In an embedded microprocessor-based system, for example, in a mobile phone, the system hardware may provide a mechanism for running programs on the microprocessor in one of two modes: secure and non-secure. Programs that run in secure mode are granted permission to access sensitive hardware resources, such as key registers for digital rights management, and register for control of radio hardware; programs running in non-secure mode are denied access to those resources.
Typically secure code is produced and distributed by the manufacturer of the device and is provided with a digital signature that guarantees that the block of provided code has been generated by a trusted authority and can be safely executed with the usual permissions granted to secure code. However, if the secure code resides in off-chip memory external to the processor integrated circuit, attackers may seek to replace such off-chip, secure, authenticated code with nonsecure unauthenticated code. Known approaches to preventing such attacks include periodically re-authenticating any secure code that is stored in off-chip memory, or paging secure code into on-chip memory, much the way a demand-paged system swaps pages from disk to main memory, and authenticating a page each time it is brought on chip.
Because digital signatures are generally relatively short compared to the data being authenticated, authenticating a section of supposedly secure code may take a non-trivial amount of time given an authentication granule of at least dozens and perhaps thousands of bytes. If such code is periodically authenticated, there may be long intervals in which no execution of the secure code is attempted, and so any periodic authentication during that interval would consume time and energy. In addition, paging secure code into on-chip memory may load and authenticate more code than is necessary if the program only needs a few lines from each page, thus consuming on-chip space and power required to load and authenticate most of the code.
Therefore systems and methods are needed to authenticate program code that resides in off-chip memory and to guard against attackers that might try to substitute unauthorized code for the code distributed by the manufacturer or other authorized source.