摘要 |
The present invention relates to a method for providing an update of code on a memory-constrained device, wherein the size of the total memory of the device is of bit size M and wherein the size of the memory necessary for updating the code is of bit size E, comprising the steps of a) Determining the minimum necessary compressed code space - MNCCS - of the code update by a verifying entity, b) Dividing the update code into a plurality of N chunks by said verifying entity, c) Applying an All-Or-Nothing Encryption scheme - AONE - by the verifying entity on each chunk, comprising - an encryption step using an encryption key on each separate chunk for encryption, such that the total encryption size of all encrypted chunks equals the size of the total memory subtracted with said determined MNCCS, outputting intermediate ciphertext blocks for each chunk, wherein an intermediate ciphertext block can be recovered after obtaining all ciphertext blocks of all AONE encrypted chunks but not the encryption key and - a transformation step transforming the intermediate ciphertext blocks and outputting a plurality of ciphertext blocks for each encrypted chunk - AONE encrypted chunk d) Providing integrity information of least one intermediate ciphertext block of each AONE encrypted chunk, e) Verifying the integrity of said one or more intermediate ciphertext blocks based on the provided integrity information f) Providing said encryption key of the AONE for decryption of the code update if integrity was verified and preferably g) Decrypting the intermediate ciphertext blocks using the provided encryption key and updating the code. |