Secure End-of-Life Handling of Electronic Devices
First Claim
1. An electronic device, comprising:
- a communications interface;
a secure memory storing a secret key; and
a cryptographic circuit, operatively coupled to the secure memory and the communications interface and configured to(a) calculate a verification token from the secret key, using a first cryptographic operation,(b) calculate an identification token from the verification token, using a second cryptographic operation,(c) output the identification token to the communications interface, responsive to a first command received via the communications interface, and(d) output the verification token to the communications interface, responsive to a second command received via the communications interface, only if a predetermined functionality of the electronic device has been disabled.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and apparatus for verifying that an electronic device has been disabled are disclosed. An exemplary electronic device includes a communications interface, a secure memory, storing a secret key, and a cryptographic circuit configured to calculate a verification token from the secret key, using a first cryptographic operation. The cryptographic circuit is further configured to calculate an identification token from the verification token, using a second cryptographic operation. The cryptographic circuit is further configured to output the identification token in response to a first command received via the communications interface. The verification token is output to the communications interface only if a predetermined functionality of the electronic device has been disabled. The electronic device may further comprise a disabling circuit configured to disable the predetermined functionality in response to a disable command.
79 Citations
22 Claims
-
1. An electronic device, comprising:
-
a communications interface; a secure memory storing a secret key; and a cryptographic circuit, operatively coupled to the secure memory and the communications interface and configured to (a) calculate a verification token from the secret key, using a first cryptographic operation, (b) calculate an identification token from the verification token, using a second cryptographic operation, (c) output the identification token to the communications interface, responsive to a first command received via the communications interface, and (d) output the verification token to the communications interface, responsive to a second command received via the communications interface, only if a predetermined functionality of the electronic device has been disabled. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for verifying disabling of an electronic device, comprising:
-
calculating a verification token from a secret key stored in the electronic device, using a first cryptographic operation; calculating an identification token from the verification token, using a second cryptographic operation; and outputting the identification token from the electronic device, responsive to a first command; and outputting the verification token from the electronic device, responsive to a second command, only if a predetermined functionality of the electronic device has been disabled. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for verifying that an electronic device has been disabled, comprising:
-
a database comprising identification tokens corresponding to a plurality of electronic devices, wherein each identification token is cryptographically generated from a secret key in the corresponding electronic device; and a verification module configured to (a) receive a verification token cryptographically generated from the secret key in one of the plurality of electronic devices, (b) calculate a candidate identifier from the verification token, using a cryptographic operation, and (c) compare the candidate identifier to one or more of the identification tokens to determine whether the verification token is valid. - View Dependent Claims (16, 17, 18)
-
-
19. A method for verifying that an electronic device has been disabled, comprising:
-
receiving a verification token cryptographically generated from a secret key in one of a plurality of electronic devices; calculating a candidate identifier from the verification token, using a cryptographic operation; and comparing the candidate identifier to one or more of a plurality of stored identification tokens corresponding to the plurality of electronic devices, wherein each identification token is cryptographically generated from the secret key in the corresponding electronic device, to determine whether the verification token is valid. - View Dependent Claims (20, 21, 22)
-
Specification