device assumes it is in test mode and permits full read/write access to the memory. If a hacker is able to fool a device containing key material into entering the test mode, the hacker may potentially obtain full access to the stored key material thereby completely compromising the security of the device.
In some prior art approaches, one or more mode bits stored in memory, or in an anti-fuse device, or the like, define whether the memory contains confidential data and/or whether the memory is in the testing mode. This mode bit(s) may be implemented as a simple checksum on the data in memory. In other words, the mode bit(s) may be set to equal some mathematical function(s) of some or all of the data stored in memory. Regardless of which traditional method for defining the mode bit(s) is employed, if a hacker changes the state of the mode bit(s), the hacker can potentially cause the memory to unlock into the testing mode thereby compromising the key material it contains. Thus, it is desirable to provide an improved method and apparatus for determining whether a memory contains confidential data which is not dependent upon mode bit(s) stored in that memory or upon a checksum value stored in memory.
SUMMARY OF THE INVENTION
In accordance with an aspect of the invention, an apparatus for providing a secure processing environment is provided. The apparatus includes a read/write memory for storing information; a first processor cooperating with the read/write memory for reading information therefrom and writing information thereto; and a cipherer in communication with the read/write memory. The cipherer is configured to selectively decrypt encrypted information into decrypted information and to deliver the decrypted information to the read/write memory for subsequent use by the first processor. The apparatus is further provided with an authenticator for authenticating the decrypted information prior to use by the first processor.
In some embodiments, the authenticator re-authenticates decrypted information received from the read/write memory, and the cipherer is configured to selectively encrypt the decrypted, re-authenticated information into re-encrypted information. In such embodiments, the cipherer may optionally return the re-encrypted information to the read/write memory for subsequent exportation to a storage device or may optionally directly export the re-encrypted information. Also in such embodiments, the cipherer preferably re-encrypts the decrypted, re-authenticated information such that it differs from its original encrypted form to mask modification information. In such embodiments, the cipherer employs key-cy
Bautz Brandon E.
Cassagnol Robert D.
Dillon Douglas M.
Kloper David S.
Weber Sandra J.
Callahan Paul E.
De'cady Albert
Hughes Electronics Corporation
Sales Michael W.
Whelan John T.
LandOfFree
Apparatus for providing a secure processing environment does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus for providing a secure processing environment, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus for providing a secure processing environment will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2827565