Patent Application
20090013192
The present invention relates to security of electronic devices, and more particularly, to integrity check methods applied to electronic devices, and related circuits.
For security considerations, preventing control-related data from being altered or checking whether the control-related data is altered is essential for the latest optical storage devices such as blu-ray disc (BD) drives and high definition digital versatile disc (HD-DVD) drives. An integrity check of the control-related data such as a firmware code is one approach to this issue.
For an optical storage device, performing an integrity check of control-related data in the same way as a BIOS of a personal computer (PC) is not suitable since a quick response to an inquiry of a host device handling the optical storage device (e.g. a controller/control circuit on a motherboard within a PC) is strongly recommended. If the host device receives no response from the optical storage device within a predetermined time interval, for example, a couple of hundreds of milliseconds, the optical storage device may be considered to be unavailable, leading to a malfunction.
According to the related art, as the control-related data is typically stored in a memory whose access speed is considered insufficiently fast (such as a non-volatile memory), the control-related data can first be entirely fetched into a dynamic random access memory (DRAM) or a static random access memory (SRAM) within the optical storage device, so the integrity check of the control-related data is performed therein. If the optical storage device is provided with more or improved functions, however, the control-related data would be too great to be checked in time. As a result, the control-related data may be utilized before the integrity check is performed, which means the security of the optical storage device is very weak.
It is therefore an objective of the claimed invention to provide integrity check methods applied to electronic devices, and related circuits, to solve the problems mentioned above.
It is another objective of the claimed invention to provide integrity check methods applied to electronic devices, and related circuits, to increase the efficiency during operations required for performing an integrity check.
It is another objective of the claimed invention to provide integrity check methods applied to electronic devices, and related circuits, to enhance the security of the electronic devices.
An exemplary embodiment of an integrity check method applied to an electronic device comprises: fetching at least one portion of external data into a specific memory, where the external data is stored within the electronic device; during fetching the portion of the external data into the specific memory, checking whether the size of the fetched data in the specific memory reaches a predetermined value, where the predetermined value is less than the total size of the external data; and when the size of the fetched data in the specific memory reaches the predetermined value, enabling an integrity check of the fetched data.
An exemplary embodiment of a circuit for performing an integrity check in an electronic device comprises: a specific memory for temporarily storing at least one portion of external data, where the external data is stored within the electronic device; and a microprocessor, coupled to the specific memory, for fetching the portion of external data into the specific memory, where during fetching the portion of the external data into the specific memory, the microprocessor checks whether the size of the fetched data in the specific memory reaches a predetermined value, and the predetermined value is less than the total size of the external data. When the size of the fetched data in the specific memory reaches the predetermined value, the microprocessor enables the integrity check of the fetched data. These and other objectives of the present invention will no doubt become obvious to those of ordinary skill in the art after reading the following detailed description of the preferred embodiment that is illustrated in the various figures and drawings.
Certain terms are used throughout the description and following claims to refer to particular components. As one skilled in the art will appreciate, electronic equipment manufacturers may refer to a component by different names. This document does not intend to distinguish between components that differ in name but not function. In the following description and in the claims, the terms “include” and “comprise” are used in an open-ended fashion, and thus should be interpreted to mean “include, but not limited to . . . ”. Also, the term “couple” is intended to mean either an indirect or direct electrical connection. Accordingly, if one device is coupled to another device, that connection may be through a direct electrical connection, or through an indirect electrical connection via other devices and connections.
The present invention provides integrity check methods applied to a wide range of electronic devices on the market such as optical storage devices, cellular phones, and personal digital assistants (PDAs). In particular, according to some embodiments of the present invention, the electronic devices can be embedded systems.
Please refer to
According to this embodiment, the circuit 100 comprises a chip 110 and a non-volatile memory such as a flash memory 120 (e.g. a parallel flash memory or a serial flash memory), and the chip 110 comprises a read only memory (ROM) 112, a microprocessor 114, and a dynamic random access memory (DRAM) 116. The microprocessor 114 is capable of executing an integrity check program code for controlling the integrity check according to the integrity check method 910 shown in
In Step 912, derive an initial address and a length of data stored in the non-volatile memory within the electronic device. According to this embodiment, the non-volatile memory is the flash memory 120. In addition, the data 120D stored in the flash memory 120 shown in
According to one implementation choice of this embodiment, only a portion of the data 120D, for example, the boot code and the program code within the data 120D, is predetermined to be checked, so the initial address and the length mentioned above correspond to the boot code and the program code within the data 120D shown in
In the loop comprising Step 914 and Step 916, the integrity check method 910 starts fetching data stored in the non-volatile memory into a specific memory. According to this embodiment, the specific memory is the DRAM 116 shown in
In the loop comprising Step 914 and Step 916 according to this embodiment, during fetching the portion of the external data into the specific memory, Step 916 checks whether the size of the fetched data in the specific memory (i.e. the DRAM 116) reaches a predetermined value Dth1, where the predetermined value Dth1 is less than the total size of the external data. In Step 916, if the size of the fetched data in the specific memory reaches the predetermined value Dth1, enter Step 918; otherwise, re-enter Step 914.
In Step 918, enable an integrity check, and complete fetching all the data predetermined to be fetched from the non-volatile memory into the specific memory. The integrity check is not disabled before all the fetched data in the specific memory is checked.
According to different implementation choices of this embodiment, the integrity check mentioned above can be performed according to at least one algorithm of various algorithms such as SHA, CRC, DSA, RSA, EDC, and checksum algorithms. In addition, the predetermined value Dth1 mentioned above is typically predetermined to be a minimum size required for performing the integrity check according to the algorithm. As a result, once the size of the fetched data in the specific memory reaches the minimum size required for performing the integrity check, the integrity check is enabled in Step 918. Therefore, in contrast to the related art, the efficiency of the total operations required for performing the integrity check (e.g. the fetching data and the integrity check operations) is greatly increased according to the present invention since the integrity check is enabled in an earlier phase before all the data predetermined to be fetched from the non-volatile memory into the specific memory is completely fetched.
In Step 920, check whether an integrity check failure occurs. If an integrity check failure occurs, enter Step 922 to stay in the current status to prevent data stored in the non-volatile memory (i.e. the data 120D) from being utilized, so the operation of the electronic device is halted. Conversely, if no integrity check failure occurs, enter a normal phase that is predetermined to be entered, for example, a phase for utilizing the data stored in the non-volatile memory. According to this embodiment, as the non-volatile memory is the flash memory 120, firmware execution utilizing the firmware boot code and the program code of the main loop startup and check flow within the data 120D stored in the flash memory 120 can be the normal phase to be entered, as shown in
In addition, in Step 914 and Step 918 of this embodiment, the integrity check method 910 may trigger direct memory access (DMA) to fetch the portion of the external data into the specific memory.
According to this embodiment, the ROM 112 is an internal memory of the chip 110. According to a variation of this embodiment, the ROM 112 can be positioned outside the chip 110. According to a variation of this embodiment, the chip 110 is replaced with a processing module comprising the ROM 112, the microprocessor 114, and the DRAM 116, where the processing module has the same functions as those of the chip 110.
According to a variation of this embodiment, the internal memory mentioned above (i.e. the DRAM 116) is replaced with a static random access memory (SRAM), and the integrity check program code stored therein is protected from being altered.
According to a variation of this embodiment, the criterion in Step 916 is slightly changed, where the notation “>” for representing “greater than” is replaced with the notation “≧” for representing “greater than or equal to”.
Please refer to
This embodiment is a variation of the embodiment shown in
Although each of the units shown in
Please refer to
This embodiment is a variation of the embodiment shown in
In contrast to the circuit 100 shown in
In contrast to the related art, the integrity check methods and related circuits of the present invention have greater efficiency during operations required for performing the integrity check.
It is another advantage of the present invention that the integrity check methods and related circuits of the present invention provide the electronic devices with higher level security in contrast to the related art. The portion of the external data mentioned above, and the control-related data especially, are not too great to be checked in time by utilizing the integrity check methods and related circuits of the present invention.
It is another advantage of the present invention that embedded systems implemented by utilizing the integrity check methods and related circuits of the present invention are cost effective since the design cost per lot is greatly reduced as the number of lots increases. Those skilled in the art will readily observe that numerous modifications and alterations of the device and method may be made while retaining the teachings of the invention. Accordingly, the above disclosure should be construed as limited only by the metes and bounds of the appended claims.
