The invention relates to a system for preventing electronic memory manipulation, and in particular, to methods and apparatuses for preventing unauthorized manipulation of desirably secure memory contents in an electronic device.
The invention disclosed herein relates to any electronic device whose memory contents are to be maintained in a secure or preferably unaltered state. Such a requirement may be necessitated by security reasons, such as preventing fraudulent manipulation of a cellular telephone memory, or for the purposes of maintaining the integrity of electronic device operation in critical applications such as aircraft control or medical instrument operation. As disclosed and described herein, exemplary aspects of the invention are set out in the context of a system and method for securing one or more electronic memories within a cellular telephone. Also described herein is a system that permits access to, and manipulation of, one or more electronic memories in an electronic device, by use of a data transfer device that undergoes an authentication process before being permitted to access an electronic memory. The latter system is also described in the context of a cellular telephone application. Even though exemplary embodiments of the invention disclosed herein are described in the context of a secure cellular telephone memory and a means for securely accessing and altering memory contents in a cellular telephone, it will be readily appreciated by those skilled in the art that systems in accordance with the invention can be applied to any electronic system having one or more memories whose contents are to remain unaltered, or whose memories are to be accessed and possibly modified only by authorized means. Consequently, the scope of the invention is not intended to be limited by the exemplary embodiments set out herein, but rather by the claims appended hereto and equivalents thereof.
In many fixed and mobile computing and communication systems such as personal digital assistants (PDAs) and cellular telephones, there is a need to protect certain data stored in the memory of the system. This data may be the data corresponding to a document, database, or program. In the context of a cellular telephone, the data may represent information such as the International Mobile Equipment Identity (IMEI) number (as specified by the ETSI GSM specification), radio calibration data, and encrypted access codes. Once stored in the memory, this type of data is not expected to change, and is therefore referred to herein as static data. Other types of data may also be stored in the memory, such as data representing a status indication of whether the GSM phone is locked onto a specific operator's network or not. This type of data, referred to herein as dynamic data, has the potential of being modified by the user, but only if the user is authorized to make the modification. In all other cases, the dynamic data should not be permitted to change.
Techniques for ensuring the integrity of static data (i.e., for preventing the static data from being tampered with) have been described, such as those presented in U.S. Pat. Nos. 5,442,645 and 6,026,293, which are hereby incorporated herein by reference in their entireties. These methods variously use cryptographic techniques for creating so-called “signatures” from the static data. Cryptographic techniques are known and described in such publications as Handbook of Applied Cryptology, by A. Menezes, P. C. an Orrshot, and S. A. Vanstone, CRC Press, 1996, which is hereby incorporated herein by reference in its entirety. The signatures are created and stored at a time when the static data is known to be authentic. Then, before the user is permitted to utilize the static data, the signature is again computed and compared with the previously stored version. Any mismatch is taken as evidence that the static data has changed and is not to be used.
In U.S. Pat. No. 5,442,645 a secret key needs to be stored in order to realize the integrity protection. A more elaborate technique is described in U.S. Pat. No. 6,026,293. This will now be briefly described in connection with the block diagram of FIG. 1. In this system, an ASIC that includes processing circuits 100 is interconnected with a flash program memory 101, a random access memory (RAM) 103 and an electrically erasable programmable read-only memory (EEPROM) 105 by means of a system bus 107. The processing circuits 100 include a microprocessor 109, a timer and controller logic 111, and two forms of memory: protected static RAM (PSRAM) 113 and an internal read-only memory (IROM) 115. In addition to the traditional boot code 117, the IROM 115 stores a public key 119, program code for the hash algorithm (denoted hash code 121) and program code for the device authentication code 123. Static data 125 is stored in the EEPROM 105. The static data 125 is protected by audit hash values 127 that are also stored in the EEPROM 105. The audit hash values 127 are computed by the hash algorithm implemented by the hash code 121 stored in the processing circuit's IROM 115. Access to the EEPROM's contents by an external data transfer device is controlled through the use of an authentication procedure using the public key 119 and authentication code 123 stored in the IROM 115. The authentication process requires that the data transfer device be in possession of the corresponding secret key of the public/private encryption scheme that is used to implement the authentication procedure. A timer mechanism, implemented by means of the timer and control logic 111, is used to trigger the processing circuit's performance of perform integrity checks at certain moments of time as determined by a set of counters.
A disadvantage with existing methods is that the software that performs the integrity checking must itself be secured, since any way to modify the integrity checking software can be used to bypass the security mechanism. In the technique described in U.S. Pat. No. 6,026,293 this requirement is satisfied by fixing the code of the software in the IROM of the processing circuit ASIC. However, in order to be able to employ this technique, the system developer must be capable of defining parts of the ASIC. This capability increases the cost of this component.
Another disadvantage with these known techniques is that they are not readily applicable to the problem of ensuring the integrity of dynamic data.
In U.S. Pat. No. 5,606,315, a mechanism is described wherein access to a dynamic data object is controlled via a password that is stored in EEPROM. However, the user can easily read the password from the EEPROM and thereby get access to the capability of modifying the dynamic data. Moreover, in the system described in this document, the dynamic data is not checked for integrity.