Search

US-12625967-B2 - Multistage device boot with independent stage keys where first authentication tag is generated during previous boot operation

US12625967B2US 12625967 B2US12625967 B2US 12625967B2US-12625967-B2

Abstract

Disclosed are systems, apparatuses, methods, and computer-readable media for booting a device with independent stage keys. In one illustrative example, a computing device can generate a first stage key for a first stage of a current boot operation of the device based on a private key associated with the device. The computing device can authenticate a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation. computing device can execute the first firmware based on authenticating the first firmware.

Inventors

  • Samar Asbe
  • Aseem BRAHMA
  • Shivaprasad HONGAL

Assignees

  • QUALCOMM INCORPORATED

Dates

Publication Date
20260512
Application Date
20230810

Claims (20)

  1. 1 . A method for booting a device, the method comprising: generating a first stage key for a first stage of a current boot operation of the device based on a private key associated with the device; authenticating a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation and the first authentication tag is stored in a restricted storage medium; and executing the first firmware based on authenticating the first firmware.
  2. 2 . The method of claim 1 , wherein authenticating the first firmware comprises: computing, using symmetric encryption, a first value associated with the first firmware based on the first stage key; and comparing the first firmware to the first authentication tag to authenticate the first firmware.
  3. 3 . The method of claim 1 , wherein the first authentication tag is generated based on a symmetric encryption using the private key and a boot value corresponding to a boot stage of the current boot operation.
  4. 4 . The method of claim 3 , further comprising: updating the boot value to correspond to a second stage based on validating each firmware associated with the first stage.
  5. 5 . The method of claim 4 , further comprising: after updating the boot value, generating a second stage key for the second stage of the current boot operation based on the private key and the boot value; authenticating a second firmware using a second authentication tag and the second stage key; and executing the second firmware based on authenticating the second firmware.
  6. 6 . The method of claim 1 , further comprising: authenticating the first firmware using a public key based on the first authentication tag being unavailable; and generating the first authentication tag of the first firmware based on authenticating the first firmware using the public key.
  7. 7 . The method of claim 1 , further comprising: authenticating the first firmware using a public key based on identifying the first firmware does not correspond to the first authentication tag; and generating an updated authentication tag for the first firmware based on authenticating the first firmware using the public key.
  8. 8 . The method of claim 7 , wherein the first firmware was updated by the device during a previous power cycle of the device.
  9. 9 . The method of claim 1 , further comprising: loading an initial boot stage from a boot read only memory; and authenticating the initial boot stage using a public key associated with the initial boot stage, wherein the first stage key is generated based on authenticating of the initial boot stage.
  10. 10 . The method of claim 1 , further comprising: authenticating the first authentication tag based on a message authentication code; in response to failure to authenticate the first authentication tag, authenticating the first firmware using a public key; and generating an updated authentication tag for the first firmware based on authenticating the first firmware.
  11. 11 . The method of claim 10 , wherein the first authentication tag and the first firmware are stored in a single storage medium.
  12. 12 . The method of claim 1 , further comprising: authenticating a second firmware of the first stage using a second authentication tag and the first stage key; and executing the second firmware based on authenticating the second firmware.
  13. 13 . An apparatus configured for multi-stage boot, comprising: at least one memory; and at least one processor coupled to the at least one memory and configured to: generate a first stage key for a first stage of a current boot operation of the apparatus based on a private key associated with the apparatus; authenticate a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation and the first authentication tag is stored in a restricted storage medium; and execute the first firmware based on authenticating the first firmware.
  14. 14 . The apparatus of claim 13 , wherein the at least one processor is configured to: compute, use symmetric encryption, a first value associated with the first firmware based on the first stage key; and compare the first firmware to the first authentication tag to authenticate the first firmware.
  15. 15 . The apparatus of claim 13 , wherein the first authentication tag is generated based on a symmetric encryption using the private key and a boot value corresponding to a boot stage of the current boot operation.
  16. 16 . The apparatus of claim 15 , wherein the at least one processor is configured to: update the boot value to correspond to a second stage based on validating each firmware associated with the first stage.
  17. 17 . The apparatus of claim 16 , wherein the at least one processor is configured to: after updating the boot value, generate a second stage key for the second stage of the current boot operation based on the private key and the boot value; authenticate a second firmware using a second authentication tag and the second stage key; and execute the second firmware based on authenticating the second firmware.
  18. 18 . The apparatus of claim 13 , wherein the at least one processor is configured to: authenticate the first firmware using a public key based on the first authentication tag being unavailable; and generate the first authentication tag of the first firmware based on authenticating the first firmware using the public key.
  19. 19 . The apparatus of claim 13 , wherein the at least one processor is configured to: authenticate the first firmware using a public key based on identifying the first firmware does not correspond to the first authentication tag; and generate an updated authentication tag for the first firmware based on authenticating the first firmware using the public key.
  20. 20 . The apparatus of claim 19 , wherein the first firmware was updated by the apparatus during a previous power cycle of the apparatus.

Description

TECHNICAL FIELD The disclosure relates generally to electronic devices and, more specifically, but not exclusively, to systems and techniques for multistage boot with independent stage keys. BACKGROUND Computing devices, such as mobile phones, tablets, and laptop computers, include many different components that support peripheral functions. For example, a cellular telephone may include the primary function of enabling and supporting cellular telephone calls and the peripheral functions of a still camera, a video camera, global positioning system (GPS) navigation, web browsing, sending and receiving emails, sending and receiving text messages, push-to-talk capabilities, etc. Many of these portable devices include a system-on-chip (SoC) to enable one or more primary and peripheral functions on the specific device. An SoC generally includes multiple central processing unit (CPU) cores embedded in an integrated circuit or chip and coupled to a local bus. The CPU cores may further be arranged into or more computing clusters. The SoC may generally include hardware components and other processors. For example, an SoC may include one or more CPUs, CPUs with multiple cores, one or more digital signal processors, etc., grouped into one or more subsystems. An SoC can also include other components, such as a network interface, a programmable network processor, and other embedded components. The SoC and other CPUs rely on a boot sequence or a boot code upon powering up. The boot sequence is the initial set of operations that the SoC performs when power is first applied to the SoC. The boot code enables a process (e.g., bootstrapping) that initializes and boots the SoC to load and execute an operating system (OS). The boot code is typically stored in a read-only memory (ROM) for quick access, low complexity, spatial efficiency, low cost, and security reasons. SUMMARY The following presents a simplified summary relating to one or more aspects disclosed herein. Thus, the following summary should not be considered an extensive overview relating to all contemplated aspects, nor should the following summary be considered to identify key or critical elements relating to all contemplated aspects or to delineate the scope associated with any particular aspect. Accordingly, the following summary presents certain concepts relating to one or more aspects relating to the mechanisms disclosed herein in a simplified form to precede the detailed description presented below. Systems and techniques are described herein for providing multistage boot with independent stage keys. In one illustrative example, an apparatus configured for multistage boot is provided. The apparatus includes at least one memory and at least one processor coupled to the at least one memory. The at least one processor is configured to: generate a first stage key for a first stage of a current boot operation of the device based on a private key associated with the device; authenticate a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation; and execute the first firmware based on authenticating the first firmware. In another example, a method of booting a device is provided. The method includes: generating a first stage key for a first stage of a current boot operation of the device based on a private key associated with the device; authenticating a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation; and executing the first firmware based on authenticating the first firmware. In another example, a non-transitory computer-readable medium is provided that has stored thereon instructions that, when executed by one or more processors, cause the one or more processors to: generate a first stage key for a first stage of a current boot operation of the device based on a private key associated with the device; authenticate a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation; and execute the first firmware based on authenticating the first firmware. In another example, an apparatus for booting using at least one firmware is provided. The apparatus includes: means for generating a first stage key for a first stage of a current boot operation of the device based on a private key associated with the device; means for authenticating a first firmware of the first stage using a first authentication tag and the first stage key, wherein the first authentication tag is generated during a previous boot operation; and means for executing the first firmware based on authenticating the first firmware. Aspects generally include a method, apparatus, system, computer program product, non-transitory computer-readable medium, u