| CPC G06F 21/575 (2013.01) [G06F 21/572 (2013.01); H04L 9/0861 (2013.01); H04L 9/0897 (2013.01); H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01); G06F 2221/033 (2013.01)] | 8 Claims |
|
1. An electronic device comprising:
at least one memory configured to:
at a first time point, store a first boot image including a first protected boot key and a protected execution image, and
at a second time point following the first time point, store a second boot image including a second protected boot key different from the first protected boot key; and
at least one processor configured to:
store a same root key at the first time point and the second time point,
at the first time point, extract a first boot key using the stored same root key and the first protected boot key and perform a boot operation using the extracted first boot key, and
at the second time point, extract a second boot key using the stored same root key and the second protected boot key and perform the boot operation using the extracted second boot key;
generate a derived key according to a predetermined key protection method using the stored same root key and the first protected boot key and the second protected boot key,
perform verification according to the predetermined key protection method using the generated derived key to extract a boot key from the protected first boot key and the protected second boot key, and
perform the boot operation using the extracted boot key.
|