Security parameter provisioning in an open platform using 3G security infrastructure

US 20070042754A1
Filed: 07/29/2005
Published: 02/22/2007
Est. Priority Date: 07/29/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

authenticating a subscriber identity module (SIM) over a network;

generating a platform secret key for the SIM;

transferring the platform secret key to the SIM;

authenticating a platform running a trusted application using attestation; and

transferring the platform secret key to the platform.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for provisioning a shared secret key to enable trusted communications between a SIM and a platform running a trusted application in a third generation or beyond wireless network.

Citations

20 Claims

1. A method comprising:
- authenticating a subscriber identity module (SIM) over a network;
  
  generating a platform secret key for the SIM;
  
  transferring the platform secret key to the SIM;
  
  authenticating a platform running a trusted application using attestation; and
  
  transferring the platform secret key to the platform.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the network is a third generation (3G) wireless network.
  - 3. The method of claim 1, wherein the SIM is a Universal Mobile Telecommunications System (UMTS) SIM.
  - 4. The method of claim 1, wherein authenticating the platform running the trusted application using attestation comprises receiving a service request from the platform, creating a nonce, sending the nonce and a request for attestation to the platform, receiving a digital signature including platform information from the platform, and determining whether the platform is trustworthy based on the digital signature.
  - 5. The method of claim 4, wherein determining whether the platform is trustworthy based on the digital signature comprises comparing a platform configuration register value within the digital signature to a list of one or more known good platform configuration register values.
  - 6. The method of claim 1, further comprising sealing the platform secret key to the platform.

7. A method comprising:
- receiving a nonce and an attestation request from a mobile network operator over a network;
  
  creating a digital signature including a platform configuration register value and the nonce;
  
  sending the digital signature to the mobile network operator;
  
  receiving a platform secret key from the mobile network operator; and
  
  generating a platform shared secret key from the platform secret key.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein the network is a third generation (3G) wireless network.
  - 9. The method of claim 7, further comprising sending a service request to a mobile network operator before receiving the nonce and attestation request from the mobile network operator.
  - 10. The method of claim 9, further comprising sealing the platform secret key to the platform.
  - 11. The method of claim 7, wherein the platform configuration register value includes dynamic information.
  - 12. The method of claim 11, wherein the platform configuration register value further includes static information.

13. A system comprising:
- a platform to run a trusted application, to receive a first shared key from a bootstrapping server function, and to generate a first shared secret key using the first shared key; and
  
  a subscriber identity module (SIM) communicatively coupled to the platform to receive a second shared key from the bootstrapping server function and to generate a second shared secret key using the second shared key, wherein the first shared secret key and the second shared secret key are identical and enable trusted communication between the platform and the SIM.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The system of claim 13, wherein the platform is a mobile platform.
  - 15. The system of claim 14, wherein the platform is a notebook computer.
  - 16. The system of claim 13, wherein the platform is a device that has been authenticated by the bootstrapping server function.
  - 17. The system of claim 13, wherein the SIM is a Universal Mobile Telecommunications System (UMTS) SIM.

18. An article of manufacture comprising a machine-accessible medium having stored thereon instructions which, when executed by a machine, cause the machine to:
- authenticate a UMTS subscriber identity module (USIM) over a wireless network;
  
  generate a platform secret key for the USIM;
  
  transfer the platform secret key to the USIM;
  
  run a challenge/response protocol with a platform running a trusted application;
  
  authenticate the platform running the trusted application using attestation; and
  
  transfer the platform secret key to the platform running the trusted application.
- View Dependent Claims (19, 20)
- - 19. The article of manufacture of claim 18, wherein the instructions, when executed by the machine, further cause the machine to seal the platform secret key to the platform.
  - 20. The article of manufacture of claim 18, wherein the wireless network is a third generation wireless network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Aissi, Selim, Bajikar, Sundeep, McKeen, Francis

Application Number

US11/193,139
Publication Number

US 20070042754A1
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0853   using an additional device,...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

Security parameter provisioning in an open platform using 3G security infrastructure

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security parameter provisioning in an open platform using 3G security infrastructure

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links