CERTIFICATE VERIFICATION
First Claim
Patent Images
1. A server comprising:
- a number generator;
a certificate request module;
a certificate verification module;
an interface, coupled to the number generator, the certificate request module, and the certificate verification module,wherein, in operationthe number generator generates a first number,the certificate request module generates a request for a device certificate, the first number and the request for a device certificate are sent via the interface, a response that includes a second number, a second signature that is generated using the second number, and a device certificate are received at the interface, and the certificate verification module validates the device certificate and the second signature, and verifies that the first number and the second number match.
3 Assignments
0 Petitions
Accused Products
Abstract
An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.
108 Citations
6 Claims
-
1. A server comprising:
-
a number generator; a certificate request module; a certificate verification module; an interface, coupled to the number generator, the certificate request module, and the certificate verification module, wherein, in operation the number generator generates a first number, the certificate request module generates a request for a device certificate, the first number and the request for a device certificate are sent via the interface, a response that includes a second number, a second signature that is generated using the second number, and a device certificate are received at the interface, and the certificate verification module validates the device certificate and the second signature, and verifies that the first number and the second number match.
-
-
2. The server of claim 9, wherein the interface receives a signature and the certificate validation module validates the signature using the device certificate.
-
3. The server of claim 9, wherein the number generator is a pseudo-random number generator.
-
4. The server of claim 9, wherein the number generator is a true random number generator.
-
5. The server of claim 9, wherein, in operation, the certificate verification module validates the device certificate using a trusted certificate chain.
-
6. The server of claim 9, further comprising a certificate database, wherein the device certificate is imported to the certificate database if validated by the certificate verification module.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeSamsung Electronics Co. Ltd.
-
Original AssigneeBroadon Communications Corp. (Acer, Inc.)
-
InventorsSrinivasan, Pramila, Princen, John
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current713/175
-
CPC Class CodesG06F 21/33 using certificatesG06F 21/71 to assure secure computing ...G06F 21/72 in cryptographic circuitsG06F 21/73 by creating or determining ...H04L 2209/603 Digital right managament [DRM]H04L 9/0869 involving random numbers or...H04L 9/3066 involving algebraic varieti...H04L 9/3213 using tickets or tokens, e....H04L 9/3263 involving certificates, e.g...
