System and method for combining user and platform authentication in negotiated channel security protocols
First Claim
Patent Images
1. A security protocol method comprising:
- cryptographically hashing a platform configuration value from a platform configuration register (PCR) in a trusted platform module (TPM) that indicates integrity of an endpoint platform, the platform configuration value representing a configuration state of the endpoint platform that indicates an integrity of the endpoint platform to generate a cryptographic hash of the platform configuration;
generating a master secret by hashing together the cryptographic hash of the platform configuration with a pre-master secret from which the master secret is derived, and data from a stored measurement log that stores configuration state measured values for the endpoint platform;
negotiating a communication channel;
signing the generated master secret with multiple authentication facets of the endpoint, the multiple authentication facets including a user key representing a particular user and a platform key representing the particular endpoint platform to produce a master secret signed with multiple authentication keys to authenticate the endpoint;
authenticating, as part of a bidirectional handshaking protocol exchange, the negotiated communication channel with the signed master secret to establish the negotiated communication channel as a secure channel to achieve late binding of the secure channel to prevent the binding from persisting outside the secure channel, including generating a session key for the communication channel, where the session key is generated from the master secret.
2 Assignments
0 Petitions
Accused Products
Abstract
A security protocol for combining user and platform authentication. The security protocol includes a first handshake phase to issue attestation identity credentials, and a second handshake phase to authenticate based on the attestation identity credentials issued in the first handshake phase. The security protocol also includes a session resumption phase to resume a previous session.
35 Citations
19 Claims
-
1. A security protocol method comprising:
-
cryptographically hashing a platform configuration value from a platform configuration register (PCR) in a trusted platform module (TPM) that indicates integrity of an endpoint platform, the platform configuration value representing a configuration state of the endpoint platform that indicates an integrity of the endpoint platform to generate a cryptographic hash of the platform configuration; generating a master secret by hashing together the cryptographic hash of the platform configuration with a pre-master secret from which the master secret is derived, and data from a stored measurement log that stores configuration state measured values for the endpoint platform; negotiating a communication channel; signing the generated master secret with multiple authentication facets of the endpoint, the multiple authentication facets including a user key representing a particular user and a platform key representing the particular endpoint platform to produce a master secret signed with multiple authentication keys to authenticate the endpoint; authenticating, as part of a bidirectional handshaking protocol exchange, the negotiated communication channel with the signed master secret to establish the negotiated communication channel as a secure channel to achieve late binding of the secure channel to prevent the binding from persisting outside the secure channel, including generating a session key for the communication channel, where the session key is generated from the master secret. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer readable storage medium having instructions stored thereon, which when executed by a processor, provide for simultaneously authenticating multiple facets of an endpoint by:
-
cryptographically hashing a platform configuration value from a platform configuration register (PCR) in a trusted platform module (TPM) that indicates integrity of an endpoint platform, the platform configuration value representing a configuration state of the endpoint platform that indicates an integrity of the endpoint platform to generate a cryptographic hash of the platform configuration; generating a master secret by hashing together the cryptographic hash of the platform configuration with a pre-master secret from which the master secret is derived, and data from a stored measurement log that stores configuration state measured values for the endpoint platform; negotiating a communication channel; signing the generated master secret with multiple authentication facets of the endpoint, the multiple authentication facets including a user key representing a particular user and a platform key representing the particular endpoint platform to produce a master secret signed with multiple authentication keys to authenticate the endpoint; authenticating, as part of a bidirectional handshaking protocol exchange, the negotiated communication channel with the signed master secret to establish the negotiated communication channel as a secure channel to achieve late binding of the secure channel to prevent the binding from persisting outside the secure channel, including generating a session key for the communication channel, where the session key is generated from the master secret. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
Specification