-
公开(公告)号:US09483647B2
公开(公告)日:2016-11-01
申请号:US14330902
申请日:2014-07-14
Applicant: GOOGLE INC.
Inventor: Gaurav Shah , William Drewry , Randall Spangler , Ryan Tabone , Sumit Gwalani , Luigi Semenzato
CPC classification number: G06F21/575 , G06F21/554 , G06F21/64 , G06F21/74 , H04L9/30 , H04L9/3236 , H04L9/3247
Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.
Abstract translation: 公开了用于验证计算系统的引导过程的方法和装置。 计算机实现的示例的示例包括在引导过程期间由计算系统读取计算系统的固件的读写部分的头部。 该示例方法还包括使用第一加密散列算法生成与该报头对应的消息摘要。 示例性方法还包括使用第一公开密钥来解密与该标题相对应的加密签名。 该示例方法还包括比较与该标题相对应的消息摘要和与标题对应的解密签名。 在与标题对应的消息摘要和与标题相对应的解密签名匹配的情况下,示例方法包括继续引导过程。 在与标题对应的消息摘要和与标题相对应的解密签名不匹配的情况下,示例方法包括暂停引导过程。
-
公开(公告)号:US20150012738A1
公开(公告)日:2015-01-08
申请号:US14330902
申请日:2014-07-14
Applicant: GOOGLE INC.
Inventor: Gaurav Shah , William Drewry , Randall Spangler , Ryan Tabone , Sumit Gwalani , Luigi Semenzato
CPC classification number: G06F21/575 , G06F21/554 , G06F21/64 , G06F21/74 , H04L9/30 , H04L9/3236 , H04L9/3247
Abstract: Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.
Abstract translation: 公开了用于验证计算系统的引导过程的方法和装置。 计算机实现的示例的示例包括在引导过程期间由计算系统读取计算系统的固件的读写部分的头部。 该示例方法还包括使用第一加密散列算法生成与该报头对应的消息摘要。 示例性方法还包括使用第一公开密钥来解密与该标题相对应的加密签名。 该示例方法还包括比较与该标题相对应的消息摘要和与标题对应的解密签名。 在与标题对应的消息摘要和与标题相对应的解密签名匹配的情况下,示例方法包括继续引导过程。 在与标题对应的消息摘要和与标题相对应的解密签名不匹配的情况下,示例方法包括暂停引导过程。
-
Search Results
2
records
(took 0.014 seconds)
