Method for secure distribution and configuration of asymmetric keying material into semiconductor devices
First Claim
Patent Images
1. A method comprising:
- transferring at least a first bundle to a first destination via a first link; and
transferring at least a second bundle to the first destination via a first out-of-band information carrying mechanism;
transferring a plurality of bundles to a second destination, each of the plurality of bundles including a key, a key identifier and an integrity check value and the plurality of bundles includes a third bundle arid a fourth bundle, the third bundle is a plurality of second part bundle encryption key (BEKp2) bundles, each of the BEKp2 bundles includes a second part of a bundle encryption key and a combined integrity check value associated with a first encryption key and a second encryption key;
storing a current sort encryption key (SEK) at the first destination in an internal memory;
storing a next SEK at the first destination in the internal memory;
providing the electronic component to the second destination; and
recovering a private key at the second destination from a key bundle based on the current SEK, the next SEK and the plurality of bundles received at the second destination.
1 Assignment
0 Petitions
Accused Products
Abstract
In one embodiment, a method is described to secure transfer data from one location to another for storage in an electronic component. The transfer occurs with part of the data routed to a first destination and the remaining data routed to a second destination. The data routed to the first destination is for securely loading a current sort encrypted key (SEK) and a next SEK into memory of the electronic component. The data routed to the second destination includes a private key which is recovered using the current SEK and the next SEK.
18 Citations
16 Claims
-
1. A method comprising:
-
transferring at least a first bundle to a first destination via a first link; and
transferring at least a second bundle to the first destination via a first out-of-band information carrying mechanism;
transferring a plurality of bundles to a second destination, each of the plurality of bundles including a key, a key identifier and an integrity check value and the plurality of bundles includes a third bundle arid a fourth bundle, the third bundle is a plurality of second part bundle encryption key (BEKp2) bundles, each of the BEKp2 bundles includes a second part of a bundle encryption key and a combined integrity check value associated with a first encryption key and a second encryption key;
storing a current sort encryption key (SEK) at the first destination in an internal memory;
storing a next SEK at the first destination in the internal memory;
providing the electronic component to the second destination; and
recovering a private key at the second destination from a key bundle based on the current SEK, the next SEK and the plurality of bundles received at the second destination. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeIntel Corporation
-
Original AssigneeIntel Corporation
-
InventorsHerbert, Howard C., Davis, Derek L.
-
Primary Examiner(s)MOISE, EMMANUEL LIONEL
-
Application NumberUS09/607,412Time in Patent Office1,755 DaysField of Search380/283, 380/278, 713/156, 713/163, 713/200, 713/201US Class Current380/283CPC Class CodesG06F 21/72 in cryptographic circuitsH04L 9/0833 involving conference or gro...H04L 9/0897 involving additional device...H04L 9/14 using a plurality of keys o...H04L 9/3236 using cryptographic hash fu...H04L 9/3247 involving digital signaturesH04L 9/3265 using certificate chains, t...
