Firmware verified boot

Assignee

• Google LLC · US

Inventors

• Gaurav Shah · Los Angeles, US
• William Alexander Drewry · Nashville, US
• Randall R. Spangler · San Jose, US
• Ryan Tabone · San Francisco, US
• Sumit Gwalani · Hyderabad, IN
• Luigi Semenzato · Oakland, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3247
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Methods and apparatus for verifying a boot process of a computing system are disclosed. An example computer-implemented method includes reading, by a computing system during a boot process, a header section of a read-write portion of firmware of the computing system. The example method further includes generating, using a first cryptographic hash algorithm, a message digest corresponding with the header. The example method also includes decrypting, using a first public-key, an encrypted signature corresponding with the header. The example method still further includes comparing the message digest corresponding with the header and the decrypted signature corresponding with the header. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header match, the example method includes continuing the boot process. In the event the message digest corresponding with the header and the decrypted signature corresponding with the header do not match, the example method includes halting the boot process.