US 11,876,791 B2
Message authentication with secure code verification
Kerry Maletsky, Monument, CO (US); Oscar Sanchez, Colorado Springs, CO (US); and Nicolas Schieli, Los Gatos, CA (US)
Assigned to Amtel Corporation, San Jose, CA (US)
Filed by Atmel Corporation, Chandler, AZ (US)
Filed on Mar. 30, 2020, as Appl. No. 16/835,173.
Application 16/835,173 is a continuation of application No. 15/131,919, filed on Apr. 18, 2016, granted, now 10,616,197.
Prior Publication US 2020/0236097 A1, Jul. 23, 2020
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); H04L 9/40 (2022.01); H04L 67/025 (2022.01); H04L 67/125 (2022.01); H04L 9/32 (2006.01); H04L 67/01 (2022.01); H04L 67/60 (2022.01)
CPC H04L 63/08 (2013.01) [H04L 9/3242 (2013.01); H04L 9/3247 (2013.01); H04L 63/12 (2013.01); H04L 67/01 (2022.05); H04L 67/025 (2013.01); H04L 67/125 (2013.01); H04L 67/60 (2022.05)] 10 Claims
OG exemplary drawing
 
1. A system comprising:
a client device storing a code; and
a security device coupled to the client device and to:
select a plurality of memory address ranges of an authorized code;
determine a respective portion of the authorized code for each of the plurality of memory address ranges;
calculate a respective first property of each determined portion of the authorized code;
store first information indicative of the respective first properties of the portions of the authorized code and second information indicative of the respective memory address ranges in the security device; and
respectively associate memory address ranges from among the plurality of memory address ranges with first properties from among the first properties of the portions;
receive a first property of a code generated by the client device;
verify correctness of the first property of the code based on information associated with the authorized code to determine that the code is authorized, the information being stored within the security device;
in response to determining that the code is authorized, enable the security device to access first secret data stored within secure storage of the security device; and
generate a second property of a first message based on the first secret data,
wherein the client device is to:
receive the second property of the first message from the security device;
generate the second property of a second message based on second secret data stored within the client device, the second secret data corresponding to the first secret data stored within the security device;
determine whether the second property of the second message is valid based on a comparison of the second property of the second message and the second property of the first message; and
determine whether or not to run an application on the client device using the code based on a result of determining whether the second property of the second message is valid.