Logging attack context data
US-2015033336-A1 · Jan 29, 2015 · US
Maintaining keys for trusted boot code
US10943013B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10943013-B2 |
| Application number | US-202016786742-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 10, 2020 |
| Priority date | Dec 22, 2016 |
| Publication date | Mar 9, 2021 |
| Grant date | Mar 9, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and apparatus are disclosed for securing executable code for execution with a processor using a trusted platform module (TPM). In one example of the disclosed technology, a method of decrypting executable code for execution includes measuring values stored in a CPU boot ROM and measuring second values for executable code stored in non-volatile memory, storing the resulting measurement value in a TPM platform configuration register. The PCR value is used to unseal a key stored in non-volatile memory of the TPM, which key is used to decrypt executable code for execution. Security can be further enhanced by destroying the values stored in the PCR by performing additional measurement operations with the TPM PCR used to generate the measurement value.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of securely booting a computer, the computer comprising a processor coupled to computer memory and a trusted platform module (TPM), the method comprising: executing, by the processor, a first portion of executable code stored in a boot ROM of the computer memory; executing, by the processor, a second portion of executable code stored in nonvolatile memory of the computer memory; storing, by the TPM, a first measurement value based on the first portion of executable code; storing, by the TPM, a second measurement value based on the first measurement value and the second portion of executable code; unsealing, by the TPM, an encryption key using the second measurement value and a key stored by the TPM; decrypting, by the processor using the unsealed encryption key, a third portion of executable code stored in the computer memory; and executing, by the processor, the third portion of executable code. 2. The method of claim 1 , further comprising: validating the first portion of executable code before executing the first portion of executable code. 3. The method of claim 1 , further comprising: validating the second portion of executable code before executing the second portion of executable code. 4. The method of claim 1 , wherein the encryption key is unsealed by combining the second measurement value and the key stored by the TPM. 5. The method of claim 1 , wherein the key stored by the TPM key is an immutable key not directly readable by the processor. 6. The method of claim 1 , further comprising: storing, by the TPM after unsealing the encryption key, a third measurement value based on a predetermined value. 7. The method of claim 1 , wherein the second portion of executable code is executed immediately after executing the first portion of executable code. 8. The method of claim 1 , wherein the first measurement value and the second measurement value are stored in one or more platform configuration registers (PCRs) of the TPM. 9. The method of claim 1 , wherein the first measurement value and the second measurement value are generated by performing a series of hash operations. 10. The method of claim 9 , wherein the series of hash operations comprises: generating the first measurement value by combining first measurement data and a preexisting value stored by the TPM; and generating the second measurement value by combining second measurement data and the first measurement value stored by the TPM. 11. A method of securely booting a computer, the computer comprising a processor coupled to computer memory and a trusted platform module (TPM), the method comprising: executing, by the processor, a first portion of executable code stored in a boot ROM of the computer memory authenticating, by the processor, a second portion of executable code stored in the computer memory; executing, by the processor, the authenticated second portion of executable code; measuring, by the processor for storing a first measurement value in the TPM, the first portion of executable code; measuring, by the processor for storing a second measurement value in the TPM, the second portion of executable code, wherein the second measurement value is in part based on the first measurement value; unsealing, by the TPM, an encryption key using the second measurement value; decrypting, by the processor using the unsealed encryption key, a third portion of executable code; and executing, by the processor, the decrypted third portion of executable code. 12. The method of claim 11 , further comprising: destroying, by the TPM after unsealing the key, the second measurement value. 13. The method of claim 12 , wherein destroying the second measurement value comprises storing a third measurement value in the TPM based on a predetermined value. 14. The method of claim 11 , further comprising: authenticating, by the processor, the decrypted third portion of executable code. 15. The method of claim 11 , wherein the encryption key is unsealed by combining the second measurement value and an immutable key stored by the TPM. 16. An apparatus, comprising: a processor; a trusted platform module (TPM) coupled to the processor, the TPM comprising: a plurality of platform configuration registers (PCRs); non-volatile memory configured to store an immutable key; a hash engine configured to: store a first measurement value in a selected one of the plurality of the PCRs by applying a hash function to combine a first measurement received from the processor and the existing value stored in in the selected one of the plurality of the PCRs; and store a second measurement value in the selected one of the plurality of the PCRs by applying a hash function to combine second measurement received from the processor and the existing value stored in in the selected one of the plurality of the PCRs; and a decryption engine configured to unseal the immutable key using the second measurement value stored in the selected one of plurality of the PCRs; and memory or storage devices coupled to the processor and storing computer-executable instructions that, when executed by the processor, cause the processor to: signal the TPM to store the first measurement value; signal the TPM to store the second measurement value; signal the TPM to unseal and provide the unsealed immutable key to the processor; and decrypt and execute boot code stored in the memory or storage devices coupled to the processor. 17. The apparatus of claim 16 , wherein the immutable key is written to the non-volatile memory during manufacture or production. 18. The apparatus of claim 16 , wherein the computer-executable instructions are stored in a boot ROM of the memory or storage devices coupled to the processor. 19. The apparatus of claim 16 , wherein the computer-executable instructions are stored in internal firmware of the memory or storage devices coupled to the processor. 20. The apparatus of claim 16 , wherein the boot code is decrypted if the first measurement value and the second measurement value correspond to unmodified executable code used to generate the immutable key.
Assignees
Inventors
Classifications
using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM] · CPC title
- G06F21/575Primary
Secure boot · CPC title
- H04L9/0897Primary
involving additional devices, e.g. trusted platform module [TPM], smartcard or USB · CPC title
Processor initialisation · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10943013B2 cover?
- Methods and apparatus are disclosed for securing executable code for execution with a processor using a trusted platform module (TPM). In one example of the disclosed technology, a method of decrypting executable code for execution includes measuring values stored in a CPU boot ROM and measuring second values for executable code stored in non-volatile memory, storing the resulting measurement v…
- Who is the assignee on this patent?
- Amazon Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/575. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Mar 09 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).