Microcode-based challenge/response process

摘要

Augmented processor hardware contains a microcode interpreter. When encrypted microcode is included in a challenge from a service requiring authentication, the microcode may be passed to the microcode interpreter. Based on decryption and execution of the microcode taking place at the processor hardware, tampering by potentially abusive device software may be avoided.

主权项

1. A method of responding to a challenge at a device, said method comprising:
receiving an unsolicited challenge from an authentication server, said challenge including an encrypted block of microcode, said unsolicited challenge requiring no previous communication from the device to the authentication server; passing said encrypted block of microcode to a microcode interpreter, thereby allowing:
decryption, by said microcode interpreter, of said encrypted block of microcode to form decrypted microcode; andexecution, by said microcode interpreter, of said decrypted microcode, where said execution of said decrypted microcode includes accessing a software memory space of said device; receiving a result of said execution of said decrypted microcode; based on said result, generating a response; and transmitting said response to said authentication server.