Unlock instant, AI-driven research and patent intelligence for your innovation.

Apparatus and method for provisioning endorsement key certificates for firmware trusted platform modules

A platform module and trusted technology, applied in the direction of secure communication devices, platform integrity maintenance, computer security devices, etc., can solve problems such as inability to supply device keys

Active Publication Date: 2017-12-29
QUALCOMM INC
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Device-specific keys cannot be provisioned in software since it's all in software
Also, due to the time-consuming secure production of EPS, EK and EKCert, it is especially challenging to supply these when the final device (e.g., mobile phone, tablet, or other such device) is made in the factory

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Apparatus and method for provisioning endorsement key certificates for firmware trusted platform modules
  • Apparatus and method for provisioning endorsement key certificates for firmware trusted platform modules
  • Apparatus and method for provisioning endorsement key certificates for firmware trusted platform modules

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] The word "exemplary" is used herein to mean "serving as an example, instance, or illustration." Any embodiment described herein as "exemplary" should not necessarily be construed as preferred or advantageous over other embodiments.

[0030] refer to figure 2 and 3, aspects of the invention may reside in a method 200 for provisioning an endorsement key (EK) certificate for a firmware trusted platform module (fTPM). In the method, the fTPM receives a Derived Key (DK) from a Hardware Trusted Platform (HWTP) 820 (step 210). fTPM is implemented in HWTP, DK is derived from a hardware key (HWK) securely stored in HWTP, HWK is specific to HWTP, and HWK is not available to fTPM. The fTPM generates an approved primary seed (EPS) based on the DK (step 220), and generates a hashed approved primary seed (HEPS) based on a hash of the EPS (step 230). The fTPM forwards the HEPS to the provisioning station (step 240), and receives the EK certificate corresponding to the HEPS from t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a method of provisioning an endorsement key EK certificate for a firmware trusted platform module fTPM. In the method, the fTPM receives a derived key DK from a Hardware Trusted Platform HWTP. The fTPM is implemented in the HWTP, the DK is derived from a hardware key HWK securely stored in the HWTP, the HWK is unique to the HWTP, and the HWK is not available to the fTPM of. The fTPM generates an approved primary seed EPS based on the DK, and generates a hashed approved primary seed HEPS based on a hash of the EPS. The fTPM forwards the HEPS to a provisioning station and receives an EK certificate corresponding to the HEPS from the provisioning station.

Description

[0001] Cross References to Related Applications [0002] This application claims the benefit of US Provisional Application No. 61 / 832,678, filed June 7, 2013, which is incorporated herein by reference. technical field [0003] The present invention generally relates to provisioning an endorsement primary seed (EPS) and endorsement key certificate for a firmware trusted platform module (fTPM). Background technique [0004] EPS is a fixed size random value that is fixed / bound to a specific Trusted Platform Module (TPM). The EPS value is kept secret. The Endorsement Key (EK) is an asymmetric key pair (eg, RSA / ECC key) generated using EPS. The private component of this asymmetric key is secret. The corresponding EK certificate (EKCert) is generated and signed by the certification authority that vouches for the corresponding EK. The manufacturer of each TPM (Hardware Module) supplies a unique EPS and a corresponding EKCert into each TPM. [0005] For a firmware TPM (fTPM), ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/53G06F21/57G06F21/72
CPCG06F21/53G06F21/572G06F21/72H04L9/0866H04L9/0869H04L9/0877H04L9/0897H04L9/3263
Inventor B·V·J·马诺哈尔A·格罗弗E·戈尔曼
Owner QUALCOMM INC