Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software integrity protection and verification method and device

A technology for integrity protection and integrity verification, applied in platform integrity maintenance, software deployment, secure communication devices, etc., and can solve problems such as inability to solve user trust issues

Pending Publication Date: 2021-04-23
HUAWEI TECH CO LTD
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, when signing and verifying the software package to ensure the software integrity of the software package loaded on the device, it is only based on the key provided by the software manufacturer, which cannot solve the user's trust problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software integrity protection and verification method and device
  • Software integrity protection and verification method and device
  • Software integrity protection and verification method and device

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0116]Example 1: TakingFigure 7 The scene shown is an example, the second device 700 includes a SoC 710 and a startup package including: L1 Boot 720 and L2 Boot 730. Wherein, the SOC 710 has a BootROM 711, and there is a value of the manufacturer public key 1, the user public key 1, the device identification, the double enable bit, and the switching enable bit; L1Boot 720 includes code segments 1, Manufacturer Certificate 1, User Certificate 1, Manufacturer Signature 1 and User Signature 1; L2 Boot 730 includes code segment 2, manufacturer sign 2 and user signing 2.

[0117]As an example, supposeFigure 7 On the second device 700 shown, the value of the dual enable bit indicates that the double enable bit is valid. The value of the switching enable bit indicates that the switching enable bit is invalid, and the device identifier is included in the dual inspection device list. . If the certificate and code segment in each boot are signed, that is, the manufacturer signature 1 includes a ...

Embodiment 2

[0149]Example 2:Figure 10 The scene shown is an example, the second device 1000 includes SoC 1010 and a startup package including: L1 Boot 1020 and L2 Boot 1030. The SOC 1010 has bootrom1011, and there is a value of summary 1, device identification, dual enable bit, and a value of switching enable bits; L1Boot 1020 includes code segment 1, a manufacturer certificate 1, and user certificate 1; L2 Boot 1030 includes code segment 2, manufacturer sign 2 and user signature 2.

[0150]When implementing,Figure 10 On the second device 1000 shown, the value of the double enable bit indicates that the double enable bit is valid. The value of the switching enable bit indicates that the switching enable bit is invalid, and the device identity is included in the list of dual inspection devices. . If the certificate and code segment in each boot is a unified signature, that is, the verification result of the manufacturer sign 2 can be characterized by the legality of the Code Segment 2 and the Manuf...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a software integrity protection and verification method and device. The protection process comprises the steps that first equipment obtains a first software package, wherein the first software package comprises a first signature of a first side for a second software package through a first private key; the first equipment uses the second private key to perform signature operation on the first software package to obtain a third software package including a second signature, the first private key being first-party control, and the second private key being second-party control. After the third software package is sent to the second device, the verification process comprises the steps that the second device obtains a first software package, and the first software package comprises a first signature, a second signature and a second software package; the second equipment verifies the first signature and the second signature based on a pre-stored first public key and a pre-stored second public key to obtain a verification result. Thus, protection of the integrity of the secret key software provided by a manufacturer and a user is adopted, dual software integrity verification bases are provided for the user, and the trust problem of the user is solved.

Description

[0001]The application number submitted in October 23, 2019 is 201911012940.1, and the present invention has a priority of China's patent application, and the entire contents of the Chinese patent application are incorporated herein. In the present application.Technical field[0002]The present application relates to safety technology, in particular, to a method and apparatus for software integrity protection, checking.Background technique[0003]Typically, in order to ensure the software integrity of the package, the software package can be protected and verified, including: Before the package is downloaded to the device, the package is signed by the private key provided by the software manufacturer. Before the device loads the package, first check the signature of the package by the public key corresponding to the private key. If the inspection is passed, the package unacue is maliciously tampered with it, and can be loaded.[0004]At present, the software package is signed and launched ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/12G06F21/60G06F8/61
CPCG06F21/12G06F21/602G06F8/63G06F8/61H04L9/3247H04L9/3263G06F21/57G06F21/64G06F21/575H04L9/006
Inventor 曹斌陈海武陈艳王博
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com