SECURE DYNAMIC ON CHIP KEY PROGRAMMING
First Claim
1. A method for provisioning an integrated circuit with confidential data, the method comprisingreceiving in the integrated circuit encrypted confidential data, the encrypted confidential data having been encrypted with a transport key,deriving in the integrated circuit the transport key by applying a key derivation function to a customer identifier, the customer identifier having been previously stored in the integrated circuit,decrypting in the integrated circuit the encrypted confidential data with the transport key to obtain decrypted confidential data,deriving in the integrated circuit a product key by applying a key derivation function to an integrated circuit identifier, the integrated circuit identifier having been previously stored in the integrated circuit,encrypting in the integrated circuit the decrypted confidential data with the product key to obtain re-encrypted confidential data, andstoring the re-encrypted confidential data in a confidential data memory of the integrated circuit.
10 Assignments
0 Petitions
Accused Products
Abstract
Provisioning an integrated circuit with confidential data, by receiving in the integrated circuit encrypted confidential data, the encrypted confidential data having been encrypted with a transport key, deriving in the integrated circuit the transport key by applying a key derivation function to a customer identifier, the customer identifier having been previously stored in the integrated circuit, decrypting in the integrated circuit the encrypted confidential data with the transport key to obtain decrypted confidential data, deriving in the integrated circuit a product key by applying a key derivation function to an integrated circuit identifier, the integrated circuit identifier having been previously stored in the integrated circuit, encrypting in the integrated circuit the decrypted confidential data with the product key to obtain re-encrypted confidential data, and storing the re-encrypted confidential data in a confidential data memory of the integrated circuit.
33 Citations
11 Claims
-
1. A method for provisioning an integrated circuit with confidential data, the method comprising
receiving in the integrated circuit encrypted confidential data, the encrypted confidential data having been encrypted with a transport key, deriving in the integrated circuit the transport key by applying a key derivation function to a customer identifier, the customer identifier having been previously stored in the integrated circuit, decrypting in the integrated circuit the encrypted confidential data with the transport key to obtain decrypted confidential data, deriving in the integrated circuit a product key by applying a key derivation function to an integrated circuit identifier, the integrated circuit identifier having been previously stored in the integrated circuit, encrypting in the integrated circuit the decrypted confidential data with the product key to obtain re-encrypted confidential data, and storing the re-encrypted confidential data in a confidential data memory of the integrated circuit.
-
10. Method for distributing confidential data comprising
deriving a transport key by applying a key derivation function to a customer identifier, sending the transport key to a customer, at the customer, encrypting confidential data with the transport key, sending the encrypted confidential data to a programming facility, and at the programming facility, provisioning an integrated circuit with the encrypted confidential data.
-
11. An integrated circuit configured for provisioning with confidential data, the integrated circuit comprising
a receiver configured to receive in the integrated circuit encrypted confidential data, the encrypted confidential data having been encrypted with a transport key, a customer identifier storage configured to a stored customer identifier, a transport key deriver configured to derive in the integrated circuit the transport key by applying a key derivation function to the customer identifier, a decrypting module configured to decrypt in the integrated circuit the encrypted confidential data with the transport key to obtain decrypted confidential data, a integrated circuit identifier storage configured to stored an integrated circuit identifier, a product key deriver configured to derive in the integrated circuit a product key by applying a key derivation function to an integrated circuit identifier, an encrypting module to encrypt in the integrated circuit the decrypted confidential data with the product key to obtain re-encrypted confidential data, and a confidential data memory configured to store the re-encrypted confidential data.
Specification