-
公开(公告)号:US20140223198A1
公开(公告)日:2014-08-07
申请号:US13997896
申请日:2011-12-20
IPC分类号: G06F12/14
CPC分类号: G06F12/1408 , G06F13/14 , G06F21/44 , G06F21/79 , G06F2212/1052
摘要: Embodiments of the invention create an underlying infrastructure in a flash memory device (e.g., a serial peripheral interface (SPI) flash memory device) such that it may be protected against user attacks—e.g., replacing the SPI flash memory device or a man-in-the-middle (MITM) attack to modify the SPI flash memory contents on the fly. In the prior art, monotonic counters cannot be stored in SPI flash memory devices because said devices do not provide replay protection for the counters. A user may also remove the flash memory device and reprogram it. Host platforms alone cannot protect against such hardware attacks.Embodiments of the invention enable secure standard storage flash memory devices such as SPI flash memory devices to achieve replay protection for securely stored data. Embodiments of the invention utilize flash memory controllers, flash memory devices, unique device keys and HMAC key logic to create secure execution environments for various components.
摘要翻译: 本发明的实施例在闪存设备(例如,串行外围设备接口(SPI)闪存设备)中创建底层基础设施,使得其可以被保护免受用户攻击 - 例如,替换SPI闪存设备或管理员 - 中间(MITM)攻击,即时修改SPI闪存内容。 在现有技术中,单调计数器不能存储在SPI闪存设备中,因为所述设备不为计数器提供重放保护。 用户还可以移除闪存设备并对其进行重新编程。 仅主机平台无法防范此类硬件攻击。 本发明的实施例使得诸如SPI闪存设备之类的安全标准存储闪存设备能够实现用于安全存储的数据的重放保护。 本发明的实施例利用闪存控制器,闪存设备,唯一设备密钥和HMAC密钥逻辑来为各种组件创建安全的执行环境。
搜索结果
1 条记录 (耗时 0.008 秒)
