TRANSPARENT TRUST VALIDATION OF AN UNKNOWN PLATFORM

US 20100082987A1
Filed: 09/30/2008
Published: 04/01/2010
Est. Priority Date: 09/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method of booting an untrusted computing device comprising a trusted platform module, the method comprising the steps of:

requesting a first key and a first certificate, comprising a second key, from the trusted platform module;

obtaining a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device;

providing, prior to the execution of an operating system on the untrusted computing device, the first key, the first certificate and the log to a trusted device communicationally coupled to the untrusted computing device;

receiving, from the trusted device a first set of encrypted data encrypted with the second key, the first set of encrypted data comprising a third key;

providing the first set of encrypted data to the trusted platform module;

receiving, from the trusted platform module, the third key;

decrypting, using the third key, an encrypted volume on the untrusted computing device prior to the execution of the operating system on the untrusted computing device; and

executing the operating system on the untrusted computing device from the decrypted encrypted volume.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A transparent trust validation of an unknown platform can be performed by communicationally coupling it to a trusted device, such as a portable peripheral device carried by a user, or one or more remote computing devices. Information from the unknown platform can be obtained by boot code copied to it from the trusted device and such information can be validated by the trusted device. The trusted device can then provide an encrypted version of decryption key to the boot code which can request the Trusted Platform Module (TPM) of the unknown platform to decrypt and return the decryption key. If the information originally obtained from the unknown platform and validated by the trusted device was authentic, the TPM will be able to provide the decryption key to the boot code, enabling it to decrypt an encrypted volume comprising applications, operating systems or other components.

77 Citations

View as Search Results

20 Claims

1. A method of booting an untrusted computing device comprising a trusted platform module, the method comprising the steps of:
- requesting a first key and a first certificate, comprising a second key, from the trusted platform module;
  
  obtaining a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device;
  
  providing, prior to the execution of an operating system on the untrusted computing device, the first key, the first certificate and the log to a trusted device communicationally coupled to the untrusted computing device;
  
  receiving, from the trusted device a first set of encrypted data encrypted with the second key, the first set of encrypted data comprising a third key;
  
  providing the first set of encrypted data to the trusted platform module;
  
  receiving, from the trusted platform module, the third key;
  
  decrypting, using the third key, an encrypted volume on the untrusted computing device prior to the execution of the operating system on the untrusted computing device; and
  
  executing the operating system on the untrusted computing device from the decrypted encrypted volume.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the trusted device is a portable storage device.
  - 3. The method of claim 1, wherein the trusted device comprises at least one computing device remote from the untrusted computing device and communicationally coupled to the untrusted computing device through a network.
  - 4. The method of claim 1, wherein the encrypted volume was copied to the untrusted computing device from the trusted device.
  - 5. The method of claim 1 further comprising the steps of causing the untrusted computing device to request, from a user, an owner authorization of the untrusted computing device.
  - 6. The method of claim 1 further comprising the steps of:
    - requesting that the trusted platform module seal the third key based on at least one value currently existing in at least one platform configuration register of the trusted platform module;
      
      receiving, from the trusted platform module, an encrypted version of the third key; and
      
      storing the encrypted version of the third key on the trusted device.
  - 7. The method of claim 1 further comprising the steps of:
    - checking the trusted device for an encrypted version of the third key, the encrypted version being associated with the untrusted computing device; and
      
      requesting the trusted platform module to unseal the encrypted version of the third key.

8. A method of booting an untrusted computing device comprising a trusted platform module, the method comprising the steps of:
- receiving, from the untrusted computing device, prior to the execution of an operating system on the untrusted computing device, a first key, a first certificate comprising a second key, and a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device;
  
  determining if the first certificate is signed by a trusted root authority;
  
  determining if the log indicates that the untrusted computing device is in an acceptable state; and
  
  if the first certificate is signed by the trusted root authority, and if the log indicates that the untrusted computing device is in an acceptable state, encrypting, with the second key, a first set of data comprising a third key and at least one value expected to be stored within at least one platform configuration register of the trusted platform module given the log; and
  
  providing, to the untrusted computing device, prior to the execution of the operating system on the untrusted computing device, the encrypted first set of data.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, wherein the steps are performed by a portable storage device.
  - 10. The method of claim 8, wherein the steps are performed by at least one computing device remote from the untrusted computing device and communicationally coupled to the untrusted computing device through a network.
  - 11. The method of claim 8, wherein the step of determining if the log indicates that the untrusted computing device is in an acceptable state comprises determining if all entries in the log are contained within a whitelist of known good items.
  - 12. The method of claim 8, wherein the step of determining if the log indicates that the untrusted computing device is in an acceptable state comprises determining if any entries in the log are contained within a blacklist of known malicious items.
  - 13. The method of claim 8 further comprising the steps of storing and associating with the untrusted computing device a version of the third key encrypted by the trusted platform module of the untrusted computing device.

14. A portable peripheral device comprising a processing unit and a non-volatile storage, the non-volatile storage comprising a listing of trusted root certificate authorities, at least one of a blacklist of known malicious items and a whitelist of known good items, an encrypted volume, a decryption key for decrypting the encrypted volume, and boot code for executing on an untrusted computing device.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The portable peripheral device of claim 14, wherein the boot code comprises computer-executable instructions for performing steps comprising:
    - requesting a first key and a first certificate, comprising a second key, from a trusted platform module on the untrusted computing device;
      
      obtaining a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device;
      
      providing, prior to the execution of an operating system on the untrusted computing device, the first key, the first certificate and the log to the portable peripheral device;
      
      receiving, from the portable peripheral device a first set of encrypted data encrypted with the second key, the first set of encrypted data comprising a third key;
      
      providing the first set of encrypted data to the trusted platform module;
      
      receiving, from the trusted platform module, the third key;
      
      decrypting, using the third key, the encrypted volume on the untrusted computing device prior to the execution of the operating system on the untrusted computing device; and
      
      executing the operating system on the untrusted computing device from the decrypted encrypted volume.
  - 16. The portable peripheral device of claim 15, wherein the boot code further comprises computer-executable instructions for performing steps comprising:
    - requesting that the trusted platform module seal the third key based on at least one value currently existing in at least one platform configuration register of the trusted platform module;
      
      receiving, from the trusted platform module, an encrypted version of the third key; and
      
      storing the encrypted version of the third key on the portable peripheral device.
  - 17. The portable peripheral device of claim 15, wherein the boot code further comprises computer-executable instructions for performing steps comprising:
    - checking the portable peripheral device for an encrypted version of the third key, the encrypted version being associated with the untrusted computing device; and
      
      requesting the trusted platform module to unseal the encrypted version of the third key.
  - 18. The portable peripheral device of claim 14, wherein the processing unit performs steps comprising:
    - receiving, from the untrusted computing device, prior to the execution of an operating system on the untrusted computing device, a first key, a first certificate comprising a second key, and a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device;
      
      determining, with reference to the listing of trusted root certificate authorities, if the first certificate is signed by a trusted root authority;
      
      determining, with reference to the at least one of the blacklist and the whitelist, if the log indicates that the untrusted computing device is in an acceptable state; and
      
      if the first certificate is signed by the trusted root authority, and if the log indicates that the untrusted computing device is in an acceptable state, encrypting, with the second key, a first set of data comprising a third key and at least one value expected to be stored within at least one platform configuration register of the trusted platform module given the log; and
      
      providing, to the untrusted computing device, prior to the execution of the operating system on the untrusted computing device, the encrypted first set of data.
  - 19. The portable peripheral device of claim 18, wherein the processing unit, in performing the step of determining if the log indicates that the untrusted computing device is in an acceptable state, further performs steps comprising determining if all entries in the log are contained within the whitelist.
  - 20. The portable peripheral device of claim 18, wherein the processing unit, in performing the step of determining if the log indicates that the untrusted computing device is in an acceptable state, further performs steps comprising determining if any entries in the log are contained within the blacklist.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Gandhi, Yash Ashok Kumar, Eizenhoefer, Shon, Thom, Stefan, Holt, Erik

Granted Patent

US 8,127,146 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

G06F 21/34 involving the use of extern...

G06F 2221/2129 Authenticate client device ...

TRANSPARENT TRUST VALIDATION OF AN UNKNOWN PLATFORM

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

77 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TRANSPARENT TRUST VALIDATION OF AN UNKNOWN PLATFORM

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

77 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links