Self-generation of certificates using secure microprocessor in a device for transferring digital information
First Claim
1. A method for providing self-issuing certificates in a first device in a telecommunications system, the first device having a certificate-signing key, the method comprising:
- receiving, from an external source, a request to generate a new certificate, wherein the request includes a public key, wherein the public key is smaller in size than the certificate-signing key;
using a secure microprocessor inside the first device to generate a new certificate for the public key; and
directing the first device to use the new certificate in data transfers.
4 Assignments
0 Petitions
Accused Products
Abstract
Devices in a telecommunications system are provided with means to self-generate public key pairs and certificates. This eliminates the need for such keys and certificates to be sent to the devices from an outside source so a single-trust approach can be maintained. A manufacturer'"'"'s certificate is installed into a device it the time of manufacture. The device only issues itself certificates based on a signed request from an external outside server. The device'"'"'s self-issued certificates incorporate information obtained from the server in a profile. This allows control by the server over a device'"'"'s self-issued certificates. In order to prevent tampering, and breaking, of the self-issued certificates, the certificate issuing process occurs within a secure microprocessor.
82 Citations
3 Claims
-
1. A method for providing self-issuing certificates in a first device in a telecommunications system, the first device having a certificate-signing key, the method comprising:
-
receiving, from an external source, a request to generate a new certificate, wherein the request includes a public key, wherein the public key is smaller in size than the certificate-signing key;
using a secure microprocessor inside the first device to generate a new certificate for the public key; and
directing the first device to use the new certificate in data transfers. - View Dependent Claims (2, 3)
-
Specification