Client Software Attestation
This patent describes a computer-implemented method for a server computing device to verify the integrity of a software application running on a client computing device. The process involves executing software on the server that communicates with an attestation server device. A client software application on the client computing device calculates a cryptographic hash fingerprint of its code image, sending it to the attestation server to prove integrity. The attestation server generates a pass/fail result and communicates it to the server using a signed token. This communication happens indirectly via the client computing device, using a shared secret key to sign the token. The server, upon receiving a service/data request and signed token from the client, adjusts its behaviour based on the prior attestation result. If attestation fails, the server denies requested services/data.
US Patent 11,163,858 B2
The invention claimed is:
1. A computer-implemented method of enabling a server computing device to determine if a client software application executing on a client computing device has not been tampered, the method comprising the steps of:
software executing on the server computing device, the software communicating either directly or indirectly with an attestation server;
the client software application running on the client computing device, the client software application communicating with the same said attestation server;
the client software application calculating a cryptographic hash fingerprint of its executing code image, wherein the cryptographic hash fingerprint is communicated to the attestation server to prove that the client software application is untampered;
the attestation server generating a pass or fail attestation result;
communicating the attestation result between the attestation server and the server computing device;
controlling the behaviour of the server computing device in a way that is conditional on whether a prior attestation of the client software application was a pass or fail attestation result,
wherein the communication between the attestation server and the server computing device is communicated indirectly via the client computing device by use of a signed token provided from the attestation server to the client computing devices, in which:
a shared secret key is known by the attestation server and the server computing device but not by the client computing device;
said shared secret key being used to sign the token such that it proves that the signer is in possession of the secret key.
The items listed above are protected by patents held by Approov Ltd or CriticalBlue Ltd.
Please note that the enumeration of products and patents provided might not be exhaustive. Some of the products listed here could potentially be encompassed by patents within the United States and other regions, which might not be explicitly mentioned.
165 University Avenue
Palo Alto, CA 94301 USA
P: +1 (650) 322-5300
181 The Pleasance
EH8 9RU, United Kingdom
P: +44 0131 655 1500