AR113125A1 - Arranque seguro de módulos de núcleo - Google Patents

Arranque seguro de módulos de núcleo

Info

Publication number
AR113125A1
AR113125A1 ARP180102700A ARP180102700A AR113125A1 AR 113125 A1 AR113125 A1 AR 113125A1 AR P180102700 A ARP180102700 A AR P180102700A AR P180102700 A ARP180102700 A AR P180102700A AR 113125 A1 AR113125 A1 AR 113125A1
Authority
AR
Argentina
Prior art keywords
kernel module
computer
updated
electronic device
module
Prior art date
Application number
ARP180102700A
Other languages
English (en)
Inventor
Molina Javier Moreno
Vico Jess Daz
Original Assignee
Banco Bilbao Vizcaya Argentaria Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Banco Bilbao Vizcaya Argentaria Sa filed Critical Banco Bilbao Vizcaya Argentaria Sa
Publication of AR113125A1 publication Critical patent/AR113125A1/es

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Stored Programmes (AREA)
  • Hardware Redundancy (AREA)
  • Storage Device Security (AREA)
  • Retry When Errors Occur (AREA)

Abstract

Un método implementado por ordenador para proporcionar un módulo de núcleo actualizado de manera segura de un dispositivo electrónico, en el que el método comprende las siguientes etapas: insertar mediante un ordenador un hash camaleón de un módulo de núcleo, una clave privada de módulo de núcleo del módulo de núcleo y un módulo de núcleo actualizado del módulo de núcleo en una función de colisión hash camaleón obteniendo así unos datos de colisión, combinar mediante el ordenador, el módulo de núcleo actualizado con los datos de colisión obteniendo así un módulo de núcleo actualizado de manera segura. Adicionalmente, se describe además un método implementado por ordenador para actualizar de manera segura al menos un módulo de núcleo de un dispositivo electrónico, un sistema que comprende un servidor y un dispositivo electrónico, programas informáticos y un medio legible por ordenador.
ARP180102700A 2017-09-22 2018-09-20 Arranque seguro de módulos de núcleo AR113125A1 (es)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP17382635.5A EP3460700A1 (en) 2017-09-22 2017-09-22 Authentication of software update modules using chameleon hashing.

Publications (1)

Publication Number Publication Date
AR113125A1 true AR113125A1 (es) 2020-01-29

Family

ID=60009564

Family Applications (1)

Application Number Title Priority Date Filing Date
ARP180102700A AR113125A1 (es) 2017-09-22 2018-09-20 Arranque seguro de módulos de núcleo

Country Status (10)

Country Link
US (1) US11514170B2 (es)
EP (2) EP3460700A1 (es)
CN (1) CN111433771A (es)
AR (1) AR113125A1 (es)
CO (1) CO2020004069A2 (es)
ES (1) ES2890399T3 (es)
MX (1) MX2020003253A (es)
PE (1) PE20210546A1 (es)
UY (1) UY37887A (es)
WO (1) WO2019057810A1 (es)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11392687B2 (en) * 2019-01-04 2022-07-19 Baidu Usa Llc Method and system for validating kernel objects to be executed by a data processing accelerator of a host system
CN110086631B (zh) * 2019-04-29 2021-06-08 电子科技大学 一种可更新变色龙哈希函数的方法
WO2020231418A1 (en) 2019-05-15 2020-11-19 Hewlett-Packard Development Company, L.P. Update signals
WO2021245807A1 (ja) * 2020-06-02 2021-12-09 日本電気株式会社 署名検証システム、署名装置、署名検証方法、およびプログラム
US20230224164A1 (en) * 2020-06-02 2023-07-13 Nec Corporation Signature verification system, signature verification method, and program
CN112565479B (zh) * 2020-12-07 2023-07-11 北京明略昭辉科技有限公司 设备id的动态生成方法、系统、计算机设备及存储介质

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108783A (en) * 1998-02-11 2000-08-22 International Business Machines Corporation Chameleon hashing and signatures
CN101038545A (zh) * 2006-11-10 2007-09-19 清华大学 操作系统内核构件跨域运行的方法
US20110126020A1 (en) * 2007-08-29 2011-05-26 Toshiyuki Isshiki Content disclosure system and method for guaranteeing disclosed contents in the system
JP2010050760A (ja) * 2008-08-22 2010-03-04 Hitachi Ltd コンテンツ保護装置、および、コンテンツ利用装置
US8589302B2 (en) 2009-11-30 2013-11-19 Intel Corporation Automated modular and secure boot firmware update
US9369867B2 (en) 2012-06-29 2016-06-14 Intel Corporation Mobile platform software update with secure authentication
JP2014241465A (ja) * 2013-06-11 2014-12-25 株式会社東芝 署名生成装置、署名生成方法、署名生成プログラム、及び電力使用量計算システム
KR102139546B1 (ko) * 2014-03-11 2020-07-30 삼성전자주식회사 펌웨어 검증 기능을 갖는 모바일 시스템 그리고 그것의 펌웨어 업데이트 방법
US9584317B2 (en) * 2014-10-13 2017-02-28 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
US10326753B2 (en) * 2016-06-23 2019-06-18 International Business Machines Corporation Authentication via revocable signatures

Also Published As

Publication number Publication date
PE20210546A1 (es) 2021-03-17
EP3460700A1 (en) 2019-03-27
US20200265141A1 (en) 2020-08-20
WO2019057810A1 (en) 2019-03-28
US11514170B2 (en) 2022-11-29
UY37887A (es) 2019-04-30
CN111433771A (zh) 2020-07-17
EP3685290B1 (en) 2021-07-21
CO2020004069A2 (es) 2020-06-19
MX2020003253A (es) 2020-09-18
EP3685290A1 (en) 2020-07-29
ES2890399T3 (es) 2022-01-19

Similar Documents

Publication Publication Date Title
AR113125A1 (es) Arranque seguro de módulos de núcleo
CL2018002135A1 (es) Sistema y método para la verificación de la autenticidad de la información de documentos
CL2018002364A1 (es) Sistema universal de tokenización para criptomonedas basadas en cadena de bloques.
CO2017011544A2 (es) Sistema y método para extraer y compartir datos de usuario relacionados con la aplicación
CL2017002839A1 (es) Manejo de compromisos y solicitudes extraídas de comunicaciones y contenido
BR112018010876A2 (pt) dispositivo eletrônico que gera notificação com base nos dados de contexto em resposta à frase da fala de usuário
AR083806A1 (es) Medios legibles por computadora e interfaz para facilitar la presentacion de acciones y de proveedores asociados con entidades
CL2017001807A1 (es) Métodos para el entendimiento de consulta de lenguaje natural incompleta
MY194398A (en) Method, apparatus, and system for service data processing and verification
CL2016000579A1 (es) Sistemas y métodos para recolectar, rastrear y almacenar el rendimiento del sistema y datos de evento para aparatos de computación
IN2013CH05115A (es)
BR112015030417A8 (pt) Sistema de computador, método implementado por computador e sistema para resultados de busca de linguagem natural para consultas de intenção
CL2017002521A1 (es) Paginación de sistema de procesamiento de eventos.
BR112019015423A8 (pt) Método implementado por computador para proteger dados sensíveis armazenados em um protocolo de confiança mantido por uma rede de protocolo de confiança, meio de armazenamento não transitório, legível por computador e sistema
CR20150552A (es) Entorno de aprendizaje de idiomas
JP2014096164A5 (es)
AR094354A1 (es) Sistema para proporcionar una compilación de medios sociales
BR112016022350A2 (pt) Aparelho e método para a proteção de um módulo usado em um poço
BR112015022133A8 (pt) método, meios legíveis por computador e sistema relacionados a repositórios temáticos para o gerenciamneto de transações
BR112014020806A8 (pt) Método e aparelho para a colocação de dados derivados de conteúdo na memória
CO7160075A2 (es) Manejo basado en red de conjuntos de datos protegidos
IN2013MU02497A (es)
AR099945A1 (es) Sistema y método para facilitar transacciones electrónicas
IL242218B (en) A system and method for maintaining a dynamic dictionary
AR101678A1 (es) Dispositivo de procesamiento de información, método de procesamiento de información y medio de almacenamiento legible por computadora no transitorio de almacenamiento de programa

Legal Events

Date Code Title Description
FG Grant, registration