A wide variety of memory devices can be used to maintain and store data and instructions for various computers and similar systems. In particular, flash memory is a type of electronic memory media that can be rewritten and that can retain content without continued consumption of power. Unlike dynamic random access memory (DRAM) devices and static random memory (SRAM) devices in which a single byte can be erased, flash memory devices are typically erased in fixed multi-byte blocks or sectors. Flash memory technology can include NOR flash memory and NAND flash memory, for example. NAND flash memory evolved from DRAM technology and NOR flash memory evolved from electrically erasable read only memory (EEPROM) chip technology, in which, unlike flash memory, a single byte can be erased. While NAND flash memory is typically suitable for sequential access to handle semi-static data storage like pictures, music, etc., NOR flash is typically suitable for random access application such as code storage where execution in place is required (e.g., including set-top box applications, personal computers, cell phones, etc.). However, NAND flash can be used for some boot-up operations as well, for example, when used in combination with other memory types (e.g., DRAM) for execute in place functionality. In addition, flash memory devices typically are less expensive and more dense as compared to many other memory devices, meaning that flash memory devices can store more data per unit area.
Flash memory has become popular, at least in part, because it combines the advantages of the high density and low cost of EPROM with the electrical erasability of EEPROM. It can be used in many portable electronic products, such as cell phones, portable computers, voice recorders, thumbnail drives, multimedia players, set top boxes (STB), and the like, as well as in many larger electronic systems, such as cars, planes, industrial control systems, etc. The fact that flash memory can be rewritten, as well as its ability to retain data without a power source, a small size, and a light weight, have all combined to make flash memory devices useful and popular means for transporting and maintaining data.
However, the ability to rewrite flash memory as well as the increasing use of flash memory in devices involving digital rights management (DRM) schemes presents special challenges for implementing the technological protection measures to ensure the integrity of the DRM schemes in such devices. For example, consider a system comprising a processor (e.g., a host processor) and an external memory (e.g., a set top box controller and memory, a cell phone processor and memory, etc.), where the system requires sustained system integrity to successfully implement DRM schemes. Such systems have to be reliably secured to prevent unauthorized access or redistribution of protected data and/or circumvention of intended technological protection measures. Further consider that the system is built in such a way that the raw external memory blocks contain crucial data or code (e.g., operating system code, private decryption keys, pseudo random number generation modules, etc.), the securing of which must be ensured to prohibit unauthorized access or modification.
Conventional solutions attempting to provide such system integrity can rely on the notion of secure booting, which in turn relies on the notion that all the system software is signed (e.g., using public key infrastructure (PKI) or otherwise) by the software issuer or other trusted party. Typically, at boot time, the system processor has to perform a series or levels of computationally intensive security checks to verify the digital signatures of the various signed software modules. Such security checks can include, for example, making sure that no other parts of software other than originally installed software is on the system.
However, such systems may still be vulnerable to attacks that can compromise system integrity for the purpose of executing unauthorized system functions (e.g., unauthorized access or redistribution of protected data). For example, one attack or compromise of the intended or authorized actions of the operating system can be to replace the memory (e.g., replacing a flash memory) with a version having compromised operating system functions (e.g., reduced security checks, unauthorized redistribution of control words, private keys, or other secret information, and/or other alterations). Another example can include operating system alterations (e.g., either automatically via execution of a virus or other code intended to exploit system vulnerabilities or otherwise) such that when a control word or other secret information is received, the operating system can be reconfigured to distribute the control word or other secret information to unauthorized recipients (e.g., to an illicit website or other unauthorized data repository), or to perform other unauthorized actions. As a result of such compromises, an attacker may be able to circumvent provider content restrictions using the compromised operating system. Thus, it is desirable to have improved technological protection measures that can thwart such attempts at compromising system integrity.
One class of responses to such attacks has been remote attestation. Remote attestation allows changes to a protected system to be detected by authorized parties. For example, changes to operating system code can be detected to prevent system execution of unauthorized code. Typically, this is performed by system hardware generating a certificate based on what code version or versions the system is currently running. The system can then present this certificate in encrypted form to an authorized remote party to facilitate whether the system code has been tampered with. An intended result is that, authorized parties can avoid user-tampering with system software to circumvent the intended technological protection measures, by taking subsequent measures if unauthorized changes are detected such as disabling the device or forcing a restoration to an authorized configuration.
Remote attestation is usually combined with PKI so that the information sent can only be read by the programs that presented and requested the attestation, and not by an eavesdropper, such as a system attacker. However, such remote attestation implementations produce relatively computationally intensive and slow systems because the process can be slowed by transmission delays, computationally complex decryption, and other response delays inherent in the process. In addition, system leakage via inadvertent execution of a virus or other code intended to exploit system vulnerabilities can result in recovery of private keys or other secret information that can be used for attestation of the integrity of the technological protection measures. This in turn can lead to wide-scale thwarting of the intended protection measures if such information is redistributed to unauthorized recipients (e.g., via the internet or otherwise). Thus, improved technological protection measures are desired, which can provide a relatively reduced complexity option to replace or supplement conventional protection measures.
The above-described deficiencies are merely intended to provide an overview of some of the problems encountered in implementing technological protection measures in memory systems and are not intended to be exhaustive. Other problems with the state of the art may become further apparent upon review of the description of the various non-limiting embodiments of the subject innovation that follows.