TW202403545A - Electronic device and control method thereof - Google Patents

Electronic device and control method thereof Download PDF

Info

Publication number
TW202403545A
TW202403545A TW111125201A TW111125201A TW202403545A TW 202403545 A TW202403545 A TW 202403545A TW 111125201 A TW111125201 A TW 111125201A TW 111125201 A TW111125201 A TW 111125201A TW 202403545 A TW202403545 A TW 202403545A
Authority
TW
Taiwan
Prior art keywords
public key
memory
characteristic value
read
electronic device
Prior art date
Application number
TW111125201A
Other languages
Chinese (zh)
Other versions
TWI824602B (en
Inventor
佘欽偉
吳豔雄
張曉敏
Original Assignee
大陸商星宸科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 大陸商星宸科技股份有限公司 filed Critical 大陸商星宸科技股份有限公司
Priority to TW111125201A priority Critical patent/TWI824602B/en
Application granted granted Critical
Publication of TWI824602B publication Critical patent/TWI824602B/en
Publication of TW202403545A publication Critical patent/TW202403545A/en

Links

Images

Landscapes

  • Electrophonic Musical Instruments (AREA)
  • Control Of Electric Motors In General (AREA)
  • Storage Device Security (AREA)

Abstract

An electronic device and a control method thereof are provided. The electronic device includes a read-only memory (ROM) that stores a first characteristic value of a public key. The control method includes the following steps: reading the public key and a plurality of boot codes of the electronic device from an external storage device; executing the boot codes; and verifying the public key according to the first characteristic value. The public key is used to verify the boot codes, and the number of bits of the first feature value is smaller than the number of bits of the public key. The ROM is arranged on a first chip, and the external storage device is constituted by a second chip.

Description

電子裝置及其控制方法Electronic device and control method thereof

本發明是關於電子裝置,尤其是關於電子裝置的啟動流程及電子裝置的控制方法。The present invention relates to an electronic device, and in particular to a startup process of the electronic device and a control method of the electronic device.

圖1顯示習知運行Linux系統之電子裝置的啟動流程(boot flow)的示意圖,主要包含以下數個啟動程序:ROM boot(唯讀記憶體(read-only memory, ROM)啟動)110、Miniboot 120、U-boot 130及Kernel(核心)140。ROM boot、Miniboot、U-boot及Kernel為本技術領域具有通常知識者所熟知,故不再贅述。Figure 1 shows a schematic diagram of the boot flow of an electronic device running a Linux system, which mainly includes the following boot procedures: ROM boot (read-only memory (ROM) boot) 110, Miniboot 120 , U-boot 130 and Kernel (core) 140. ROM boot, Miniboot, U-boot and Kernel are well known to those with ordinary knowledge in this technical field, so they will not be described in detail.

為了避免啟動流程代碼(即韌體)遭到篡改,ROM boot 110會使用公鑰122及簽章(signature)124來驗證(verify)Miniboot 120的真實性(authenticity),而Miniboot 120使用公鑰122及簽章132來驗證U-boot 130的真實性。簽章124與簽章132是使用私鑰對啟動流程代碼(即,Miniboot 120與U-boot 130)進行簽章(sign)所產生之資料,而該私鑰與公鑰122是一密鑰對。In order to prevent the boot process code (i.e. firmware) from being tampered with, the ROM boot 110 will use the public key 122 and the signature 124 to verify the authenticity of the Miniboot 120, and the Miniboot 120 uses the public key 122 and signature 132 to verify the authenticity of U-boot 130. Signature 124 and signature 132 are data generated by using a private key to sign the startup process code (ie, Miniboot 120 and U-boot 130), and the private key and public key 122 are a key pair. .

為防止公鑰122不被篡改,習知技術係將公鑰122儲存於受保護的儲存媒體內,習知技術的缺點在於,公鑰122的大小會大大地影響電子產品的成本(公鑰122愈大,則所需的儲存媒體愈大,成本愈高)。In order to prevent the public key 122 from being tampered with, the conventional technology stores the public key 122 in a protected storage medium. The disadvantage of the conventional technology is that the size of the public key 122 will greatly affect the cost of the electronic product (the public key 122 The larger it is, the larger the storage media required and the higher the cost).

鑑於先前技術之不足,本發明之一目的在於提供一種電子裝置及其控制方法,以改善先前技術的不足。In view of the shortcomings of the prior art, one objective of the present invention is to provide an electronic device and a control method thereof to improve the shortcomings of the prior art.

本發明之一實施例提供一種電子裝置,該電子裝置存取儲存一公鑰及該電子裝置之複數個啟動流程代碼之一外部儲存裝置,該電子裝置包含:一唯讀記憶體、一計算電路以及一加密及解密電路。唯讀記憶體用來儲存該公鑰之一第一特徵值。計算電路用來執行該些啟動流程代碼。加密及解密電路用來依據該第一特徵值對該公鑰進行驗證。該公鑰用以驗證該些啟動流程代碼,該第一特徵值的位元數小於該公鑰的位元數。該唯讀記憶體、該計算電路及該加密及解密電路設置於一第一晶片上,而該外部儲存裝置由一第二晶片構成。An embodiment of the present invention provides an electronic device that accesses an external storage device that stores a public key and a plurality of startup process codes of the electronic device. The electronic device includes: a read-only memory and a computing circuit and an encryption and decryption circuit. The read-only memory is used to store one of the first characteristic values of the public key. The computing circuit is used to execute the startup process codes. The encryption and decryption circuit is used to verify the public key based on the first characteristic value. The public key is used to verify the startup process codes, and the number of bits of the first characteristic value is smaller than the number of bits of the public key. The read-only memory, the calculation circuit and the encryption and decryption circuit are provided on a first chip, and the external storage device is composed of a second chip.

本發明之另一實施例提供一種電子裝置的控制方法,該電子裝置包含一唯讀記憶體,該唯讀記憶體儲存一公鑰之一第一特徵值,該方法包含:從一外部儲存裝置讀取該公鑰及該電子裝置之複數個啟動流程代碼;執行該些啟動流程代碼;以及,依據該第一特徵值對該公鑰進行驗證。該公鑰用以驗證該些啟動流程代碼,該第一特徵值的位元數小於該公鑰的位元數。該唯讀記憶體設置於一第一晶片上,而該外部儲存裝置由一第二晶片構成。Another embodiment of the present invention provides a method for controlling an electronic device. The electronic device includes a read-only memory that stores a first characteristic value of a public key. The method includes: obtaining a first characteristic value from an external storage device. Read the public key and a plurality of startup process codes of the electronic device; execute the startup process codes; and verify the public key according to the first characteristic value. The public key is used to verify the startup process codes, and the number of bits of the first characteristic value is smaller than the number of bits of the public key. The read-only memory is disposed on a first chip, and the external storage device is composed of a second chip.

本發明之實施例所體現的技術手段可以改善先前技術之缺點的至少其中之一,因此本發明相較於先前技術可以降低成本。The technical means embodied in the embodiments of the present invention can improve at least one of the shortcomings of the prior art, so the present invention can reduce costs compared with the prior art.

有關本發明的特徵、實作與功效,茲配合圖式作實施例詳細說明如下。The features, implementation and effects of the present invention are described in detail below with reference to the drawings and examples.

以下說明內容之技術用語係參照本技術領域之習慣用語,如本說明書對部分用語有加以說明或定義,該部分用語之解釋係以本說明書之說明或定義為準。The technical terms used in the following description refer to the idioms in the technical field. If some terms are explained or defined in this specification, the explanation or definition of these terms shall prevail.

本發明之揭露內容包含電子裝置及其控制方法。由於本發明之電子裝置所包含之部分元件單獨而言可能為已知元件,因此在不影響該裝置發明之充分揭露及可實施性的前提下,以下說明對於已知元件的細節將予以節略。此外,本發明之電子裝置的控制方法的部分或全部流程可以是軟體及/或韌體之形式,並且可藉由本發明之電子裝置或其等效裝置來執行,在不影響該方法發明之充分揭露及可實施性的前提下,以下方法發明之說明將著重於步驟內容而非硬體。The disclosure of the present invention includes electronic devices and control methods thereof. Since some components included in the electronic device of the present invention may be individually known components, the following description will omit details of the known components without affecting the full disclosure and implementability of the device invention. In addition, part or all of the process of the control method of the electronic device of the present invention can be in the form of software and/or firmware, and can be executed by the electronic device of the present invention or its equivalent device, without affecting the sufficiency of the invention of the method. Under the premise of disclosure and implementability, the following description of the method invention will focus on the step content rather than the hardware.

圖2是本發明電子裝置之一實施例的功能方塊圖。電子裝置201耦接外部記憶體202(例如動態隨機存取記憶體(dynamic random access memory, DRAM))及外部儲存裝置203(例如快閃記憶體(flash memory)、嵌入式多媒體卡(embedded multimedia card, eMMC)或安全數位(secure digital, SD)記憶卡)。外部儲存裝置203儲存電子裝置201的啟動流程代碼Bcode(即,與電子裝置201啟動相關的韌體)及公鑰Pkey。FIG. 2 is a functional block diagram of an electronic device according to an embodiment of the present invention. The electronic device 201 is coupled to an external memory 202 (such as dynamic random access memory (DRAM)) and an external storage device 203 (such as flash memory, embedded multimedia card). , eMMC) or secure digital (SD) memory card). The external storage device 203 stores the startup process code Bcode of the electronic device 201 (ie, the firmware related to the startup of the electronic device 201) and the public key Pkey.

電子裝置201包含計算電路210、儲存控制電路220、唯讀記憶體控制電路230、加密及解密電路240、第一唯讀記憶體250、第二唯讀記憶體260及儲存電路270。儲存電路270包含暫存器272及記憶體274(例如靜態隨機存取記憶體(static random access memory, SRAM))。在一實施例中,電子裝置201由一晶片構成,而計算電路210、儲存控制電路220、唯讀記憶體控制電路230、加密及解密電路240、第一唯讀記憶體250、第二唯讀記憶體260及儲存電路270設置於此晶片上,而外部記憶體202及外部儲存裝置203各由另一晶片構成。The electronic device 201 includes a computing circuit 210, a storage control circuit 220, a ROM control circuit 230, an encryption and decryption circuit 240, a first ROM 250, a second ROM 260 and a storage circuit 270. The storage circuit 270 includes a register 272 and a memory 274 (such as static random access memory (SRAM)). In one embodiment, the electronic device 201 is composed of a chip, and the computing circuit 210, the storage control circuit 220, the read-only memory control circuit 230, the encryption and decryption circuit 240, the first read-only memory 250, the second read-only memory The memory 260 and the storage circuit 270 are provided on this chip, and the external memory 202 and the external storage device 203 are each composed of another chip.

在一些實施例中,啟動流程代碼Bcode包含圖1之ROM boot以外的部分(其中公鑰Pkey可以對應到公鑰122),而ROM boot儲存於第一唯讀記憶體250。與Miniboot、U-boot及Kernel相關的程式碼可以以影像檔案(image file)的形式儲存於外部儲存裝置203。儲存控制電路220可以在適當的時間從外部儲存裝置203讀取啟動流程代碼Bcode,並且將啟動流程代碼Bcode儲存至外部記憶體202。計算電路210及加密及解密電路240可以存取外部記憶體202以取得啟動流程代碼Bcode。啟動流程代碼Bcode由計算電路210執行。計算電路210可以透過更改暫存器272的暫存值來控制唯讀記憶體控制電路230及加密及解密電路240。In some embodiments, the boot process code Bcode includes parts other than the ROM boot in Figure 1 (where the public key Pkey can correspond to the public key 122), and the ROM boot is stored in the first read-only memory 250. Program codes related to Miniboot, U-boot and Kernel can be stored in the external storage device 203 in the form of image files. The storage control circuit 220 may read the startup process code Bcode from the external storage device 203 at an appropriate time, and store the startup process code Bcode into the external memory 202 . The calculation circuit 210 and the encryption and decryption circuit 240 can access the external memory 202 to obtain the startup process code Bcode. The startup process code Bcode is executed by the calculation circuit 210. The computing circuit 210 can control the read-only memory control circuit 230 and the encryption and decryption circuit 240 by changing the temporary value of the register 272 .

圖3是本發明電子裝置的控制方法之一實施例的流程圖,包含以下步驟。FIG. 3 is a flow chart of an embodiment of a method for controlling an electronic device of the present invention, including the following steps.

步驟S310:唯讀記憶體控制電路230從第二唯讀記憶體260讀取第一特徵值DGT1。Step S310: The read-only memory control circuit 230 reads the first characteristic value DGT1 from the second read-only memory 260.

步驟S320:唯讀記憶體控制電路230將第一特徵值DGT1儲存至儲存電路270,例如,儲存到記憶體274中。Step S320: The read-only memory control circuit 230 stores the first characteristic value DGT1 in the storage circuit 270, for example, in the memory 274.

步驟S330:計算電路210執行電子裝置201的啟動流程。以下將配合圖4詳細說明電子裝置201的啟動流程。Step S330: The computing circuit 210 executes the startup process of the electronic device 201. The startup process of the electronic device 201 will be described in detail below with reference to FIG. 4 .

如圖3所示,第一特徵值DGT1是在電子裝置201啟動(步驟S330)之前就被從第二唯讀記憶體260讀出(步驟S310),並儲存至儲存電路270(步驟S320)。更明確地說,唯讀記憶體控制電路230被設計為一旦電子裝置201接上電源或是開機就自動執行步驟S310及步驟S320。因為第一特徵值DGT1在電子裝置201的啟動流程中扮演關鍵的角色(將於下方詳述),所以在啟動流程開始之前就先將第一特徵值DGT1備妥有助於提升啟動流程的順暢度及穩定度。As shown in FIG. 3 , the first characteristic value DGT1 is read from the second read-only memory 260 (step S310 ) before the electronic device 201 is started (step S330 ), and is stored in the storage circuit 270 (step S320 ). More specifically, the read-only memory control circuit 230 is designed to automatically execute step S310 and step S320 once the electronic device 201 is connected to the power supply or turned on. Since the first characteristic value DGT1 plays a key role in the startup process of the electronic device 201 (to be described in detail below), preparing the first characteristic value DGT1 before the startup process starts will help improve the smoothness of the startup process. degree and stability.

圖4顯示本發明電子裝置啟動流程之一實施例的流程圖。以下的討論請同時參閱圖2及圖4。FIG. 4 shows a flow chart of an embodiment of the electronic device startup process of the present invention. Please refer to both Figure 2 and Figure 4 for the following discussion.

步驟S410:計算電路210執行ROM boot。更明確地說,計算電路210從第一唯讀記憶體250讀取ROM boot並執行ROM boot。在一實施例中,ROM boot代碼中包含啟動公鑰驗證及啟動Miniboot簽章驗證的指令或代碼,計算電路210執行到啟動公鑰驗證及啟動Miniboot簽章驗證的指令或代碼時會發送控制指令至加密及解密電路240以進行驗證流程。在一實施例中,ROM boot代碼中亦包含將Miniboot代碼自外部儲存裝置203讀取至電子裝置201一記憶體的指令或代碼,其中該記憶體例如可包含於儲存電路270中。Step S410: The computing circuit 210 performs ROM boot. More specifically, the computing circuit 210 reads the ROM boot from the first read-only memory 250 and executes the ROM boot. In one embodiment, the ROM boot code includes instructions or codes for initiating public key verification and initiating Miniboot signature verification. The computing circuit 210 will send control instructions when executing the instructions or codes for initiating public key verification and Miniboot signature verification. to the encryption and decryption circuit 240 for the verification process. In one embodiment, the ROM boot code also includes instructions or codes for reading the Miniboot code from the external storage device 203 to a memory of the electronic device 201 , where the memory may be included in the storage circuit 270 , for example.

步驟S420:計算電路210及加密及解密電路240驗證Miniboot的簽章。簽章驗證流程將在下方配合圖5詳述。Step S420: The calculation circuit 210 and the encryption and decryption circuit 240 verify the signature of Miniboot. The signature verification process will be detailed below with Figure 5.

步驟S430:判斷驗證是否成功(成功代表簽章為真(authentic),即Miniboot沒有被篡改;失敗代表公鑰Pkey及/或簽章為假(inauthentic),即啟動流程代碼Bcode及/或公鑰Pkey可能被篡改)。如果驗證成功,則啟動流程前往步驟S440;否則,結束啟動流程(步驟S490)。Step S430: Determine whether the verification is successful (success means that the signature is authentic (authentic), that is, the Miniboot has not been tampered with; failure means that the public key Pkey and/or the signature is false (inauthentic), that is, the startup process code Bcode and/or the public key Pkey may have been tampered with). If the verification is successful, the startup process proceeds to step S440; otherwise, the startup process ends (step S490).

步驟S440:計算電路210執行Miniboot,即,計算電路210從電子裝置201的記憶體讀取Miniboot並執行。在一實施例中,Miniboot代碼包括用以初始化外部記憶體202的指令或代碼,計算電路210執行Miniboot的過程中包含初始化外部記憶體202的操作。Step S440: The computing circuit 210 executes Miniboot, that is, the computing circuit 210 reads Miniboot from the memory of the electronic device 201 and executes it. In one embodiment, the Miniboot code includes instructions or codes for initializing the external memory 202 , and the process of the computing circuit 210 executing Miniboot includes the operation of initializing the external memory 202 .

步驟S450:計算電路210及加密及解密電路240驗證U-boot的簽章。簽章驗證流程將在下方配合圖5詳述。Step S450: The calculation circuit 210 and the encryption and decryption circuit 240 verify the signature of U-boot. The signature verification process will be detailed below with Figure 5.

步驟S460:判斷驗證是否成功。如果驗證成功(代表U-boot沒有被篡改),則啟動流程前往步驟S470;否則,結束啟動流程(步驟S490)。Step S460: Determine whether the verification is successful. If the verification is successful (meaning that U-boot has not been tampered with), the startup process proceeds to step S470; otherwise, the startup process ends (step S490).

步驟S470:計算電路210執行U-boot,即,計算電路210從外部記憶體202讀取U-boot並執行。Step S470: The computing circuit 210 executes U-boot, that is, the computing circuit 210 reads U-boot from the external memory 202 and executes it.

步驟S480:計算電路210執行Kernel,即,計算電路210從外部記憶體202讀取Kernel並執行。Step S480: The computing circuit 210 executes the Kernel, that is, the computing circuit 210 reads the Kernel from the external memory 202 and executes it.

步驟S490:結束啟動流程,即,計算電路210停止執行啟動流程。Step S490: End the startup process, that is, the calculation circuit 210 stops executing the startup process.

在一實施例中,在執行步驟S480前,亦可利用計算電路210及加密及解密電路240驗證Kernel的簽章,確認Kernel未被修改後才執行Kernel。In one embodiment, before executing step S480, the computing circuit 210 and the encryption and decryption circuit 240 can also be used to verify the signature of the Kernel, and then execute the Kernel after confirming that the Kernel has not been modified.

圖5為本發明簽章驗證流程之一實施例的流程圖,主要包含公鑰驗證程序S510及簽章驗證程序S520。以下的討論請同時參閱圖2及圖5。Figure 5 is a flow chart of one embodiment of the signature verification process of the present invention, which mainly includes a public key verification program S510 and a signature verification program S520. Please refer to both Figure 2 and Figure 5 for the following discussion.

公鑰驗證程序S510包含以下步驟。The public key verification procedure S510 includes the following steps.

步驟S512:加密及解密電路240從儲存電路270的記憶體274中讀取第一特徵值DGT1。第一特徵值DGT1已在啟動流程開始之前被儲存於儲存電路270(步驟S320)。在一實施例中,為提高安全性,電子裝置201中僅加密及解密電路240可控制唯讀記憶體控制電路230以自第二唯讀記憶體讀取第一特徵值DGT1,計算電路210並不知道第一特徵值DGT1的位置也無法讀取第一特徵值DGT1。Step S512: The encryption and decryption circuit 240 reads the first characteristic value DGT1 from the memory 274 of the storage circuit 270. The first characteristic value DGT1 has been stored in the storage circuit 270 before the startup process starts (step S320). In one embodiment, in order to improve security, only the encryption and decryption circuit 240 in the electronic device 201 can control the read-only memory control circuit 230 to read the first characteristic value DGT1 from the second read-only memory, and the calculation circuit 210 also The first characteristic value DGT1 cannot be read without knowing the position of the first characteristic value DGT1.

步驟S514:計算電路210從外部儲存裝置203讀取公鑰Pkey,並且將公鑰Pkey儲存至儲存電路270的暫存器272。Step S514: The calculation circuit 210 reads the public key Pkey from the external storage device 203, and stores the public key Pkey into the register 272 of the storage circuit 270.

步驟S516:計算電路210以第一特徵值運算方法對公鑰Pkey進行特徵值運算以得到公鑰Pkey的第二特徵值DGT2,並且將第二特徵值DGT2儲存至儲存電路270的暫存器272。在一實施例中,可由加密及解密電路240對公鑰Pkey進行特徵值運算以得到公鑰Pkey的第二特徵值DGT2。於電子裝置201出廠前,電子裝置201的製造商使用該第一特徵值運算方法對公鑰Pkey進行特徵值運算以得到第一特徵值DGT1,並且將第一特徵值DGT1透過唯讀記憶體控制電路230儲存至第二唯讀記憶體260。在一些實施例中,該第一特徵值運算方法包含但不限於雜湊演算法(亦稱為雜湊函式(Hash function)),而其他的特徵值運算方法亦適用於本案。第一特徵值DGT1的長度(即,位元數)小於公鑰Pkey的長度。Step S516: The calculation circuit 210 performs eigenvalue calculation on the public key Pkey using the first eigenvalue calculation method to obtain the second eigenvalue DGT2 of the public key Pkey, and stores the second eigenvalue DGT2 in the register 272 of the storage circuit 270 . In one embodiment, the encryption and decryption circuit 240 can perform eigenvalue calculation on the public key Pkey to obtain the second eigenvalue DGT2 of the public key Pkey. Before the electronic device 201 leaves the factory, the manufacturer of the electronic device 201 uses the first characteristic value calculation method to perform characteristic value calculation on the public key Pkey to obtain the first characteristic value DGT1, and controls the first characteristic value DGT1 through the read-only memory. The circuit 230 stores to the second read-only memory 260 . In some embodiments, the first eigenvalue calculation method includes but is not limited to a hash algorithm (also known as a hash function), and other eigenvalue calculation methods are also applicable to this case. The length (ie, the number of bits) of the first characteristic value DGT1 is smaller than the length of the public key Pkey.

步驟S518:加密及解密電路240從儲存電路270的暫存器272讀取第二特徵值DGT2,並且比對第一特徵值DGT1與第二特徵值DGT2。Step S518: The encryption and decryption circuit 240 reads the second characteristic value DGT2 from the register 272 of the storage circuit 270, and compares the first characteristic value DGT1 with the second characteristic value DGT2.

步驟S519:加密及解密電路240判斷第一特徵值DGT1是否等於第二特徵值DGT2。如果第一特徵值DGT1等於第二特徵值DGT2,則進入簽章驗證程序S520;否則,加密及解密電路240判定簽章驗證失敗。Step S519: The encryption and decryption circuit 240 determines whether the first characteristic value DGT1 is equal to the second characteristic value DGT2. If the first characteristic value DGT1 is equal to the second characteristic value DGT2, the signature verification procedure S520 is entered; otherwise, the encryption and decryption circuit 240 determines that the signature verification fails.

由於公鑰Pkey的第一特徵值DGT1是以第一特徵值運算方法對公鑰Pkey運算所產生結果(即,第一特徵值DGT1在某種程度上可代表公鑰Pkey),所以在第一特徵值DGT1及第二特徵值DGT2都沒有被篡改的情況下,步驟S519的結果應該為是。然而,如果第一特徵值DGT1及第二特徵值DGT2的任一者被篡改(代表電子裝置201及/或外部儲存裝置203很可能已遭到惡意攻擊),則計算電路210不應該繼續電子裝置201的啟動流程。因此,當步驟S519的結果為否時,加密及解密電路240透過暫存器272通知計算電路210公鑰Pkey為假,並且略過簽章驗證程序S520。當公鑰Pkey為假時,簽章驗證程序S520必將失敗。因此,計算電路210可以根據公鑰Pkey為假來直接認定簽章驗證失敗(即,步驟S430及步驟S460的結果為否)並結束啟動流程(步驟S490)。Since the first eigenvalue DGT1 of the public key Pkey is the result of the operation of the public key Pkey using the first eigenvalue operation method (that is, the first eigenvalue DGT1 can represent the public key Pkey to a certain extent), so in the first If neither the characteristic value DGT1 nor the second characteristic value DGT2 has been tampered with, the result of step S519 should be yes. However, if either of the first characteristic value DGT1 and the second characteristic value DGT2 is tampered with (representing that the electronic device 201 and/or the external storage device 203 is likely to have been maliciously attacked), the calculation circuit 210 should not continue the electronic device 201 and/or the external storage device 203. 201 startup process. Therefore, when the result of step S519 is negative, the encryption and decryption circuit 240 notifies the calculation circuit 210 that the public key Pkey is false through the register 272, and skips the signature verification procedure S520. When the public key Pkey is false, the signature verification procedure S520 will fail. Therefore, the calculation circuit 210 can directly determine that the signature verification fails based on the fact that the public key Pkey is false (ie, the results of step S430 and step S460 are negative) and end the startup process (step S490).

簽章驗證程序S520包含以下步驟。The signature verification procedure S520 includes the following steps.

步驟S522:加密及解密電路240讀取啟動流程代碼Bcode。更明確地說,如果正在執行步驟S420,則加密及解密電路240在此步驟是從儲存電路270讀取與Miniboot相關的程式碼;如果正在執行步驟S450,則加密及解密電路240在此步驟是從外部記憶體202讀取與U-boot相關的程式碼。Step S522: The encryption and decryption circuit 240 reads the startup process code Bcode. More specifically, if step S420 is being executed, the encryption and decryption circuit 240 reads the Miniboot-related program code from the storage circuit 270 at this step; if step S450 is being executed, the encryption and decryption circuit 240 at this step is Read the program code related to U-boot from the external memory 202.

步驟S524:加密及解密電路240使用第二特徵值運算方法對啟動流程代碼Bcode進行運算,以得到啟動流程代碼Bcode的第三特徵值。在一些實施例中,第二特徵值運算方法等於第一特徵值運算方法。Step S524: The encryption and decryption circuit 240 uses the second characteristic value calculation method to calculate the startup process code Bcode to obtain the third characteristic value of the startup process code Bcode. In some embodiments, the second eigenvalue operation method is equal to the first eigenvalue operation method.

步驟S526:加密及解密電路240使用公鑰Pkey解密簽章,以得到啟動流程代碼Bcode的第四特徵值。更明確地說,如果正在執行步驟S420,則加密及解密電路240在此步驟是解密Miniboot的簽章(例如圖1之簽章124);如果正在執行步驟S450,則加密及解密電路240在此步驟是解密U-boot的簽章(例如圖1之簽章132)。如果啟動流程代碼Bcode沒有遭到篡改,則第三特徵值應該等於第四特徵值。Step S526: The encryption and decryption circuit 240 uses the public key Pkey to decrypt the signature to obtain the fourth characteristic value of the startup process code Bcode. More specifically, if step S420 is being executed, the encryption and decryption circuit 240 decrypts the signature of Miniboot (for example, the signature 124 in Figure 1 ) at this step; if step S450 is being executed, the encryption and decryption circuit 240 is here The step is to decrypt U-boot's signature (for example, signature 132 in Figure 1). If the startup process code Bcode has not been tampered with, the third characteristic value should be equal to the fourth characteristic value.

步驟S528:加密及解密電路240判斷第三特徵值是否等於第四特徵值。當第三特徵值不等於第四特徵值時,代表Miniboot(或U-boot)及其簽章的至少其中一者已遭到篡改;此時計算電路210應該停止執行啟動流程。因此,當步驟S528的結果為否時,加密及解密電路240透過暫存器272通知計算電路210簽章驗證失敗。步驟S528的結果為是代表簽章驗證成功。Step S528: The encryption and decryption circuit 240 determines whether the third characteristic value is equal to the fourth characteristic value. When the third characteristic value is not equal to the fourth characteristic value, it means that at least one of Miniboot (or U-boot) and its signature has been tampered with; at this time, the calculation circuit 210 should stop executing the startup process. Therefore, when the result of step S528 is negative, the encryption and decryption circuit 240 notifies the calculation circuit 210 of the signature verification failure through the register 272 . The result of step S528 is yes, which means the signature verification is successful.

綜上所述,因為本發明在第二唯讀記憶體260儲存的是公鑰Pkey的特徵值(而非公鑰Pkey本身),且特徵值的長度小於公鑰Pkey的長度,所以本案可以使用較小的第二唯讀記憶體260(即,降低電子裝置201的成本)。舉例來說,如果公鑰Pkey是RSA2048加密演算法或RSA4096加密演算法之公鑰,則公鑰Pkey的長度是2048位元或4096位元;而且,當第一特徵值DGT1是雜湊函式SHA-256的結果時,第一特徵值DGT1的長度是256位元,只有2048位元或4096位元的1/8或1/16,大幅降低對第二唯讀記憶體260的需求。To sum up, because the present invention stores the characteristic value of the public key Pkey (not the public key Pkey itself) in the second read-only memory 260, and the length of the characteristic value is smaller than the length of the public key Pkey, this case can be used Smaller second ROM 260 (i.e., reduced cost of the electronic device 201). For example, if the public key Pkey is the public key of the RSA2048 encryption algorithm or the RSA4096 encryption algorithm, the length of the public key Pkey is 2048 bits or 4096 bits; and, when the first characteristic value DGT1 is the hash function SHA When the result is -256, the length of the first characteristic value DGT1 is 256 bits, which is only 1/8 or 1/16 of 2048 bits or 4096 bits, which greatly reduces the demand for the second read-only memory 260.

在一些實施例中,第二唯讀記憶體260可以是一次性可編程唯讀記憶體(one time programmable (OTP) read-only memory (ROM))(例如一次性寫入記憶體(one time programmable (OTP) memory)或電子可程式熔絲(electrically programmable fuse, eFuse))。一次性可編程唯讀記憶體可以防止資料被篡改,進一步確保第一特徵值DGT1的真實性。當第二唯讀記憶體260以一次性可編程唯讀記憶體實作時,儲存公鑰Pkey的特徵值(而非公鑰Pkey本身)還可以進一步提高第二唯讀記憶體260的燒錄成功率(即,提高電子裝置201的良率),原因是特徵值的位元數小於公鑰Pkey的位元數(待燒錄的值的位元數愈小,則燒錄的成功率愈高)。In some embodiments, the second read-only memory 260 may be a one time programmable (OTP) read-only memory (ROM) (eg, one time programmable memory). (OTP) memory) or electrically programmable fuse (eFuse)). The one-time programmable read-only memory can prevent data from being tampered with, further ensuring the authenticity of the first characteristic value DGT1. When the second read-only memory 260 is implemented as a one-time programmable read-only memory, storing the characteristic value of the public key Pkey (instead of the public key Pkey itself) can further improve the programming of the second read-only memory 260 The success rate (that is, improving the yield rate of the electronic device 201) is because the number of bits of the characteristic value is smaller than the number of bits of the public key Pkey (the smaller the number of bits of the value to be burned, the greater the success rate of burning). high).

圖6為本發明一次性可編程唯讀記憶體之一實施例的示意圖。一次性可編程唯讀記憶體600包含記憶體區塊610及控制位元620。記憶體區塊610可以儲存前述的第一特徵值DGT1,而控制位元620指示記憶體區塊610是否可以被燒錄。當第二唯讀記憶體260以一次性可編程唯讀記憶體600實作時,唯讀記憶體控制電路230根據控制位元620的值決定是否燒錄記憶體區塊610。舉例來說,當控制位元620的值為0時,唯讀記憶體控制電路230才可燒錄記憶體區塊610。當第二唯讀記憶體260以圖6的一次性可編程唯讀記憶體600實作時,本發明的電子裝置的控制方法更包含第二唯讀記憶體260的燒錄控制。燒錄控制的流程如圖7所示,包含以下步驟。FIG. 6 is a schematic diagram of an embodiment of the one-time programmable read-only memory of the present invention. The one-time programmable read-only memory 600 includes memory blocks 610 and control bits 620 . The memory block 610 can store the aforementioned first characteristic value DGT1, and the control bit 620 indicates whether the memory block 610 can be programmed. When the second ROM 260 is implemented as the one-time programmable ROM 600, the ROM control circuit 230 determines whether to program the memory block 610 according to the value of the control bit 620. For example, when the value of the control bit 620 is 0, the read-only memory control circuit 230 can program the memory block 610 . When the second read-only memory 260 is implemented with the one-time programmable read-only memory 600 in FIG. 6 , the control method of the electronic device of the present invention further includes programming control of the second read-only memory 260 . The process of programming control is shown in Figure 7, including the following steps.

步驟S710:在對記憶體區塊610進行燒錄之前,唯讀記憶體控制電路230讀取控制位元620的值。Step S710: Before programming the memory block 610, the read-only memory control circuit 230 reads the value of the control bit 620.

步驟S720:判斷控制位元620是否等於一預設值(例如位元0)。如果等於,則流程進入步驟S730;否則,流程進入步驟S740。Step S720: Determine whether the control bit 620 is equal to a preset value (eg, bit 0). If equal, the process proceeds to step S730; otherwise, the process proceeds to step S740.

步驟S730:唯讀記憶體控制電路230燒錄記憶體區塊610。Step S730: The read-only memory control circuit 230 burns the memory block 610.

步驟S740:唯讀記憶體控制電路230拒絕燒錄記憶體區塊610。Step S740: The read-only memory control circuit 230 refuses to program the memory block 610.

許多一次性可編程唯讀記憶體是以位元為單位進行燒錄。舉例來說,如果記憶體區塊610被燒錄過後的值為「11111010」,則該值的第0及第2位元仍可以再次被燒錄為1,但其他位元則無法再被燒錄為0。圖7的燒錄控制可以防止記憶體區塊610的資料被篡改或惡意破壞(例如二次燒錄)。Many one-time programmable ROMs are programmed bit by bit. For example, if the value of memory block 610 is "11111010" after being programmed, the 0th and 2nd bits of the value can still be programmed to 1 again, but other bits cannot be programmed. Recorded as 0. The burning control in FIG. 7 can prevent the data in the memory block 610 from being tampered with or maliciously destroyed (such as secondary burning).

在一些實施例中,當第一特徵值運算方法是雜湊演算法(例如密碼雜湊函式(cryptographic hash function))時,第一特徵值DGT1及第二特徵值DGT2皆為公鑰Pkey的雜湊值(即,雜湊演算法的結果,又稱為訊息摘要(message digest)或摘要(digest))。因為雜湊值具有相當的獨特性,所以部分的雜湊值(例如雜湊值的前半部或後半部)就足以代表公鑰Pkey。換句話說,第二唯讀記憶體260可以只儲存部分的第一特徵值DGT1,以進一步降低電子裝置201的成本及提升一次性可編程唯讀記憶體600的燒錄成功率。當第二唯讀記憶體260只儲存部分的第一特徵值DGT1時,加密及解密電路240在步驟S518中以第二特徵值DGT2的相對應部分來與第一特徵值DGT1的該部分做比較。In some embodiments, when the first eigenvalue calculation method is a hash algorithm (such as a cryptographic hash function), the first eigenvalue DGT1 and the second eigenvalue DGT2 are both hash values of the public key Pkey. (That is, the result of a hash algorithm, also called a message digest or digest). Because the hash value is quite unique, a partial hash value (such as the first half or the second half of the hash value) is sufficient to represent the public key Pkey. In other words, the second read-only memory 260 can only store part of the first characteristic value DGT1 to further reduce the cost of the electronic device 201 and improve the programming success rate of the one-time programmable read-only memory 600 . When the second read-only memory 260 only stores part of the first characteristic value DGT1, the encryption and decryption circuit 240 compares the corresponding part of the second characteristic value DGT2 with the part of the first characteristic value DGT1 in step S518. .

計算電路210可以是具有程式執行能力的電路或電子元件,例如中央處理器、微處理器、微控制器、微處理單元、數位訊號處理電路(digital signal processor, DSP)或其等效電路。在其他的實施例中,本技術領域具有通常知識者可以根據以上的揭露內容來設計計算電路210,也就是說,計算電路210可以是特殊應用積體電路(Application Specific Integrated Circuit, ASIC)或是由可程式化邏輯裝置(Programmable Logic Device, PLD)等電路或硬體實作。The computing circuit 210 may be a circuit or electronic component with program execution capabilities, such as a central processing unit, a microprocessor, a microcontroller, a microprocessing unit, a digital signal processor (DSP) or equivalent circuits thereof. In other embodiments, those skilled in the art can design the computing circuit 210 based on the above disclosure. That is to say, the computing circuit 210 can be an Application Specific Integrated Circuit (ASIC) or an ASIC. It is implemented by circuits or hardware such as Programmable Logic Device (PLD).

在一些實施例中,電子裝置201是一個晶片,而電子裝置201、外部記憶體202及外部儲存裝置203形成一個嵌入式系統。In some embodiments, the electronic device 201 is a chip, and the electronic device 201, the external memory 202 and the external storage device 203 form an embedded system.

本發明的嵌入式系統同時儲存公鑰Pkey及其第一特徵值DGT1,這有助於電子裝置201有效得知嵌入式系統是否遭受錯誤注入(fault injection)之惡意攻擊。因為如果嵌入式系統遭到錯誤注入之惡意攻擊,則公鑰Pkey及第一特徵值DGT1都會被改變,如此一來公鑰驗證程序S510必然不會成功。The embedded system of the present invention simultaneously stores the public key Pkey and its first characteristic value DGT1, which helps the electronic device 201 to effectively know whether the embedded system is subject to malicious attacks by fault injection. Because if the embedded system is maliciously attacked by error injection, the public key Pkey and the first characteristic value DGT1 will be changed, so the public key verification procedure S510 will inevitably fail.

前揭實施例雖以電子裝置的啟動流程為例,然此並非對本發明之限制,本技術領域人士可依本發明之揭露適當地將本發明應用於其它類型的資料的簽章驗證程序。Although the foregoing embodiments take the startup process of an electronic device as an example, this is not a limitation of the present invention. Those skilled in the art can appropriately apply the present invention to signature verification procedures of other types of data based on the disclosure of the present invention.

雖然本發明之實施例如上所述,然而該些實施例並非用來限定本發明,本技術領域具有通常知識者可依據本發明之明示或隱含之內容對本發明之技術特徵施以變化,凡此種種變化均可能屬於本發明所尋求之專利保護範疇,換言之,本發明之專利保護範圍須視本說明書之申請專利範圍所界定者為準。Although the embodiments of the present invention are described above, these embodiments are not intended to limit the present invention. Those skilled in the art may make changes to the technical features of the present invention based on the explicit or implicit contents of the present invention. All these changes may fall within the scope of patent protection sought by the present invention. In other words, the patent protection scope of the present invention must be determined by the patent application scope of this specification.

110:唯讀記憶體啟動(ROM boot) 120:Miniboot 122:公鑰 130:U-boot 140:核心(Kernel) 124,132:簽章 201:電子裝置 202:外部記憶體 203:外部儲存裝置 210:計算電路 220:儲存控制電路 230:唯讀記憶體控制電路 240:加密及解密電路 250:第一唯讀記憶體 260:第二唯讀記憶體 270:儲存電路 272:暫存器 274:記憶體 Bcode:啟動流程代碼 Pkey:公鑰 DGT1:第一特徵值 DGT2:第二特徵值 S510:公鑰驗證程序 S520:簽章驗證程序 600:一次性可編程唯讀記憶體 610:記憶體區塊 620:控制位元 S310,S320,S330,S410,S420,S430,S440,S450,S460,S470,S480,S490,S510,S512,S514,S516,S518,S519,S520,S522,S524,S526,S528,S710,S720,S730,S740:步驟 110: Read-only memory boot (ROM boot) 120:Miniboot 122:Public key 130:U-boot 140: Kernel 124,132:Signature 201: Electronic devices 202:External memory 203:External storage device 210: Calculation circuit 220: Storage control circuit 230: Read-only memory control circuit 240: Encryption and decryption circuit 250: First ROM 260: Second ROM 270:Storage circuit 272: Temporary register 274:Memory Bcode: Start process code Pkey: public key DGT1: first eigenvalue DGT2: second eigenvalue S510: Public key verification procedure S520: Signature verification procedure 600: One-time programmable read-only memory 610: Memory block 620: Control bit S310,S320,S330,S410,S420,S430,S440,S450,S460,S470,S480,S490,S510,S512,S514,S516,S518,S519,S520,S522,S524,S526,S528,S710,S720 , S730, S740: steps

圖1顯示習知運行Linux系統之電子裝置的啟動流程的示意圖; 圖2是本發明電子裝置之一實施例的功能方塊圖; 圖3是本發明電子裝置的控制方法之一實施例的流程圖; 圖4顯示本發明電子裝置啟動流程之一實施例的流程圖; 圖5為本發明簽章驗證流程之一實施例的流程圖; 圖6為本發明一次性可編程唯讀記憶體之一實施例的示意圖;以及 圖7為本發明燒錄控制之一實施例的流程圖。 Figure 1 shows a schematic diagram of the startup process of a conventional electronic device running a Linux system; Figure 2 is a functional block diagram of an embodiment of the electronic device of the present invention; Figure 3 is a flow chart of an embodiment of a method for controlling an electronic device according to the present invention; Figure 4 shows a flow chart of one embodiment of the electronic device startup process of the present invention; Figure 5 is a flow chart of one embodiment of the signature verification process of the present invention; Figure 6 is a schematic diagram of an embodiment of the one-time programmable read-only memory of the present invention; and FIG. 7 is a flow chart of one embodiment of the programming control of the present invention.

S510,S512,S514,S516,S518,S519,S520,S522,S524,S526,S528:步驟 S510,S512,S514,S516,S518,S519,S520,S522,S524,S526,S528: Steps

Claims (19)

一種電子裝置,該電子裝置存取儲存一公鑰及該電子裝置之複數個啟動流程代碼之一外部儲存裝置,該電子裝置包含: 一唯讀記憶體,用來儲存該公鑰之一第一特徵值; 一計算電路,用來執行該些啟動流程代碼;以及 一加密及解密電路,用來依據該第一特徵值對該公鑰進行驗證; 其中,該公鑰用以驗證該些啟動流程代碼,該第一特徵值的位元數小於該公鑰的位元數; 其中,該唯讀記憶體、該計算電路及該加密及解密電路設置於一第一晶片上,而該外部儲存裝置由一第二晶片構成。 An electronic device that accesses an external storage device that stores a public key and a plurality of startup process codes of the electronic device. The electronic device includes: A read-only memory used to store one of the first characteristic values of the public key; a computing circuit for executing the startup process codes; and An encryption and decryption circuit used to verify the public key based on the first characteristic value; Wherein, the public key is used to verify the startup process codes, and the number of bits of the first characteristic value is smaller than the number of bits of the public key; Wherein, the read-only memory, the calculation circuit and the encryption and decryption circuit are provided on a first chip, and the external storage device is composed of a second chip. 如請求項1之電子裝置,其中,該外部儲存裝置更儲存一簽章,該簽章相關於該些啟動流程代碼,當該公鑰通過驗證時,該加密及解密電路使用該公鑰解密該簽章。For example, the electronic device of claim 1, wherein the external storage device further stores a signature, the signature is related to the startup process codes, and when the public key passes the verification, the encryption and decryption circuit uses the public key to decrypt the Signature. 如請求項1之電子裝置,更包含: 一儲存電路;以及 一唯讀記憶體控制電路,用來於該計算電路執行該些啟動流程代碼之前從該唯讀記憶體讀取該第一特徵值,並且將該第一特徵值儲存至該儲存電路。 For example, the electronic device of claim 1 further includes: a storage circuit; and A read-only memory control circuit is used to read the first characteristic value from the read-only memory before the computing circuit executes the startup process codes, and store the first characteristic value to the storage circuit. 如請求項1之電子裝置,其中,該加密及解密電路比對該第一特徵值與對該公鑰進行運算所得之一第二特徵值以對該公鑰進行驗證。The electronic device of claim 1, wherein the encryption and decryption circuit compares the first characteristic value with a second characteristic value obtained by performing an operation on the public key to verify the public key. 如請求項4之電子裝置,其中,該第一特徵值係該公鑰之一第一雜湊值,而該第二特徵值係該公鑰之一第二雜湊值。The electronic device of claim 4, wherein the first characteristic value is a first hash value of the public key, and the second characteristic value is a second hash value of the public key. 如請求項4之電子裝置,其中,該第一特徵值係該公鑰之一第一雜湊值的一部分,而該第二特徵值係該公鑰之一第二雜湊值的一部分。The electronic device of claim 4, wherein the first characteristic value is a part of a first hash value of the public key, and the second characteristic value is a part of a second hash value of the public key. 如請求項1之電子裝置,其中,該唯讀記憶體係一一次性可編程唯讀記憶體。The electronic device of claim 1, wherein the read-only memory system is a one-time programmable read-only memory. 如請求項7之電子裝置,更包含: 一唯讀記憶體控制電路,用來控制該一次性可編程唯讀記憶體; 其中,該唯讀記憶體控制電路於該一次性可編程唯讀記憶體被燒錄之前檢查該一次性可編程唯讀記憶體之一控制位元的值,該控制位元指示儲存該第一特徵值之一記憶體區塊是否可以被燒錄。 For example, the electronic device of claim 7 further includes: A read-only memory control circuit used to control the one-time programmable read-only memory; Wherein, the read-only memory control circuit checks the value of a control bit of the one-time programmable read-only memory before the one-time programmable read-only memory is burned, and the control bit indicates storing the first One of the characteristic values is whether the memory block can be programmed. 如請求項1之電子裝置,其中,當該公鑰未通過驗證時,該計算電路停止執行該些啟動流程代碼。The electronic device of claim 1, wherein when the public key fails to pass verification, the computing circuit stops executing the startup process codes. 一種電子裝置的控制方法,該電子裝置包含一唯讀記憶體,該唯讀記憶體儲存一公鑰之一第一特徵值,該方法包含: 從一外部儲存裝置讀取該公鑰及該電子裝置之複數個啟動流程代碼; 執行該些啟動流程代碼;以及 依據該第一特徵值對該公鑰進行驗證; 其中,該公鑰用以驗證該些啟動流程代碼,該第一特徵值的位元數小於該公鑰的位元數; 其中,該唯讀記憶體設置於一第一晶片上,而該外部儲存裝置由一第二晶片構成。 A control method for an electronic device. The electronic device includes a read-only memory that stores a first characteristic value of a public key. The method includes: Read the public key and a plurality of activation process codes of the electronic device from an external storage device; Execute the startup process code; and Verify the public key according to the first characteristic value; Wherein, the public key is used to verify the startup process codes, and the number of bits of the first characteristic value is smaller than the number of bits of the public key; Wherein, the read-only memory is arranged on a first chip, and the external storage device is composed of a second chip. 如請求項10之方法,其中,該外部儲存裝置儲存一簽章,該簽章相關於該些啟動流程代碼,該方法更包含: 當該公鑰通過驗證時,使用該公鑰解密該簽章。 For example, the method of claim 10, wherein the external storage device stores a signature, the signature is related to the startup process codes, the method further includes: When the public key passes verification, the signature is decrypted using the public key. 如請求項10之方法,其中,該電子裝置更包含一儲存電路,該方法更包含: 於執行該些啟動流程代碼之前從該唯讀記憶體讀取該第一特徵值,並且將該第一特徵值儲存至該儲存電路。 The method of claim 10, wherein the electronic device further includes a storage circuit, and the method further includes: Before executing the startup process codes, the first characteristic value is read from the read-only memory, and the first characteristic value is stored in the storage circuit. 如請求項10之方法,更包含: 比對該第一特徵值與對該公鑰進行運算所得之一第二特徵值以對該公鑰進行驗證。 For example, the method of request item 10 also includes: The first characteristic value is compared with a second characteristic value obtained by performing an operation on the public key to verify the public key. 如請求項13之方法,其中,該第一特徵值係該公鑰之一第一雜湊值,而該第二特徵值係該公鑰之一第二雜湊值。The method of claim 13, wherein the first characteristic value is a first hash value of the public key, and the second characteristic value is a second hash value of the public key. 如請求項13之方法,其中,該第一特徵值係該公鑰之一第一雜湊值的一部分,而該第二特徵值係該公鑰之一第二雜湊值的一部分。The method of claim 13, wherein the first characteristic value is a part of a first hash value of the public key, and the second characteristic value is a part of a second hash value of the public key. 如請求項10之方法,其中,該唯讀記憶體係一一次性可編程唯讀記憶體。The method of claim 10, wherein the read-only memory system is a one-time programmable read-only memory. 如請求項16之方法,更包含: 於該一次性可編程唯讀記憶體被燒錄之前檢查該一次性可編程唯讀記憶體之一控制位元的值,該控制位元指示儲存該第一特徵值之一記憶體區塊是否可以被燒錄。 For example, the method of request item 16 also includes: Before the one-time programmable read-only memory is programmed, the value of a control bit of the one-time programmable read-only memory is checked, and the control bit indicates whether the memory block storing the first characteristic value Can be burned. 如請求項10之方法,更包含: 當該公鑰未通過驗證時,停止執行該些啟動流程代碼。 For example, the method of request item 10 also includes: When the public key fails to pass verification, execution of the startup process codes is stopped. 如請求項10之方法,其中,依據該第一特徵值對該公鑰進行驗證之步驟係於該些啟動流程代碼之一Miniboot啟動程序或一U-boot啟動程序前執行。The method of claim 10, wherein the step of verifying the public key based on the first characteristic value is executed before one of the startup process codes, a Miniboot startup program or a U-boot startup program.
TW111125201A 2022-07-05 2022-07-05 Electronic device and control method thereof TWI824602B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW111125201A TWI824602B (en) 2022-07-05 2022-07-05 Electronic device and control method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW111125201A TWI824602B (en) 2022-07-05 2022-07-05 Electronic device and control method thereof

Publications (2)

Publication Number Publication Date
TWI824602B TWI824602B (en) 2023-12-01
TW202403545A true TW202403545A (en) 2024-01-16

Family

ID=90052927

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111125201A TWI824602B (en) 2022-07-05 2022-07-05 Electronic device and control method thereof

Country Status (1)

Country Link
TW (1) TWI824602B (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW535114B (en) * 1999-04-30 2003-06-01 Ling-Huei Chen Safety interface for certification of personal identification document
CN106295363B (en) * 2016-07-29 2019-05-14 北京小米移动软件有限公司 Startup calibration method and device
CN108268781B (en) * 2016-12-30 2022-01-04 瑞昱半导体股份有限公司 Electronic element of electronic device, method for starting electronic device and encryption method
US11385902B2 (en) * 2019-11-17 2022-07-12 Nuvoton Technology Corporation Secure firmware management with hierarchical boot sequence using last known good firmware
CN111984962A (en) * 2020-09-08 2020-11-24 英韧科技(上海)有限公司 Firmware security verification method and device

Also Published As

Publication number Publication date
TWI824602B (en) 2023-12-01

Similar Documents

Publication Publication Date Title
US7461268B2 (en) E-fuses for storing security version data
JP4769608B2 (en) Information processing apparatus having start verification function
JP6373888B2 (en) Information processing apparatus and control method
JP5493951B2 (en) Information processing apparatus, validity verification method, and program
JP2005227995A (en) Information processor, information processing method and computer program
JP7341784B2 (en) storage device
CN110363010B (en) System safety starting method based on MPSoC chip
JP2009003933A (en) Method, system, and apparatus for encrypting, integrity, and anti-replay protecting data in nonvolatile memory in fault tolerant manner
JP2006164273A (en) Protection booting device and method
CN109445705B (en) Firmware authentication method and solid state disk
JP2007133875A (en) Method and device for safely updating and booting code image
CN109814934B (en) Data processing method, device, readable medium and system
JP7101318B2 (en) Data attestation in memory
KR101954439B1 (en) Soc having double security features, and double security method for soc
CN113553115A (en) Starting method based on heterogeneous multi-core chip and storage medium
KR101988404B1 (en) Soc having double security features, and double security method for soc
TWI824602B (en) Electronic device and control method thereof
JP2005332221A (en) Storage device
JP5759827B2 (en) MEMORY SYSTEM, INFORMATION PROCESSING DEVICE, MEMORY DEVICE, AND MEMORY SYSTEM OPERATION METHOD
JP6622360B2 (en) Information processing device
TWI467408B (en) Embedded devices and control methods thereof
US20240005005A1 (en) Electronic device and control method thereof
TWI738020B (en) Electronic machine and its control method
CN114995918A (en) Starting method and configuration method and device of baseboard management controller and electronic equipment
TWI826048B (en) Data security verification method and electronic apparatus