CO2020004069A2 - Arranque seguro de módulos de núcleo - Google Patents
Arranque seguro de módulos de núcleoInfo
- Publication number
- CO2020004069A2 CO2020004069A2 CONC2020/0004069A CO2020004069A CO2020004069A2 CO 2020004069 A2 CO2020004069 A2 CO 2020004069A2 CO 2020004069 A CO2020004069 A CO 2020004069A CO 2020004069 A2 CO2020004069 A2 CO 2020004069A2
- Authority
- CO
- Colombia
- Prior art keywords
- kernel module
- computer
- updated
- electronic device
- module
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
- H04L9/0833—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
- H04L9/0836—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Computing Systems (AREA)
- Power Engineering (AREA)
- Stored Programmes (AREA)
- Hardware Redundancy (AREA)
- Retry When Errors Occur (AREA)
- Storage Device Security (AREA)
Abstract
Un método implementado por ordenador para proporcionar un módulo de núcleo actualizado de manera segura de un dispositivo electrónico, en el que el método comprende las siguientes etapas: insertar mediante un ordenador un hash camaleón de un módulo de núcleo, una clave privada de módulo de núcleo del módulo de núcleo y un módulo de núcleo actualizado del módulo de núcleo en una función de colisión hash camaleón obteniendo así unos datos de colisión, combinar mediante el ordenador, el módulo de núcleo actualizado con los datos de colisión obteniendo así un módulo de núcleo actualizado de manera segura. Adicionalmente, se describe además un método implementado por ordenador para actualizar de manera segura al menos un módulo de núcleo de un dispositivo electrónico, un sistema que comprende un servidor y un dispositivo electrónico, programas informáticos y un medio legible por ordenador
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP17382635.5A EP3460700A1 (en) | 2017-09-22 | 2017-09-22 | Authentication of software update modules using chameleon hashing. |
PCT/EP2018/075447 WO2019057810A1 (en) | 2017-09-22 | 2018-09-20 | SECURE LAUNCH OF CORE MODULES |
Publications (1)
Publication Number | Publication Date |
---|---|
CO2020004069A2 true CO2020004069A2 (es) | 2020-06-19 |
Family
ID=60009564
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CONC2020/0004069A CO2020004069A2 (es) | 2017-09-22 | 2020-03-31 | Arranque seguro de módulos de núcleo |
Country Status (10)
Country | Link |
---|---|
US (1) | US11514170B2 (es) |
EP (2) | EP3460700A1 (es) |
CN (1) | CN111433771A (es) |
AR (1) | AR113125A1 (es) |
CO (1) | CO2020004069A2 (es) |
ES (1) | ES2890399T3 (es) |
MX (1) | MX2020003253A (es) |
PE (1) | PE20210546A1 (es) |
UY (1) | UY37887A (es) |
WO (1) | WO2019057810A1 (es) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3794477B1 (en) * | 2019-01-04 | 2023-05-10 | Baidu.com Times Technology (Beijing) Co., Ltd. | Method and system for validating kernel objects to be executed by a data processing accelerator of a host system |
CN110086631B (zh) * | 2019-04-29 | 2021-06-08 | 电子科技大学 | 一种可更新变色龙哈希函数的方法 |
CN113614723A (zh) | 2019-05-15 | 2021-11-05 | 惠普发展公司,有限责任合伙企业 | 更新信号 |
WO2021245807A1 (ja) | 2020-06-02 | 2021-12-09 | 日本電気株式会社 | 署名検証システム、署名装置、署名検証方法、およびプログラム |
US20230224164A1 (en) | 2020-06-02 | 2023-07-13 | Nec Corporation | Signature verification system, signature verification method, and program |
CN112565479B (zh) * | 2020-12-07 | 2023-07-11 | 北京明略昭辉科技有限公司 | 设备id的动态生成方法、系统、计算机设备及存储介质 |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6108783A (en) * | 1998-02-11 | 2000-08-22 | International Business Machines Corporation | Chameleon hashing and signatures |
CN101038545A (zh) * | 2006-11-10 | 2007-09-19 | 清华大学 | 操作系统内核构件跨域运行的方法 |
WO2009028513A1 (ja) * | 2007-08-29 | 2009-03-05 | Nec Corporation | コンテンツの公開システム及び該システムにおける公開コンテンツの保証方法 |
JP2010050760A (ja) * | 2008-08-22 | 2010-03-04 | Hitachi Ltd | コンテンツ保護装置、および、コンテンツ利用装置 |
US8589302B2 (en) | 2009-11-30 | 2013-11-19 | Intel Corporation | Automated modular and secure boot firmware update |
US9369867B2 (en) | 2012-06-29 | 2016-06-14 | Intel Corporation | Mobile platform software update with secure authentication |
JP2014241465A (ja) * | 2013-06-11 | 2014-12-25 | 株式会社東芝 | 署名生成装置、署名生成方法、署名生成プログラム、及び電力使用量計算システム |
KR102139546B1 (ko) * | 2014-03-11 | 2020-07-30 | 삼성전자주식회사 | 펌웨어 검증 기능을 갖는 모바일 시스템 그리고 그것의 펌웨어 업데이트 방법 |
US9584317B2 (en) * | 2014-10-13 | 2017-02-28 | Microsoft Technology Licensing, Llc | Identifying security boundaries on computing devices |
US10326753B2 (en) * | 2016-06-23 | 2019-06-18 | International Business Machines Corporation | Authentication via revocable signatures |
-
2017
- 2017-09-22 EP EP17382635.5A patent/EP3460700A1/en not_active Withdrawn
-
2018
- 2018-09-19 UY UY0001037887A patent/UY37887A/es not_active Application Discontinuation
- 2018-09-20 PE PE2020000604A patent/PE20210546A1/es unknown
- 2018-09-20 WO PCT/EP2018/075447 patent/WO2019057810A1/en active Search and Examination
- 2018-09-20 ES ES18769211T patent/ES2890399T3/es active Active
- 2018-09-20 US US16/648,411 patent/US11514170B2/en active Active
- 2018-09-20 CN CN201880074889.4A patent/CN111433771A/zh active Pending
- 2018-09-20 EP EP18769211.6A patent/EP3685290B1/en active Active
- 2018-09-20 MX MX2020003253A patent/MX2020003253A/es unknown
- 2018-09-20 AR ARP180102700A patent/AR113125A1/es active IP Right Grant
-
2020
- 2020-03-31 CO CONC2020/0004069A patent/CO2020004069A2/es unknown
Also Published As
Publication number | Publication date |
---|---|
AR113125A1 (es) | 2020-01-29 |
US20200265141A1 (en) | 2020-08-20 |
EP3685290A1 (en) | 2020-07-29 |
UY37887A (es) | 2019-04-30 |
US11514170B2 (en) | 2022-11-29 |
ES2890399T3 (es) | 2022-01-19 |
EP3685290B1 (en) | 2021-07-21 |
PE20210546A1 (es) | 2021-03-17 |
CN111433771A (zh) | 2020-07-17 |
EP3460700A1 (en) | 2019-03-27 |
WO2019057810A1 (en) | 2019-03-28 |
MX2020003253A (es) | 2020-09-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CO2020004069A2 (es) | Arranque seguro de módulos de núcleo | |
SV2018005732A (es) | Sistema y metodo para la verificacion de la autenticidad de la informacion de documentos | |
CL2018002364A1 (es) | Sistema universal de tokenización para criptomonedas basadas en cadena de bloques. | |
CL2017002839A1 (es) | Manejo de compromisos y solicitudes extraídas de comunicaciones y contenido | |
CL2017002847A1 (es) | Sistema y método para extraer y compartir datos de usuario relacionados con la aplicación. | |
AR083806A1 (es) | Medios legibles por computadora e interfaz para facilitar la presentacion de acciones y de proveedores asociados con entidades | |
CL2018003297A1 (es) | Aislamiento de seguridad virtualizado con base en hardware | |
CL2017001807A1 (es) | Métodos para el entendimiento de consulta de lenguaje natural incompleta | |
IN2013CH05115A (es) | ||
CL2017002521A1 (es) | Paginación de sistema de procesamiento de eventos. | |
MY194398A (en) | Method, apparatus, and system for service data processing and verification | |
BR112019015423A8 (pt) | Método implementado por computador para proteger dados sensíveis armazenados em um protocolo de confiança mantido por uma rede de protocolo de confiança, meio de armazenamento não transitório, legível por computador e sistema | |
BR112017009806A2 (pt) | sistema e método para gerar informações de nível de estresse e de nível de resiliência de estresse para um indivíduo | |
BR112017005824A2 (pt) | método, e, dispositivo móvel. | |
CL2017002095A1 (es) | Edición y manipulación de trazo de tinta. | |
JP2014096164A5 (es) | ||
BR112017007705A2 (pt) | sistemas e métodos para a provisão de travessia de árvore usando-se um processamento baseado em hardware | |
AR094354A1 (es) | Sistema para proporcionar una compilación de medios sociales | |
BR112015022133A8 (pt) | método, meios legíveis por computador e sistema relacionados a repositórios temáticos para o gerenciamneto de transações | |
AR102793A1 (es) | Sistema y método para efectuar transacciones | |
BR112014020806A8 (pt) | Método e aparelho para a colocação de dados derivados de conteúdo na memória | |
BR112016015416A2 (pt) | Aparelho, método, e sistema para a geração de uma assinatura digital | |
IN2013MU02497A (es) | ||
BR112017023840A2 (pt) | método, computador de entidade de validação, e, dispositivo móvel. | |
AR099945A1 (es) | Sistema y método para facilitar transacciones electrónicas |