Systems and methods for securely booting a computer with a trusted processing module
First Claim
1. A computer readable medium bearing instructions for a secure boot process on a computer with a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer readable medium comprising:
- instructions for submitting at least one value to the HSM, wherein if said value is correct, the HSM may release a secret;
instructions for retrieving the secret;
instructions for decrypting data using information that is accessible due to retrieving of the secret, wherein the execution of said instructions for decrypting produces decrypted data;
instructions for at least a portion of a computer boot process, wherein said computer boot process cannot complete a normal boot without said decrypted data.
2 Assignments
0 Petitions
Accused Products
Abstract
In a computer with a trusted platform module (TPM), an expected hash value of a boot component may be placed into a platform configuration register (PCR), which allows a TPM to unseal a secret. The secret may then be used to decrypt the boot component. The hash of the decrypted boot component may then be calculated and the result can be placed in a PCR. The PCRs may then be compared. If they do not, access to the an important secret for system operation can be revoked. Also, a first secret may be accessible only when a first plurality of PCR values are extant, while a second secret is accessible only after one or more of the first plurality of PCR values has been replaced with a new value, thereby necessarily revoking further access to the first secret in order to grant access to the second secret.
-
Citations
20 Claims
-
1. A computer readable medium bearing instructions for a secure boot process on a computer with a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer readable medium comprising:
-
instructions for submitting at least one value to the HSM, wherein if said value is correct, the HSM may release a secret;
instructions for retrieving the secret;
instructions for decrypting data using information that is accessible due to retrieving of the secret, wherein the execution of said instructions for decrypting produces decrypted data;
instructions for at least a portion of a computer boot process, wherein said computer boot process cannot complete a normal boot without said decrypted data. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer comprising a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer also comprising:
-
means for submitting at least one value to the HSM, wherein if said value is correct, the HSM may release a secret;
means for retrieving the secret;
means for decrypting data using information that is accessible due to retrieving of the secret, wherein the operation of said means for decrypting produces decrypted data;
means comprising at least a portion of a computer boot process, wherein said computer boot process cannot complete a normal boot without said decrypted data. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computer readable medium bearing instructions for a secure boot process on a computer with a plurality of partitions and a hardware security module (HSM) that contains recorded values, compares submitted values to the recorded values, and releases a secret if the submitted values are correct, said computer readable medium comprising:
-
instructions submitting at least one value to the HSM, wherein if said value is correct, the HSM may release a secret;
instructions for retrieving the first secret;
instructions for removing the first secret from a memory location;
instructions for submitting at least one second value to the HSM, wherein if said second value is correct, the HSM may release a second secret and not the first secret. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification