Systems and methods for binding a hardware component and a platform

US 20050289343A1
Filed: 11/04/2004
Published: 12/29/2005
Est. Priority Date: 06/23/2004
Status: Abandoned Application

First Claim

Patent Images

1. A hardware-based method for binding a hardware component and a platform, comprising method operations of:

establishing a cryptographic binding between the hardware component and the platform, the cryptographic binding being registration of cryptographic keys between the hardware component and the platform; and

performing an identity exchange between the hardware component and the platform using the cryptographic keys as inputs to cryptographic operations, the identity exchange enabling a challenger to verify the identity of a responder.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A hardware-based method for binding a hardware component and a platform is provided. In this hardware-based method, a cryptographic binding is established between the hardware component and the platform. The cryptographic binding is the registration of cryptographic keys between the hardware component and the platform. Subsequently, an identity exchange is performed between the hardware component and the platform using the cryptographic keys as inputs to cryptographic operations, where the identity exchange enables a challenger to verify the identity of a responder. A hardware component to be bound with a platform, a platform identity module, and a system for binding a hardware component and a platform also are described.

77 Citations

View as Search Results

63 Claims

1. A hardware-based method for binding a hardware component and a platform, comprising method operations of:
- establishing a cryptographic binding between the hardware component and the platform, the cryptographic binding being registration of cryptographic keys between the hardware component and the platform; and
  
  performing an identity exchange between the hardware component and the platform using the cryptographic keys as inputs to cryptographic operations, the identity exchange enabling a challenger to verify the identity of a responder.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The method of claim 1, further comprising:
    - restricting interoperation between the hardware component and the platform if the verification of the identity of the responder does not succeed.
  - 3. The hardware-based method of claim 1, wherein the identity exchange is defined by at least one of a platform identity exchange enabling the hardware component to verify the identity of the platform or a component identity exchange enabling the platform to verify the identity of the hardware component.
  - 4. The hardware-based method of claim 1, further comprising:
    - generating an asymmetric key pair, the asymmetric key pair comprising a first asymmetric public key and an asymmetric private key.
  - 5. The hardware-based method of claim 1, wherein the method operation of establishing the cryptographic binding between the hardware component and the platform includes, registering asymmetric public keys.
  - 6. The hardware-based method of claim 5, wherein the method operation of registering the asymmetric public keys includes, if a public key method is used, providing a first asymmetric public key through a secure administrative path;
    - if a digital certificate method is used, providing a second asymmetric public key of a certificate authority used to sign a first digital certificate through the secure administrative path, the digital certificate comprising an asymmetric public key and first identifying information; and
      
      if a fingerprint method is used, providing a fingerprint value of the first asymmetric public key through the secure administrative path.
  - 7. The hardware-based method of claim 1, further comprising:
    - if a digital certificate method is used, including a second digital certificate with transmissions that are signed using an asymmetric private key, the second digital certificate comprising a first asymmetric public key and second identifying information that are signed by a certificate authority; and
      
      if a fingerprint method is used, including a third asymmetric public key with the transmissions that are signed using the asymmetric private key.
  - 8. The hardware-based method of claim 1, wherein the method of operation of establishing the cryptographic binding between the hardware component and the platform includes, providing a secret key to the hardware component through a first secure administrative path;
    - and providing a secret key to the platform through a second secure administrative path, wherein the identity exchange uses one of a symmetric cryptography method and a one-way hash method.
  - 9. The hardware-based method of claim 1, wherein the method operation of establishing the cryptographic binding between the hardware component and the platform includes, performing a secret key exchange between the hardware component and the platform, wherein the identity exchange uses one of a symmetric cryptography method and a one-way hash method.
  - 10. The hardware-based method of claim 9, wherein the method operation of performing the secret key exchange includes, generating the secret key;
    - storing the secret key;
      
      encrypting the secret key using an asymmetric public key; and
      
      transmitting the encrypted secret key.
  - 11. The hardware-based method of claim 9, wherein the method operation of performing the secret key exchange includes, receiving an encrypted secret key;
    - decrypting the encrypted secret key using an asymmetric private key; and
      
      storing the decrypted secret key.
  - 12. The hardware-based method of claim 9, wherein the method operation of performing the secret key exchange includes, generating a first Diffie-Hellman key pair, the first Diffie-Hellman key pair including a first Diffie-Hellman public key and a first Diffie-Hellman private key;
    - receiving a second Diffie-Hellman key pair, the second Diffie-Hellman key pair including a second Diffie-Hellman public key and a second Diffie-Hellman private key;
      
      generating the secret key from the first and second Diffie-Hellman private keys and the first and second Diffie-Hellman public keys according to a Diffie-Hellman algorithm; and
      
      storing the secret key.
  - 13. The hardware-based method of claim 9, wherein the method operation of performing the secret key exchange includes, signing a secret key exchange transmission using an asymmetric private key.
  - 14. The hardware-based method of claim 9, wherein the method operation of performing the secret key exchange includes, verifying a signed secret key exchange transmission using an asymmetric public key.
  - 15. The hardware-based method of claim 14, wherein the method of operation of verifying the signed secret key exchange transmission includes, verifying a signature of a certificate authority over a second digital certificate using a second asymmetric public key as input to an asymmetric cryptographic operation;
    - and checking for a match between second identifying information and first identifying information, wherein a registration of the asymmetric public key uses a digital certificate method.
  - 16. The hardware-based method of claim 14, wherein the method of operation of verifying the signed secret key exchange transmission includes, verifying that a fingerprint of a third asymmetric public key matches a fingerprint of the first asymmetric public key, wherein a registration of the asymmetric public key uses a fingerprint method.
  - 17. The hardware-based method of claim 1, wherein the method operation of performing the identity exchange includes:
    - receiving a challenge, the challenge including a nonce;
      
      encrypting the nonce using an asymmetric private key as input to an asymmetric cryptographic algorithm, the encryption providing an encrypted nonce; and
      
      transmitting a response, the response including the encrypted nonce, wherein the identity exchange uses an asymmetric cryptography method.
  - 18. The hardware-based method of claim 1, wherein the method operation of performing the identity exchange includes, transmitting a challenge, the challenge including a nonce;
    - receiving a response, the response including an encrypted nonce;
      
      decrypting the response using an asymmetric public key as input to an asymmetric cryptographic algorithm, the decryption providing a decrypted nonce; and
      
      validating the response, wherein the identity exchange uses an asymmetric cryptography method.
  - 19. The hardware-based method of claim 18, wherein the method operation of validating the response includes, checking that the decrypted nonce matches a nonce transmitted in a challenge.
  - 20. The hardware-based method of claim 18, wherein the response includes, if a digital certificate method is used, a second digital certificate comprised of the asymmetric public key and first identifying information;
    - and if a fingerprint method is used, a third asymmetric public key, wherein the identity exchange uses an asymmetric cryptography method.
  - 21. The hardware-based method of claim 18, wherein the method operation of validating the response includes, verifying a signature of a certificate authority over a second digital certificate using second asymmetric public key as input to an asymmetric cryptographic operation;
    - and checking for a match between second identifying information and first identifying information, wherein a registration of the asymmetric public key uses a digital signature method.
  - 22. The hardware-based method of claim 18, wherein the method operation of validating the response includes, verifying that a fingerprint of a third asymmetric public key matches a fingerprint of a first asymmetric public key, wherein a registration of the asymmetric public key uses a fingerprint method.
  - 23. The hardware-based method of claim 1, wherein the method operation of performing the identity exchange includes, receiving a challenge, the challenge including a nonce;
    - encrypting the nonce using a secret key as input to a symmetric cryptographic algorithm, the encryption providing an encrypted nonce;
      
      transmitting the encrypted nonce as a response, wherein the identity exchange uses a symmetric cryptography method.
  - 24. The hardware-based method of claim 1, wherein the method operation of performing the identity exchange includes, transmitting a challenge, the challenge including a nonce;
    - receiving a response, the response including an encrypted nonce;
      
      decrypting the response using a secret key as input to a symmetric cryptographic algorithm, the decryption providing a decrypted nonce; and
      
      validating the response, wherein the identity exchange uses a symmetric cryptography method.
  - 25. The hardware-based method of claim 24, wherein the method operation of validating the response includes, checking that the decrypted nonce matches the nonce transmitted in a challenge.
  - 26. The hardware-based method of claim 1, wherein the method operation of performing the identity exchange includes, receiving a challenge, the challenge including a nonce;
    - computing a first digest using a one-way hash algorithm computed over the nonce and a secret key;
      
      transmitting the first digest as a response, wherein the identity exchange uses a one-way hash method.
  - 27. The hardware-based method of claim 1, wherein the method operation of performing the identity exchange includes, transmitting a challenge, the challenge including a nonce;
    - receiving a response, the response including a first digest;
      
      computing a second digest using a one-way hash algorithm computed over the nonce and a secret key; and
      
      validating the response, wherein the identity exchange uses a one-way hash method.
  - 28. The hardware-based method of claim 27, wherein the method operation of validating the response includes, checking that the first digest matches the second digest.

29. A platform identity module (PIM) for binding a hardware component and a platform, comprising:
- logic for establishing a cryptographic binding between the hardware component and the PIM, the cryptographic binding being registration of cryptographic keys between the hardware component and the PIM; and
  
  logic for performing an identity exchange between the hardware component and the PIM using the cryptographic keys as inputs to cryptographic operations, the identity exchange enabling a challenger to verify the identity of a responder.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 30. The PIM of claim 29, wherein the logic for establishing the cryptographic binding between the hardware component and the PIM includes, logic for registering asymmetric public keys.
  - 31. The PIM of claim 29, wherein the logic for establishing the cryptographic binding between the hardware component and the PIM includes, logic for providing a secret key to the PIM through a secure administrative path, wherein the identity exchange uses one of a symmetric cryptography method and a one-way hash method.
  - 32. The PIM of claim 29, wherein logic for establishing the cryptographic binding between the hardware component and the PIM includes, logic for performing a secret key exchange between the hardware component and the PIM, wherein the identity exchange uses one of a symmetric cryptography method and a one-way hash method.
  - 33. The PIM of claim 32, wherein the logic for performing the secret key exchange includes, logic for receiving an encrypted secret key;
    - logic for decrypting the encrypted secret key using an asymmetric private key; and
      
      logic for storing the secret key.
  - 34. The PIM of claim 32, wherein the logic for performing the secret key exchange includes, logic for receiving an asymmetric public key;
    - and logic for validating an asymmetric public key using asymmetric public key registration information.
  - 35. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for receiving a challenge from the hardware component, the challenge including a nonce;
    - logic for encrypting the nonce using an asymmetric private key as input to an asymmetric cryptographic algorithm; and
      
      logic for transmitting a response to the hardware component, the response including the encrypted nonce, wherein the identity exchange is a platform identity exchange that uses an asymmetric cryptography method.
  - 36. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for transmitting a challenge to a hardware component, the challenge including a nonce;
    - logic for receiving a response from the hardware component, the response including an encrypted nonce;
      
      logic for decrypting the response using an asymmetric private key as input to an asymmetric cryptographic algorithm, the decryption providing the nonce; and
      
      logic for validating the response, wherein the identity exchange is a component identity exchange that uses an asymmetric cryptography method.
  - 37. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for receiving an asymmetric public key;
    - and logic for validating an asymmetric public key using asymmetric public key registration information, wherein the identity exchange uses an asymmetric cryptography method.
  - 38. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for receiving a challenge from the hardware component, the challenge including a nonce;
    - logic for encrypting the nonce using a secret key as input to a symmetric cryptographic algorithm, the encryption providing an encrypted nonce; and
      
      logic for transmitting a response to the hardware component, the response including the encrypted nonce, wherein the identity exchange is a platform identity exchange that uses a symmetric cryptography method.
  - 39. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for transmitting a challenge to the hardware component, the challenge including a nonce;
    - logic for receiving the response from the hardware component, the response including an encrypted nonce;
      
      logic for decrypting the response using a secret key as input to a symmetric cryptographic algorithm, the decryption providing the nonce; and
      
      logic for validating the response, wherein the identity exchange is a component identity exchange that uses a symmetric cryptography method.
  - 40. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for receiving a challenge from the hardware component, the challenge including a nonce;
    - logic for computing a first digest using a one-way hash algorithm computed over the nonce and a secret key; and
      
      logic for transmitting a response to the hardware component, the response including the first digest, wherein the identity exchange is a platform identity exchange that uses a one-way hash method.
  - 41. The PIM of claim 29, wherein the logic for performing the identity exchange includes, logic for transmitting a challenge to the hardware component, the challenge including a nonce;
    - logic for receiving a response from the hardware component, the response including a first digest generated by the hardware component using a one-way hash algorithm computed over the nonce and a secret key;
      
      logic for computing a second digest using a one-way hash algorithm computed over the nonce and a secret key; and
      
      logic for validating the response, wherein the identity exchange is a component identity exchange that uses a one-way hash method.

42. A hardware component to be bound with a platform, comprising:
- logic for establishing a cryptographic binding between the platform and the hardware component, the cryptographic binding being registration of cryptographic keys between the platform and the hardware component; and
  
  logic for performing an identity exchange between the platform and the hardware component using the cryptographic keys as inputs to cryptographic operations, the identity exchange enabling a challenger to verify the identity of a responder.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54)
- - 43. The hardware component of claim 42, wherein the logic for establishing the cryptographic binding between the platform and the hardware component includes, logic for registering asymmetric public keys.
  - 44. The hardware component of claim 42, wherein the logic for establishing the cryptographic binding between the platform and the hardware component includes, logic for providing a secret key to the hardware component through a secure administrative path, wherein the identity exchange uses one of a symmetric cryptography method and a one-way hash method.
  - 45. The hardware component of claim 42, wherein the logic for establishing the cryptographic binding between the platform and the hardware component includes, logic for performing a secret key exchange between the platform and the hardware component, wherein the identity exchange uses one of a symmetric cryptography method and a one-way hash method.
  - 46. The hardware component of claim 42, wherein the logic for performing the secret key exchange includes, logic for receiving an encrypted secret key;
    - logic for decrypting the encrypted secret key using an asymmetric private key; and
      
      logic for storing the secret key.
  - 47. The hardware component of claim 45, wherein the logic for performing the secret key exchange includes, logic for receiving an asymmetric public key;
    - and logic for validating an asymmetric public key using asymmetric public key registration information.
  - 48. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for receiving a challenge from the platform, the challenge including a nonce;
    - logic for encrypting the nonce using an asymmetric private key as input to an asymmetric cryptographic algorithm; and
      
      logic for transmitting a response to the platform, the response including the encrypted nonce, wherein the identity exchange is a component identity exchange that uses an asymmetric cryptography method.
  - 49. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for transmitting a challenge to the platform, the challenge including a nonce;
    - logic for receiving a response from the platform, the response including the nonce encrypted using an asymmetric private key;
      
      logic for decrypting the encrypted nonce using an asymmetric public key; and
      
      logic for validating the response, wherein the identity exchange is a platform identity exchange that uses an asymmetric cryptography method.
  - 50. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for receiving an asymmetric public key;
    - and logic for validating an asymmetric public key using asymmetric public key registration information, wherein the identity exchange uses an asymmetric cryptography method.
  - 51. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for receiving a challenge from the platform, the challenge including a nonce;
    - logic for encrypting the nonce using a secret key as input to a symmetric cryptographic algorithm, the encryption providing an encrypted nonce; and
      
      logic for transmitting a response to the platform, the response including the encrypted nonce, wherein the identity exchange is a component identity exchange that uses a symmetric cryptography method.
  - 52. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for transmitting a challenge to the platform, the challenge including a nonce;
    - logic for receiving the response from the platform, the response including an encrypted nonce;
      
      logic for decrypting the response using a secret key as input to a symmetric cryptographic algorithm, the decryption providing the nonce; and
      
      logic for validating the response, wherein the identity exchange is a platform identity exchange that uses a symmetric cryptography method.
  - 53. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for receiving a challenge from the platform, the challenge including a nonce;
    - logic for computing a first digest using a one-way hash algorithm computed over the nonce and a secret key; and
      
      logic for transmitting a response to the platform, the response including the first digest, wherein the identity exchange is a component identity exchange that uses a one-way hash method.
  - 54. The hardware component of claim 42, wherein the logic for performing the identity exchange includes, logic for transmitting a challenge to the platform, the challenge including a nonce;
    - logic for receiving a response from the platform, the response including a first digest generated by the platform using a one-way hash algorithm computed over the nonce and a secret key;
      
      logic for computing a second digest using a one-way hash algorithm computed over the nonce and a secret key; and
      
      logic for validating the response, wherein the identity exchange is a platform identity exchange that uses a one-way hash method.

55. A system for binding a hardware component and a platform, comprising:
- a platform including, logic for establishing a cryptographic binding between the hardware component and the platform, the cryptographic binding being registration of cryptographic keys between the hardware component and the platform, and logic for performing an identity exchange between the hardware component and the platform using the cryptographic keys as inputs to cryptographic operations, the identity exchange enabling a challenger to verify the identity of a responder; and
  
  the hardware component in communication with the platform.
- View Dependent Claims (56, 57, 58, 59, 60, 61, 62, 63)
- - 56. The system of claim 55, wherein the hardware component includes, logic for establishing the cryptographic binding between the hardware component and the platform, the cryptographic binding being registration of cryptographic keys between the hardware component and the platform;
    - and logic for performing the identity exchange between the hardware component and the platform using the cryptographic keys as inputs to cryptographic operations, the identity exchange enabling the challenger to verify the identity of the responder.
  - 57. The system of claim 55, wherein the platform incorporates a platform identity module (PIM).
  - 58. The system of claim 57, further comprising:
    - a central processing unit in communication with the PIM and the hardware component.
  - 59. The system of claim 55, wherein the hardware component is defined by one of a chip, a peripheral component interconnect (PCI) card, a PCI-X card, a PCI-Express card, an infiniband terminal communications adapter, a mezzanine card, a network appliance, a platform, a storage system, a storage subsystem, a printer, a keyboard, a mouse, a mobile phone, a personal data assistant, a service processor provided to allow management of the platform, and a peripheral.
  - 60. The system of claim 57, wherein the PIM is defined by one of a chip, a chip set, a board, a protected logic within a processor, and a protected logic within another hardware component that is part of the platform.
  - 61. The system of claim 57, wherein the PIM is physically attached to the platform.
  - 62. The system of claim 57, wherein the PIM is defined by one of a Trusted Computing Group compliant trusted platform module (TPM) and a Federal Information Processing Standards (FIPS) 140-2 compliant cryptographic module.
  - 63. The system of claim 57, wherein the PIM includes a secure cryptographic key store and a cryptographic engine configured to operate on keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Tahan, Thomas

Application Number

US10/982,332
Publication Number

US 20050289343A1
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06F 21/72 in cryptographic circuits

Systems and methods for binding a hardware component and a platform

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

77 Citations

63 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for binding a hardware component and a platform

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

63 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links