METHOD OF TRUSTED DEVICE BOOT WITH ABILITY TO CERTIFY DIFFERENT BOOT STAGES BY SEVERAL INDEPENDENT KEY OWNERS Russian patent published in 2023 - IPC G06F21/57 

FIELD: computing.

SUBSTANCE: invention is related to a method, a machine-readable storage medium and a system for trusted device booting with the possibility of certification of different boot stages by several independent key owners. The system contains two isolated program code execution modules located on the processor chip - an isolated security domain and at least one main processor executing boot loader code, OS image, read-only memory (ROM), code in the processor ROM, one-time programmable memory (OPM), non-volatile memory, while the boot contains N stages, in which the first stage, (N-2) intermediate stages and the last stage can be distinguished. Moreover, at each stage, keys belonging to different owners can be used for certification, where the first key of the first stage is entered in an exclusively trusted manner into immutable memory, and the remaining type I keys of the first stage, type I keys of the intermediate and last stages can be entered in a certified container, containing an electronic signature, which is verified only upon entry; the isolated security domain and the main processor are configured to exchange data, including for working with key information: the hash sum of the key that forms the root of trust, located in one-time programmable memory (OPM) through the interaction interface. The non-volatile memory is configured to store a hierarchy of loaders, where each loading stage corresponds to one or more pairs of asymmetric cryptographic keys, wherein the private key of the pair is used during certification, and the public key is used when verifying certification, where public cryptographic keys can be: located in non-volatile memory (type I) or placed in the form of a digital certificate (type II); the RAM is configured to load at least one bootloader in the hierarchy of bootloaders from non-volatile memory, the isolated security domain contains program code, which is accessed to check this bootloader with hardware, through the interaction interface between the isolated security domain and the processor, determining the validity of the key, which is contained in the bootloader image, while the OPM contains information about the keys, which is intended to determine the validity of the key, the bootloader is configured to transfer control to it if it is successfully verified, during which, in response to the fact that the key is valid, the image signature is verified; the image of at least one next bootloader is configured to be parsed by the previous bootloader by reading its signature and public key, the hash of this key is calculated and the presence of such a hash in the OPM is checked, in response to the fact that the hash is not found, authentication is considered failed, in response to the fact that the hash is found in the OPM, a check of whether the revocation sign of this key is set in the OPM is carried out, in response to the fact that the key is revoked, the authentication is considered failed, in response to the fact that the key is valid, the signature of the image on the public key is verified, in case where the signature verification fails, the authentication is considered failed, the at least the next verified bootloader from the bootloader hierarchy is configured to transfer control to it in response to the fact that the signature verification is completed successful, in response to the authentication failing, the boot process is terminated; the previous bootloader is configured to verify at least each next bootloader in the bootloader hierarchy using the active intermediate stage key; the OS image contains a digital certificate generated signed by the last stage key, where the last stage key is signed by the active key of the intermediate stage; the OS image is verifiable using a digital certificate and an active middle stage key.

EFFECT: provision of secure booting of the device from the boot loader to the operating system (OS), protected from unauthorized actions.

16 cl, 8 dwg