This invention relates to a computer receving a file from a communication network or separate storage location. In particular, the invention provides a method for verifying the file to be identical with a previous version of the file before using the file.
It is desired that files to be used by a computer do not contain errors or alterations, either accidental or intentional. Accidental changes can occur as a file is retrieved from a storage location or transmitted over a communication network. Intenational changes can occur due to changes inserted into files as "patches," or with malicious intent to disrupt operations as with computer "viruses." Such alterations can cause erroneous data, loss of data, and unexpected or uncontrolled operation, or "crashes." While a "checksum" is often used to protect the integrity of data being sent across a communication link, a checksum does not protect against alteration of the contents of a file and alteration of its checksum, and the checksum is transmitted across the link, and so can be easily intercepted and altered.
Particularly sensitive to alteration are the portions of software used in the initial start-up of a computer, which initialize and establish a functioning operating system on the computer. During this start-up, or "boot" time, critical software elements are being established in the computer. This problem is particularly troublesome for a computer that obtains its "boot image" or initial executable file over a communication network or from a separate storage location, since it cannot know what changes might have occurred to the file while it was separated from the computer or while the computer was turned off. Methods are known to verify the identity of a single communicating partner, but where a "broadcast" network, and a "server" communicating with several computers is involved, it is desirable to verify the integrity of the file received before using it for data or executable instructions.