Secure storage of hashes within a distributed ledger

The present disclosure describes systems and methods for verification of data, including updates to applications, firmware, operating system libraries or other such data. This may be done through the use of a distributed ledger system to provide a secure anti-tamper mechanism for software and firmware updates that may be independently accessed and verified by any device. Distributed ledger systems, sometimes referred to as block chains, are online data storage systems with cryptography-based architecture providing links between records stored in “blocks”. Each block contains a hash of a previous block, providing a chain of linked blocks that are immutable: any alteration of a record changes the hash of the subsequent block, which changes the hash of the next subsequent block, etc. Accordingly, any modification of data is easily detectable.

Description

RELATED APPLICATIONS

The present application claims the benefit of and priority as a continuation to U.S. application Ser. No. 15/880,209, entitled “Secure Storage of Hashes within a Distributed Ledger System,” filed Jan. 25, 2018, the entirety of which is incorporated by reference herein.

BACKGROUND

Computing devices may receive periodic updates to firmware and software, including system files, anti-virus libraries, configuration files, or other such data. These updates are frequently intended to fix security flaws or holes in prior versions of the firmware or software; however, if the provided update is, itself, corrupted or the system providing the update has been compromised, the update may infect the computing device with malicious software or malware.

SUMMARY

The present disclosure describes a use of a distributed ledger system to provide a secure anti-tamper mechanism for software and firmware updates that may be independently accessed and verified by any device. Distributed ledger systems, sometimes referred to as block chains, are online data storage systems with cryptography-based architecture providing links between records stored in “blocks”. Each block contains a hash of a previous block, providing a chain of linked blocks that are immutable: any alteration of a record changes the hash of the subsequent block, which changes the hash of the next subsequent block, etc. Accordingly, any modification of data is easily detectable.

The results of cryptographic hash functions applied to inputs of system or firmware updates provided by a trusted server may be stored in the records. Other devices may receive the updates, generate corresponding hash results, and compare the results to those stored in the ledger system to verify that the received updates have not been compromised by malicious attackers or man-in-the-middle attacks or otherwise corrupted. Even if the trusted server is subsequently compromised, the immutable nature of the ledger system prevents an attacker from modifying the recorded hashes to deceive client devices into executing malware.

Get in touch

Want to find out how Fortress can solve problems specific to your business?

Let's connect!

Secure Storage of Hashes Within a Distributed Ledger 3

Secure Storage of Hashes Within a Distributed Ledger 4 Secure Storage of Hashes Within a Distributed Ledger 5 Secure Storage of Hashes Within a Distributed Ledger 6

189 S. Orange Avenue, Ste 1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com

COPYRIGHT © 2020. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

Subscribe to Fortress Newsletter

For breach reports, threat intelligence, regulatory updates, cyber security news alerts and more, sign up to receive the Fortress Newsletter.




No, thanks!