SECURE HARDWARE FOR CROSS-DEVICE TRUSTED APPLICATIONS

US 20150256332A1
Filed: 02/24/2015
Published: 09/10/2015
Est. Priority Date: 03/06/2014
Status: Active Grant

First Claim

Patent Images

1. A computing device, comprising:

secure hardware, comprising;

a shared secret, the shared secret being shared by the secure hardware and a server computing system, the shared secret being provisioned by at least one of the server computing system or a provisioning computing system of a party affiliated with the server computing system; and

a cryptographic engine that executes a cryptographic algorithm using at least one of the shared secret or a key generated from the shared secret, the cryptographic engine executes the cryptographic algorithm to perform at least one of encryption, decryption, authentication, or attestation.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Various technologies described herein pertain to a computing device that includes secure hardware (e.g., a TPM, a secure processor of a processing platform, protected memory that includes a software-based TPM, etc.). The secure hardware includes a shared secret, which is shared by the secure hardware and a server computing system. The shared secret is provisioned by the server computing system or a provisioning computing system of a party affiliated with the server computing system. The secure hardware further includes a cryptographic engine that can execute a cryptographic algorithm using the shared secret or a key generated from the shared secret. The cryptographic engine can execute the cryptographic algorithm to perform encryption, decryption, authentication, and/or attestation.

Citations

20 Claims

1. A computing device, comprising:
- secure hardware, comprising;
  
  a shared secret, the shared secret being shared by the secure hardware and a server computing system, the shared secret being provisioned by at least one of the server computing system or a provisioning computing system of a party affiliated with the server computing system; and
  
  a cryptographic engine that executes a cryptographic algorithm using at least one of the shared secret or a key generated from the shared secret, the cryptographic engine executes the cryptographic algorithm to perform at least one of encryption, decryption, authentication, or attestation.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The computing device of claim 1, the secure hardware further comprising:
    - a remote access control component that generates a message for accessing a remote resource of the server computing system, the message generated responsive to the secure hardware receiving a command; and
      
      the cryptographic engine encrypts the message for transmission to the server computing system, the cryptographic engine encrypts the message using at least one of the shared secret or the key generated from the shared secret to generate an encrypted message, the encrypted message configured to cause access to the remote resource of the server computing system.
  - 3. The computing device of claim 2, further comprising:
    - at least one processor; and
      
      storage external to the secure hardware, the storage comprises a caller component, the caller component being executable by the at least one processor, the caller component sends the command to the secure hardware, receives the encrypted message from the secure hardware, and transmits the encrypted message to the server computing system;
      
      wherein the secure hardware comprises;
      
      at least one secure processor shielded from access by or interference from sources external to the secure hardware; and
      
      secure storage that is inaccessible by the sources external to the secure hardware.
  - 4. The computing device of claim 2, further comprising:
    - at least one processor; and
      
      storage external to the secure hardware, the storage comprises a caller component, wherein;
      
      the caller component is executable by the at least one processor during a first set of time periods;
      
      responsive to being executed by the at least one processor during the first set of time periods, the caller component sends the command to the secure hardware, receives the encrypted message from the secure hardware, and transmits the encrypted message to the server computing system;
      
      the at least one processor is prohibited from executing the caller component during a second set of time periods; and
      
      the first set of time periods and the second set of time periods are non-overlapping; and
      
      wherein the remote access control component and the cryptographic engine are executable by the at least one processor during the second set of time periods, and the at least one processor is prohibited from executing the remote access control component and prohibited from executing the cryptographic engine during the first set of time periods.
  - 5. The computing device of claim 2, the encrypted message configured to cause the server computing system to write data to remote storage of the server computing system.
  - 6. The computing device of claim 2, the encrypted message configured to cause the server computing system to read data from remote storage of the server computing system.
  - 7. The computing device of claim 6, the cryptographic engine decrypts an encrypted reply message using at least one of the shared secret or the key generated from the shared secret, the encrypted reply message being responsive to the encrypted message, the encrypted reply message decrypted to output the data;
    - andthe secure hardware further comprising;
      
      secure storage, the secure storage locally stores the data.
  - 8. The computing device of claim 6, wherein differing secure hardware of a differing computing device caused the server computing system to write the data to the remote storage of the server computing system.
  - 9. The computing device of claim 2, the encrypted message configured to retrieve a clock value from the server computing system.
  - 10. The computing device of claim 1, the shared secret further being shared by differing secure hardware of a differing computing device;
    - wherein the secure hardware, the differing secure hardware of the differing computing device, and the server computing system are provisioned with the shared secret by at least one of the server computing system or the provisioning computing system of the party affiliated with the server computing system.
  - 11. The computing device of claim 1, the secure hardware further comprising:
    - an authentication component that verifies whether a condition specified in a policy is satisfied based on data retrieved from the server computing system, the policy corresponds to a hardware protected object received by the secure hardware;
      
      wherein the cryptographic engine decrypts the hardware protected object using at least one of the shared secret or the key generated from the shared secret when the condition is identified as being satisfied, and the cryptographic engine is prohibited from decrypting the hardware protected object when the condition is identified as not being satisfied.
  - 12. The computing device of claim 1, the secure hardware being a physical Trusted Platform Module (TPM) chip.
  - 13. The computing device of claim 1, further comprising:
    - a processing platform, comprising;
      
      at least one processor configured to execute an operating system of the computing device; and
      
      at least one secure processor in communication with the at least one processor, wherein the secure hardware comprises the at least one secure processor, and the at least one secure processor has access to the shared secret;
      
      wherein the at least one processor is prohibited from accessing the shared secret.
  - 14. The computing device of claim 1, the secure hardware comprising:
    - protected memory of the computing device, the protected memory comprising;
      
      a software-based Trusted Platform Module (TPM), the software-based TPM comprising the shared secret and the cryptographic engine.
  - 15. The computing device of claim 1, the secure hardware comprising:
    - a secure enclave on a processor, the secure enclave stores the shared secret and protects the shared secret from sources external to the secure hardware.

16. A method for controlling sharing of a hardware protected state across multiple computing devices, comprising:
- accessing a first shared secret in storage of a server computing system, the first shared secret being shared by the server computing system and first secure hardware of a first computing device;
  
  accessing a second shared secret in the storage of the server computing system, the second shared secret being shared by the server computing system and second secure hardware of a second computing device; and
  
  synchronizing the hardware protected state between the first secure hardware and the second secure hardware, the hardware protected state being synchronized based on;
  
  first encrypted messages communicated between the server computing system and the first computing device, the first encrypted messages being encrypted based on the first shared secret shared by the server computing system and the first secure hardware; and
  
  second encrypted messages communicated between the server computing system and the second computing device, the second encrypted messages being encrypted based on the second shared secret shared by the server computing system and the second secure hardware.
- View Dependent Claims (17, 18, 19)
- - 17. The method of claim 16, further comprising:
    - storing data in the storage of the server computing system;
      
      encrypting a first message for the first secure hardware, the first message comprises the data, the first message encrypted based on the first shared secret to generate a first encrypted message;
      
      transmitting the first encrypted message to the first computing device;
      
      encrypting a second message for the second secure hardware, the second message comprises the data, the second message encrypted based on the second shared secret to generate a second encrypted message; and
      
      transmitting the second encrypted message to the second computing device.
  - 18. The method of claim 16, further comprising:
    - storing data in the storage of the server computing system;
      
      encrypting a message for the first secure hardware, the message comprises the data, the message encrypted based on the first shared secret to generate an encrypted message;
      
      transmitting the encrypted message to the first computing device;
      
      modifying the data in the storage of the server computing system subsequent to transmitting the encrypted message to the first computing device;
      
      encrypting a subsequent message for the first secure hardware, the subsequent message comprises the data as modified, the subsequent message encrypted based on the first shared secret to generate a subsequent encrypted message; and
      
      transmitting the subsequent encrypted message to the first computing device.
  - 19. The method of claim 18, wherein the data is a clock value.

20. Secure hardware, comprising:
- a shared secret, the shared secret being shared by the secure hardware and a server computing system;
  
  a symmetric key generated by the secure hardware based on the shared secret;
  
  a remote access control component that generates a message for accessing remote storage of the server computing system, the message generated responsive to the secure hardware receiving a command; and
  
  a cryptographic engine that encrypts the message for transmission to the server computing system, the cryptographic engine encrypts the message using the symmetric key to generate an encrypted message, the encrypted message configured to cause the remote storage of the server computing system to one of;
  
  write data to the remote storage of the server computing system;
  
  orread the data from the remote storage of the server computing system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Saroiu, Stefan, Wolman, Alastair, Raj, Himanshu, Chen, Chen

Granted Patent

US 9,686,077 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/1012   to domains

G06F 21/1076   Revocation

G06F 21/6272   by registering files or doc...

G06F 21/72   in cryptographic circuits

G06F 21/78   to assure secure storage of...

G06F 2221/2115   Third party

H04L 2209/127   Trusted platform modules [TPM]

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 67/1001   for accessing one among a p...

H04L 67/1095   Replication or mirroring of...

H04L 9/085   Secret sharing or secret sp...

H04L 9/0869   involving random numbers or...

H04L 9/0877   using additional device, e....

H04L 9/0897   involving additional device...

H04L 9/12   Transmitting and receiving ...

H04L 9/3234   involving additional secure...

SECURE HARDWARE FOR CROSS-DEVICE TRUSTED APPLICATIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE HARDWARE FOR CROSS-DEVICE TRUSTED APPLICATIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links