Security Information for Software Parts
US-2015356319-A1 · Dec 10, 2015 · US
Method and apparatus to quickly authenticate program using a security element
US10230527B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10230527-B2 |
| Application number | US-201715491071-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 19, 2017 |
| Priority date | Apr 19, 2017 |
| Publication date | Mar 12, 2019 |
| Grant date | Mar 12, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The authenticity of a program executed by a processor is determined by a security element that computes a hash code over re-ordered segments of a known-to-be-authentic copy of a program executed by the processor. The authenticity of the same segments are re-ordered by and provided by the processor to the security element, which computes a second hash code for the re-ordered segments received from the processor. If the hash values for the segments are identical, the program segments are identical. If the hash values for any segment are different, the two programs are different. When a processor's program is determined to be different from a known good copy, the processor can be stopped or an alarm signal generated.
First claim
Opening claim text (preview).
What is claimed is: 1. A method to authenticate a computer program coupled to a non-transitory computer readable medium for a vehicle-located processor, using a security element operatively coupled to the vehicle-located processor, wherein the security element is a processing circuit, the vehicle-located processor being configured to execute the program, the program comprising executable instructions arranged in a sequence, the method comprising: re-ordering a pre-determined number of instructions obtained from a first pre-determined segment of a first copy of said program, the first copy being known to be authentic, the re-ordering being according to a second sequence, which is different than the first sequence; computing a first hash code of said re-ordered pre-determined number of instructions obtained from the first copy, the first hash code being computed using a first hash function; storing the first computed hash code in the security element; in the vehicle-located processor: re-ordering the same pre-determined number of instructions obtained from the same pre-determined segment of a second copy of said program, the second copy of the program being obtained from the vehicle-located processor, which is also coupled to the security element, the authenticity of the second copy being unknown, the re-ordering of the instructions from the second copy being according to the same second sequence; providing the re-ordered first number of instructions obtained from the pre-determined segment of the second copy to the security element; in the security element: computing a second hash code of said first number of instructions that are obtained from the pre-determined segment of the second copy, the second hash code being computed by the security element using the first hash function; determining whether the first and second hash codes are identical; whereby, when the first and second hash codes are determined by the security element to not be identical, providing an inhibit signal to the processor from the security element, the inhibit signal causing the processor to alter execution of the program, wherein the processor halts the execution of the program. 2. The method of claim 1 , wherein the step of altering program execution includes preventing the processor from executing the second copy of the program. 3. The method of claim 1 , wherein the step of altering program executing includes generating an alarm signal by the processor. 4. The method of claim 1 , wherein the processor is configured to request the security element to authenticate the second copy of the program. 5. The method of claim 1 , wherein the security element is configured to request an authentication of the second copy of the program if the processor does not request authentication. 6. The method of claim 1 , wherein the steps of re-ordering a pre-determined number of instructions, obtained from a first pre-determined segment of a first copy of said program and computing a first hash code are performed by a processor not part of the security element. 7. The method of claim 1 , wherein the steps of re-ordering a pre-determined number of instructions, obtained from a first pre-determined segment of a first copy of said program and computing a first hash code are performed by a motor vehicle manufacturer and where the step of storing the first computed hash code is performed prior to shipment of a vehicle from the manufacturer. 8. The method of claim 7 , wherein the exclusive-ORing steps are performed using a table of values, the table having a length equal to the predetermined number, each value being a number between zero and the pre-determined number. 9. The method of claim 8 , wherein the request to authenticate the second copy of the program is generated by the processor using a secret key. 10. The method of claim 1 , wherein the steps of re-ordering the same pre-determined number of instructions obtained from the same pre-determined segment of a second copy of said program and providing the re-ordered first number of instructions obtained from the pre-determined segment of the second copy to the security element, are performed by a processor in a motor vehicle. 11. The method of claim 1 , wherein the second sequence comprises a sequence of numbers, the value of each number identifying a relative location of an instruction in the pre-determined segment of the first and second copies of the program. 12. The method of claim 1 , further comprising the step of: after the step of re-ordering a pre-determined number of instructions, obtained from a first pre-determined segment of a first copy of said program and prior to the step of computing a first hash code, exclusive-ORing each instruction of the re-ordered, pre-determined number of instructions obtained from the first pre-determined segment of the first copy of said program known to be authentic; and after the step of re-ordering the same pre-determined number of instructions obtained from the same pre-determined segment of a second copy of said program, exclusive-OR-ing each instruction of the re-ordered, pre-determined number of instructions obtained from the first pre-determined segment of the second copy of said program known to be authentic. 13. The method of claim 1 , wherein the first hash function is a Secure Hash Algorithm 2 (SHA-2) algorithm. 14. The method of claim 13 , wherein the security element determines validity of the request to authenticate the second copy using a public key. 15. The method of claim 1 , wherein second sequence is stored in a transfer order table, which is accessible to the vehicle-locate processor but which is not accessible to the security element. 16. The method of claim 1 , further comprising: at the processor: incrementing a counter value; sending to the security element, a request to authenticate the second copy of the program and the counter value; at the security element: storing the counter value received from the processor; determining the validity of the request to authenticate the second copy of the program using the counter value received from the processor; and not comparing the first hash code to the second hash code if the counter value received from the processor is not greater than a previously-received and stored counter value or if the validity of the request to authenticate the second copy of the program is not valid.
Assignees
Inventors
Classifications
Vehicles · CPC title
- H04L9/3239Primary
involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD · CPC title
Program or device authentication · CPC title
- G06F21/51Primary
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10230527B2 cover?
- The authenticity of a program executed by a processor is determined by a security element that computes a hash code over re-ordered segments of a known-to-be-authentic copy of a program executed by the processor. The authenticity of the same segments are re-ordered by and provided by the processor to the security element, which computes a second hash code for the re-ordered segments received fr…
- Who is the assignee on this patent?
- Continental automotive systems inc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3239. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 12 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).