MX2020003253A - Arranque seguro de modulos de nucleo. - Google Patents

Arranque seguro de modulos de nucleo.

Info

Publication number
MX2020003253A
MX2020003253A MX2020003253A MX2020003253A MX2020003253A MX 2020003253 A MX2020003253 A MX 2020003253A MX 2020003253 A MX2020003253 A MX 2020003253A MX 2020003253 A MX2020003253 A MX 2020003253A MX 2020003253 A MX2020003253 A MX 2020003253A
Authority
MX
Mexico
Prior art keywords
kernel module
computer
updated
electronic device
secure boot
Prior art date
Application number
MX2020003253A
Other languages
English (en)
Inventor
Vico Jesús Díaz
Molina Javier Moreno
Original Assignee
Banco Bilbao Vizcaya Argentaria Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Banco Bilbao Vizcaya Argentaria Sa filed Critical Banco Bilbao Vizcaya Argentaria Sa
Publication of MX2020003253A publication Critical patent/MX2020003253A/es

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Stored Programmes (AREA)
  • Hardware Redundancy (AREA)
  • Retry When Errors Occur (AREA)
  • Storage Device Security (AREA)

Abstract

Un método implementado por ordenador para proporcionar un módulo de núcleo actualizado de manera segura de un dispositivo electrónico, en el que el método comprende las siguientes etapas: insertar mediante un ordenador un hash camaleón de un módulo de núcleo, una clave privada de módulo de núcleo del módulo de núcleo y un módulo de núcleo actualizado del módulo de núcleo en una función de colisión hash camaleón obteniendo así unos datos de colisión, combinar mediante el ordenador, el módulo de núcleo actualizado con los datos de colisión obteniendo así un módulo de núcleo actualizado de manera segura. Adicionalmente, se describe además un método implementado por ordenador para actualizar de manera segura al menos un módulo de núcleo de un dispositivo electrónico, un sistema que comprende un servidor y un dispositivo electrónico, programas informáticos y un medio legible por ordenador.
MX2020003253A 2017-09-22 2018-09-20 Arranque seguro de modulos de nucleo. MX2020003253A (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP17382635.5A EP3460700A1 (en) 2017-09-22 2017-09-22 Authentication of software update modules using chameleon hashing.
PCT/EP2018/075447 WO2019057810A1 (en) 2017-09-22 2018-09-20 SECURE LAUNCH OF CORE MODULES

Publications (1)

Publication Number Publication Date
MX2020003253A true MX2020003253A (es) 2020-09-18

Family

ID=60009564

Family Applications (1)

Application Number Title Priority Date Filing Date
MX2020003253A MX2020003253A (es) 2017-09-22 2018-09-20 Arranque seguro de modulos de nucleo.

Country Status (10)

Country Link
US (1) US11514170B2 (es)
EP (2) EP3460700A1 (es)
CN (1) CN111433771A (es)
AR (1) AR113125A1 (es)
CO (1) CO2020004069A2 (es)
ES (1) ES2890399T3 (es)
MX (1) MX2020003253A (es)
PE (1) PE20210546A1 (es)
UY (1) UY37887A (es)
WO (1) WO2019057810A1 (es)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112292678A (zh) * 2019-01-04 2021-01-29 百度时代网络技术(北京)有限公司 用于验证将要由主机系统的数据处理加速器执行的内核对象的方法与系统
CN110086631B (zh) * 2019-04-29 2021-06-08 电子科技大学 一种可更新变色龙哈希函数的方法
CN113614723A (zh) 2019-05-15 2021-11-05 惠普发展公司,有限责任合伙企业 更新信号
JP7452646B2 (ja) 2020-06-02 2024-03-19 日本電気株式会社 署名検証システム、署名検証方法、およびプログラム
US20230224165A1 (en) 2020-06-02 2023-07-13 Nec Corporation Signature verification system, signature apparatus, signature verification method, and program
CN112565479B (zh) * 2020-12-07 2023-07-11 北京明略昭辉科技有限公司 设备id的动态生成方法、系统、计算机设备及存储介质

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108783A (en) * 1998-02-11 2000-08-22 International Business Machines Corporation Chameleon hashing and signatures
CN101038545A (zh) * 2006-11-10 2007-09-19 清华大学 操作系统内核构件跨域运行的方法
WO2009028513A1 (ja) * 2007-08-29 2009-03-05 Nec Corporation コンテンツの公開システム及び該システムにおける公開コンテンツの保証方法
JP2010050760A (ja) * 2008-08-22 2010-03-04 Hitachi Ltd コンテンツ保護装置、および、コンテンツ利用装置
US8589302B2 (en) 2009-11-30 2013-11-19 Intel Corporation Automated modular and secure boot firmware update
US9369867B2 (en) 2012-06-29 2016-06-14 Intel Corporation Mobile platform software update with secure authentication
JP2014241465A (ja) * 2013-06-11 2014-12-25 株式会社東芝 署名生成装置、署名生成方法、署名生成プログラム、及び電力使用量計算システム
KR102139546B1 (ko) * 2014-03-11 2020-07-30 삼성전자주식회사 펌웨어 검증 기능을 갖는 모바일 시스템 그리고 그것의 펌웨어 업데이트 방법
US9584317B2 (en) * 2014-10-13 2017-02-28 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
US10326753B2 (en) * 2016-06-23 2019-06-18 International Business Machines Corporation Authentication via revocable signatures

Also Published As

Publication number Publication date
EP3460700A1 (en) 2019-03-27
US11514170B2 (en) 2022-11-29
CO2020004069A2 (es) 2020-06-19
PE20210546A1 (es) 2021-03-17
CN111433771A (zh) 2020-07-17
US20200265141A1 (en) 2020-08-20
WO2019057810A1 (en) 2019-03-28
AR113125A1 (es) 2020-01-29
EP3685290A1 (en) 2020-07-29
EP3685290B1 (en) 2021-07-21
UY37887A (es) 2019-04-30
ES2890399T3 (es) 2022-01-19

Similar Documents

Publication Publication Date Title
MX2020003253A (es) Arranque seguro de modulos de nucleo.
WO2014164893A3 (en) Remote transfer of electronic images to a vehicle
PH12020550701A1 (en) Asset management method and apparatus, and electronic device
PH12019501311A1 (en) Blockchain-based commodity claim method and apparatus, and electronic device
MX2016016598A (es) Diagnostico y complementacion de datos de sensores de vehículo.
MY194398A (en) Method, apparatus, and system for service data processing and verification
BR112018004593A2 (pt) sistemas e métodos para atualizar dados de contas de proprietários de cartões
MX369969B (es) Sistemas y metodos para sistemas de manejo de respuesta a demanda mejorados (drms).
PH12018501668A1 (en) Electronic payment service processing method and device, and electronic payment method and device
NZ744540A (en) Systems and methods for providing block chain-based multifactor personal identity verification
MX2016000242A (es) Carga eficiente de datos telematicos.
BR112016030260A2 (pt) Sistema, métodos e equipamentos agronômicos
GB201216375D0 (en) Method of optimizing the interaction between a software application and a database server or other kind of remote data source
IN2014MN02173A (es)
GB2526743A (en) Session attribute propagation through secure database server tiers
IN2015DN02657A (es)
MX340027B (es) Presentacion de acciones y proveedores asociados con entidades.
IN2013CH05115A (es)
WO2014150277A3 (en) Methods and systems for providing secure transactions
PH12017500926A1 (en) Transaction system and method
BR112016015416A2 (pt) Aparelho, método, e sistema para a geração de uma assinatura digital
WO2018117968A8 (en) Systems and methods for automated bulk user registration spanning both a content management system and any software applications embedded therein
IN2014KN01340A (es)
GB2549643A (en) Methods and systems for configuring electronic devices
TW201614494A (en) Data storage device and operating method thereof