[go: up one dir, main page]

WO2002065258A3 - Method and apparatus for authenticating embedded software in a remote unit over a communications channel - Google Patents

Method and apparatus for authenticating embedded software in a remote unit over a communications channel Download PDF

Info

Publication number
WO2002065258A3
WO2002065258A3 PCT/US2001/004834 US0104834W WO02065258A3 WO 2002065258 A3 WO2002065258 A3 WO 2002065258A3 US 0104834 W US0104834 W US 0104834W WO 02065258 A3 WO02065258 A3 WO 02065258A3
Authority
WO
WIPO (PCT)
Prior art keywords
embedded software
authenticating
hash digest
remote unit
communications channel
Prior art date
Application number
PCT/US2001/004834
Other languages
French (fr)
Other versions
WO2002065258A2 (en
Inventor
Paul K Johnson
Roy F Quick Jr
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Priority to PCT/US2001/004834 priority Critical patent/WO2002065258A2/en
Priority to AU2001237019A priority patent/AU2001237019A1/en
Publication of WO2002065258A2 publication Critical patent/WO2002065258A2/en
Publication of WO2002065258A3 publication Critical patent/WO2002065258A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/38Graded-service arrangements, i.e. some subscribers prevented from establishing certain connections
    • H04M3/382Graded-service arrangements, i.e. some subscribers prevented from establishing certain connections using authorisation codes or passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2203/00Aspects of automatic or semi-automatic exchanges
    • H04M2203/60Aspects of automatic or semi-automatic exchanges related to security aspects in telephonic communication systems
    • H04M2203/609Secret communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2242/00Special services or facilities
    • H04M2242/22Automatic class or number identification arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers
    • H04M3/42025Calling or Called party identification service
    • H04M3/42034Calling party identification service
    • H04M3/42059Making use of the calling party identifier

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)

Abstract

A method, apparatus, and computer program product for authenticating embedded software in the memory of a responder over an unprotected channel. The method includes the steps of transmitting a verify request and a unique nonce form a challenger to the responder over the unprotected channel; processing the embedded software and the nonce using a cryptographic hash function to produce a hash digest, wherein the embedded software includes a unique identifier; transmitting the hash digest to the challenger; processing a copy of the embedded software and the nonce using the cryptographic hash function to produce a verification hash digest; and authenticating the embedded software when the received hash digest and the verification hash digest match.
PCT/US2001/004834 2001-02-13 2001-02-13 Method and apparatus for authenticating embedded software in a remote unit over a communications channel WO2002065258A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/US2001/004834 WO2002065258A2 (en) 2001-02-13 2001-02-13 Method and apparatus for authenticating embedded software in a remote unit over a communications channel
AU2001237019A AU2001237019A1 (en) 2001-02-13 2001-02-13 Method and apparatus for authenticating embedded software in a remote unit over a communications channel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2001/004834 WO2002065258A2 (en) 2001-02-13 2001-02-13 Method and apparatus for authenticating embedded software in a remote unit over a communications channel

Publications (2)

Publication Number Publication Date
WO2002065258A2 WO2002065258A2 (en) 2002-08-22
WO2002065258A3 true WO2002065258A3 (en) 2003-08-28

Family

ID=21742341

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/004834 WO2002065258A2 (en) 2001-02-13 2001-02-13 Method and apparatus for authenticating embedded software in a remote unit over a communications channel

Country Status (2)

Country Link
AU (1) AU2001237019A1 (en)
WO (1) WO2002065258A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106664561A (en) * 2014-08-25 2017-05-10 华为技术有限公司 System and method for securing pre-association service discovery

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7287052B2 (en) 2002-11-09 2007-10-23 Microsoft Corporation Challenge and response interaction between client and server computing devices
US20040259633A1 (en) * 2003-04-16 2004-12-23 Gentles Thomas A. Remote authentication of gaming software in a gaming system environment
US7908570B2 (en) * 2003-12-05 2011-03-15 Trading Technologies International, Inc. Method and system for displaying a cursor on a trading screen
US20060107327A1 (en) * 2004-11-16 2006-05-18 Sprigg Stephen A Methods and apparatus for enforcing application level restrictions on local and remote content
KR100670005B1 (en) * 2005-02-23 2007-01-19 삼성전자주식회사 Verification device, system and integrity verification method for remotely verifying the integrity of memory for mobile platform
EP1837813A1 (en) 2006-03-15 2007-09-26 Sap Ag System and method for verification of identifiers
WO2008032332A1 (en) * 2006-09-13 2008-03-20 Shyam Prasad Kompadav Shetty Protection scheme for embedded software
US8425304B2 (en) 2007-06-19 2013-04-23 Wms Gaming Inc. Gaming system having graphical feature interface
FR2945134A1 (en) * 2009-04-29 2010-11-05 Bull Sa Machine for testing e.g. flash type memory in cryptographic key generation device, has comparing unit for comparing message with another message and providing validation signal if former message is identical to latter message
WO2012001615A1 (en) * 2010-06-27 2012-01-05 Infinite Memory Ltd. A method, circuit, device and system for authenticating an integrated circuit
JP6492944B2 (en) * 2015-05-07 2019-04-03 株式会社バッファロー Information processing system, information processing apparatus, and firmware program
US10104055B2 (en) * 2016-05-27 2018-10-16 David Joseph Ponder System and process of protecting client side information in electronic transactions
US11349669B1 (en) 2018-01-30 2022-05-31 State Farm Mutual Automobile Insurance Company Cryptographic hash chain for vehicle configuration verification

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5398285A (en) * 1993-12-30 1995-03-14 Motorola, Inc. Method for generating a password using public key cryptography
WO1998010611A2 (en) * 1996-09-05 1998-03-12 Ericsson Inc. System for preventing electronic memory tampering
WO2000018162A1 (en) * 1998-09-18 2000-03-30 Qualcomm Incorporated Method and apparatus for authenticating embedded software in a remote unit over a communications channel

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5398285A (en) * 1993-12-30 1995-03-14 Motorola, Inc. Method for generating a password using public key cryptography
WO1998010611A2 (en) * 1996-09-05 1998-03-12 Ericsson Inc. System for preventing electronic memory tampering
WO2000018162A1 (en) * 1998-09-18 2000-03-30 Qualcomm Incorporated Method and apparatus for authenticating embedded software in a remote unit over a communications channel

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106664561A (en) * 2014-08-25 2017-05-10 华为技术有限公司 System and method for securing pre-association service discovery
CN106664561B (en) * 2014-08-25 2019-12-24 华为技术有限公司 System and method for securing pre-association service discovery

Also Published As

Publication number Publication date
WO2002065258A2 (en) 2002-08-22
AU2001237019A8 (en) 2005-10-13
AU2001237019A1 (en) 2002-08-28

Similar Documents

Publication Publication Date Title
WO2002065258A3 (en) Method and apparatus for authenticating embedded software in a remote unit over a communications channel
WO2003029988A1 (en) Content delivery system, content delivery method, and client terminal
WO2006093561A3 (en) Secure software communication method and system
AU2002307909A1 (en) Remote authentification of fingerprints over an insecure network
WO2008024559A3 (en) Method and apparatus for authenticating applications to secure services
TWI347769B (en) Three way validation and authentication of boot files transmitted from server to client
MY156311A (en) Authentication of data transmitted in a digital transmission system
EP1313286A3 (en) Method and apparatus for protecting the identities of wireless mobile devices
JP2004040717A5 (en)
TW200511097A (en) Security device, data processing terminal, integrated circuit, terminal application program generation device and application program authentication method
JP2003337868A5 (en) Service providing system, apparatus terminal and processing method thereof, authentication apparatus and method, service providing apparatus and method, and program
MXPA02001383A (en) Information processing method/apparatus and program.
BRPI0519184A2 (en) Methods for authenticating a remote service to a user, and for mutually authenticating a remote service user and a remote service, software architecture, authentication device, and methods for authenticating a second user's identity and / or credentials to create an authentication device and to authenticate a user to a remote service
AU2003276090A1 (en) Secure communications
ATE485691T1 (en) METHOD FOR AUTHENTICATING AND VERIFYING SMS TRANSMISSIONS
WO2005065007A3 (en) Method and system for authentication using infrastructureless certificates
WO2005043334A3 (en) Methods and apparatus for providing application credentials
EP0710934A3 (en) Methods and systems for performing article authentication
AU2003275999A8 (en) Method of associating authentication information of a trusted device to an identifier of a non-trusted device
CA2494513A1 (en) Digital-signed digital document exchange supporting method and information processor
AU2002364427A1 (en) Electronic signature method
WO2009053818A3 (en) Method and apparatus for providing secure linking to a user identity in a digital rights management system
EP1435557A3 (en) Restricted access of applications to hardware resources
WO2003027800A3 (en) Method and apparatus for secure mobile transaction
WO2001091478A3 (en) Method for the cryptographic identification of a physical unit in a wireless telecommunications network

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP