公开(公告)号：US20190026471A1

公开(公告)日：2019-01-24

申请号：US16054020

申请日：2018-08-03

Applicant: Google LLC

Inventor： Paul Dermot Crowley

IPC: G06F21/57 ,  H04L9/14 ,  H04L9/08

CPC classification number: G06F21/575 ,  G06F21/57 ,  H04L9/0861 ,  H04L9/0866 ,  H04L9/14 ,  H04L9/3247

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for rollback resistant security are disclosed. In one aspect, a method, during a boot process of a computing device, includes the actions of obtaining a secret key derived from device-specific information for the computing device. The method further includes verifying that a signature for a software module is valid. The method further includes obtaining information indicating a current version of the software module. The method further includes using the secret key to generate a first encryption key corresponding to the current version of the software module and a second encryption key corresponding to a prior version of the software module. The method further includes preventing future access to the secret key until the computing device is rebooted. The method further includes providing the software module access to the first encryption key and the second encryption key.