US 12,067,110 B2
Method and apparatus for establishing a software root of trust on an untrusted computer system
Virgil D. Gligor, Pittsburgh, PA (US); and Shan Leung Woo, Pittsburgh, PA (US)
Assigned to Carnegie Mellon University, Pittsburgh, PA (US)
Appl. No. 17/426,519
Filed by CARNEGIE MELLON UNIVERSITY, Pittsburgh, PA (US)
PCT Filed Jan. 24, 2020, PCT No. PCT/US2020/015017
§ 371(c)(1), (2) Date Jul. 28, 2021,
PCT Pub. No. WO2020/167448, PCT Pub. Date Aug. 20, 2020.
Claims priority of provisional application 62/918,822, filed on Feb. 14, 2019.
Prior Publication US 2022/0108006 A1, Apr. 7, 2022
Int. Cl. G06F 21/00 (2013.01); G06F 21/54 (2013.01); G06F 21/57 (2013.01)
CPC G06F 21/54 (2013.01) [G06F 21/57 (2013.01); G06F 21/575 (2013.01); G06F 2221/034 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for establishing a local software root of trust on an untrusted computing device in an unknown state, comprising: sending chosen content to the untrusted computing device, the chosen content including data and executable code; receiving an indication from the untrusted computing device indicating that the untrusted computing device was initialized to the chosen content; sending a nonce to the untrusted computing device; receiving a result of the execution of a portion of the executable code from the untrusted computing device, the portion of the executable code being selected for execution as a function of the nonce and being executed as a function of the data; determining that the result has been received from the untrusted computing device within a maximum time from the sending of the nonce; comparing the result to a known correct result; and verifying a local software root of trust on the untrusted computing device if the result is correct and has been received within the maximum time.