TRANSPARENT TRUST VALIDATION OF AN UNKNOWN PLATFORM
First Claim
1. A method of booting an untrusted computing device comprising a trusted platform module, the method comprising the steps of:
- requesting a first key and a first certificate, comprising a second key, from the trusted platform module;
obtaining a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device;
providing, prior to the execution of an operating system on the untrusted computing device, the first key, the first certificate and the log to a trusted device communicationally coupled to the untrusted computing device;
receiving, from the trusted device a first set of encrypted data encrypted with the second key, the first set of encrypted data comprising a third key;
providing the first set of encrypted data to the trusted platform module;
receiving, from the trusted platform module, the third key;
decrypting, using the third key, an encrypted volume on the untrusted computing device prior to the execution of the operating system on the untrusted computing device; and
executing the operating system on the untrusted computing device from the decrypted encrypted volume.
2 Assignments
0 Petitions
Accused Products
Abstract
A transparent trust validation of an unknown platform can be performed by communicationally coupling it to a trusted device, such as a portable peripheral device carried by a user, or one or more remote computing devices. Information from the unknown platform can be obtained by boot code copied to it from the trusted device and such information can be validated by the trusted device. The trusted device can then provide an encrypted version of decryption key to the boot code which can request the Trusted Platform Module (TPM) of the unknown platform to decrypt and return the decryption key. If the information originally obtained from the unknown platform and validated by the trusted device was authentic, the TPM will be able to provide the decryption key to the boot code, enabling it to decrypt an encrypted volume comprising applications, operating systems or other components.
77 Citations
20 Claims
-
1. A method of booting an untrusted computing device comprising a trusted platform module, the method comprising the steps of:
-
requesting a first key and a first certificate, comprising a second key, from the trusted platform module; obtaining a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device; providing, prior to the execution of an operating system on the untrusted computing device, the first key, the first certificate and the log to a trusted device communicationally coupled to the untrusted computing device; receiving, from the trusted device a first set of encrypted data encrypted with the second key, the first set of encrypted data comprising a third key; providing the first set of encrypted data to the trusted platform module; receiving, from the trusted platform module, the third key; decrypting, using the third key, an encrypted volume on the untrusted computing device prior to the execution of the operating system on the untrusted computing device; and executing the operating system on the untrusted computing device from the decrypted encrypted volume. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of booting an untrusted computing device comprising a trusted platform module, the method comprising the steps of:
-
receiving, from the untrusted computing device, prior to the execution of an operating system on the untrusted computing device, a first key, a first certificate comprising a second key, and a log listing all computer-executable instructions then executed on the untrusted computing device and all modules then loaded on the untrusted computing device; determining if the first certificate is signed by a trusted root authority; determining if the log indicates that the untrusted computing device is in an acceptable state; and if the first certificate is signed by the trusted root authority, and if the log indicates that the untrusted computing device is in an acceptable state, encrypting, with the second key, a first set of data comprising a third key and at least one value expected to be stored within at least one platform configuration register of the trusted platform module given the log; and providing, to the untrusted computing device, prior to the execution of the operating system on the untrusted computing device, the encrypted first set of data. - View Dependent Claims (9, 10, 11, 12, 13)
-
- 14. A portable peripheral device comprising a processing unit and a non-volatile storage, the non-volatile storage comprising a listing of trusted root certificate authorities, at least one of a blacklist of known malicious items and a whitelist of known good items, an encrypted volume, a decryption key for decrypting the encrypted volume, and boot code for executing on an untrusted computing device.
Specification