Method and apparatus for authenticated, recoverable key distribution with no database secrets

US 8,014,530 B2
Filed: 03/22/2006
Issued: 09/06/2011
Est. Priority Date: 03/22/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

issuing, by a chip, a key request including a chip identification (ID), the chip ID generated according to a secret random number programmed into the chip prior to integration of the chip within a platform to form an integrated chip platform, the chip ID previously sent from the integrated chip platform in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform;

decrypting cipher text received in response to the issued key request to access an application key assigned to the integrated chip platform;

storing an encrypted application key within persistent memory of the integrated chip platform, the assigned application key encrypted, by the chip, to form the encrypted application key according to a chip secret key derived from the secret random number programmed into the chip; and

outputting the encrypted application key to enable recovery of the encrypted application key in response to a key reprovisioning request, from the chip, that is authenticated according to the chip ID.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for authenticated recoverable key distribution are described. In one embodiment, an application key is provided to an integrated chip platform. In one embodiment, the integrated chip platform encrypts the application key with a Key Encryption Key, which is stored within the persistent memory on the platform, and outputs a ChipID and the encrypted application key to enable recovery. In one embodiment, the platform can provide the ChipID to a recovery database to replace a lost encrypted application key. In one embodiment, the ChipID is the public key of a public/private key pair, and the application key is provided to the integrated chip platform by encrypting it using this public key. In one embodiment, the ChipID and the Key Encryption Key are derived from a secret random number programmed into the integrated chip. Other embodiments are described and claimed.

315 Citations

26 Claims

1. A method comprising:
- issuing, by a chip, a key request including a chip identification (ID), the chip ID generated according to a secret random number programmed into the chip prior to integration of the chip within a platform to form an integrated chip platform, the chip ID previously sent from the integrated chip platform in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform;
  
  decrypting cipher text received in response to the issued key request to access an application key assigned to the integrated chip platform;
  
  storing an encrypted application key within persistent memory of the integrated chip platform, the assigned application key encrypted, by the chip, to form the encrypted application key according to a chip secret key derived from the secret random number programmed into the chip; and
  
  outputting the encrypted application key to enable recovery of the encrypted application key in response to a key reprovisioning request, from the chip, that is authenticated according to the chip ID.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the method, prior to issuing the key request, further comprises:
    - reading the secret random number from chip fuses of the integrated chip platform; and
      
      encrypting a global constant with the secret random number programmed into the integrated chip platform as a key to form the chip secret key.
  - 3. The method of claim 1, further comprising:
    - generating a random number according to the chip secret key;
      
      computing a modular exponentiation operation according to public key parameters and the generated random number to form the public key of the public/private key pair; and
      
      storing the public key, the chip secret key and the random number within key registers of the integrated chip platform, wherein a key size of the chip secret key is less than a key size of the application key.
  - 4. The method of claim 1, wherein generating the shared secret key comprising:
    - generating a random number according to the chip secret key;
      
      computing a modular exponentiation operation according to the received public key, a public key parameter and the generated random number to form the shared secret key.
  - 5. The method of claim 1, wherein generating the shared secret key further comprises:
    - completing a Diffie-Hellman key agreement to form the shared secret key.

6. A method comprising:
- generating a secret session key according to a chip identification (ID) that is received with a key provisioning request received from an integrated chip platform, wherein the key provisioning request is authenticated according to the chip ID, wherein the chip ID is received in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform;
  
  generating, according to the secret session key, cipher text including an application key assigned to the integrated chip platform according to the authenticated key provisioning request;
  
  transmitting, to the integrated chip platform, the cipher text including the assigned application key; and
  
  storing an encrypted application key, indexed by the chip ID, to enable recovery of the encrypted application key in response to a key reprovisioning request, from the chip, that is authenticated according to a chip ID, wherein the assigned application key is encrypted, by the chip, to form the encrypted application key according to a chip secret key derived from the secret random number programmed into the integrated chip platform.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the method, prior to generating the secret session key, further comprises:
    - receiving the key provisioning request including the received public key of the public/private key pair as a chip identification (ID) of the integrated chip platform;
      
      querying a database according to the chip ID; and
      
      verifying that the chip ID received with the key provisioning request is a valid chip ID if a matching chip ID is detected within the data base.
  - 8. The method of claim 6, wherein generating the secret session key comprises:
    - generating a random number; and
      
      computing a modular exponentiation operation according to the received public key, a public key parameter and the generated random number to form the secret session key.
  - 9. The method of claim 6, wherein the method, prior to generating the secret session key, further comprises:
    - receiving a manufactured chip programmed with a secret random number;
      
      integrating the manufactured chip into a platform to form the integrated chip platform;
      
      directing the manufactured chip to provide the received public key of the public/private key pair as the chip ID; and
      
      storing the chip ID of the integrated chip platform in to the database.
  - 10. The method of claim 9, further comprising:
    - obtaining an application key from a key generation facility as a selected application key for the integrated chip platform;
      
      directing the manufactured chip to encrypt the selected application key according to a chip secret key derived from the secret random number programmed into the manufactured chip;
      
      reading an encrypted application key from the manufactured chip; and
      
      storing the encrypted application key within persistent memory of the integrated chip platform; and
      
      storing the encrypted application key within the database, indexed by the chip ID.

11. An article of manufacture including a non-transitory machine accessible storage medium having stored thereon data which, when accessed, results in the machine performing operations comprising:
- with a manufactured chip of an integrated chip platform, sending a chip identification (ID) from the integrated chip platform in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform, the chip ID generated according to a secret random number programmed into manufactured chip prior to integration of the chip within a platform to form the integrated chip platform;
  
  after the sending the chip ID, transmitting from the integrated chip platform to an original design manufacturer (ODM) a key request including the chip ID;
  
  decrypting, according to a key encryption key, cipher text received in response to the issued key request to access an application key assigned to the integrated chip platform by the ODM;
  
  encrypting, by the manufactured chip, the assigned application key to form an encrypted application key according to a chip secret key derived from the secret random number programmed into the integrated chip platform;
  
  storing the encrypted application key within persistent memory of the integrated chip platform; and
  
  outputting the encrypted application key to enable recovery of the encrypted application key in response to a key reprovisioning request, from the manufactured chip, that is authenticated according to the chip ID.
- View Dependent Claims (12, 13)
- - 12. The article of manufacture of claim 11, wherein the non-transitory machine readable storage medium further includes associated data, which when accessed, further results in the machine performing operations, comprising:
    - reading the secret random number from chip fuses of the integrated chip platform; and
      
      encrypting a global constant with the secret random number programmed into the integrated chip platform as a key to form the chip secret key.
  - 13. The article of manufacture of claim 11, wherein the non-transitory machine readable storage medium further includes associated data, which when accessed, further results in the machine performing operations, comprising:
    - generating a random number according to the chip secret key;
      
      computing a modular exponentiation operation according to the received public key, a public key parameter and the generated random number to form the public key of the public/private key pair; and
      
      storing the public key, the chip secret key and the random number within key registers of the integrated chip platform.

14. An integrated chip platform comprising:
- key generation logic including secret key logic to derive a chip secret key from a secret random number programmed into the chip prior to integration of the chip within a platform to form the integrated chip platform, and key request logic to decrypt cipher text, received in response to an issued key request, to access an application key assigned to the integrated chip platform and to store an encrypted application key within persistent memory of the integrated chip platform, the assigned application key encrypted to form the encrypted application key according to the chip secret key, the key generation logic to output the encrypted application key to enable recovery of the encrypted application key in response to a key reprovisioning request, from the integrated chip platform, that is authenticated according to a chip identification (ID);
  
  chip identification logic to send the chip ID from the integrated chip platform in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform, the chip ID generated according to the chip secret key, the chip identification logic further to output the chip ID within the issued key request; and
  
  at least one key register to store the chip secret key, wherein the issued key request is authenticated according to the chip ID.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The integrated chip platform of claim 14, wherein the secret key logic further comprises:
    - a first cryptographic block to encrypt a global constant with the secret random number programmed into the integrated chip platform as a key to form the chip secret key.
  - 16. The integrated chip of claim 15, wherein the secret key logic further comprises further comprising:
    - a second cryptographic block to encrypt the chip secret key to generate a random number; and
      
      a modular exponentiation block to compute a modular exponentiation operation according to public key parameters and the generated random number to form a public key of a public/private key pair as a chip identification (ID) of the integrated chip platform.
  - 17. The integrated chip of claim 14, wherein the key request logic further comprises:
    - a modular exponentiation block to compute a modular exponentiation operation according a received public key in response to the issued key request and public key parameters to form a shared secret key as a key encryption key;
      
      a first cryptographic block to decrypt, according to the key encryption key, cipher text received I response to the issued key request to form an application key; and
      
      a second cryptographic block to encrypt the application key to form an encrypted application key according to a chip secret key.
  - 18. The integrated chip platform of claim 15, further comprising:
    - chip identification logic to provide a public key of a public/private key pair as a chip identification (ID) of the integrated chip platform in response to a received chip-ID request if the encrypted application key is not stored within the persistent memory of the integrated chip platform, the received chip-ID request is a first application-specific operation after power-up of the integrated chip platform.

19. A system comprising:
- a flash memory;
  
  a graphics controller coupled to the flash memory including key logic, the key logic including secret key logic to derive a chip secret key from a secret random number programmed into a graphics controller chip prior to integration of the chip within the system, and key request logic to decrypt cipher text, received in response to an issued key request, to access an application key assigned to the integrated chip platform and to store an encrypted application key within the flash memory, the assigned application key encrypted to form the encrypted application key according to the chip secret key, the key logic to output the encrypted application key to enable recovery of the encrypted application key in response to a key reprovisioning request, from the graphics controller chip, that is authenticated according to a chip identification (ID);
  
  chip identification logic to send the chip ID from the integrated chip platform in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform, the chip ID generated according to the chip secret key, the chip identification logic further to output the chip ID within the issued key request; and
  
  at least one key register to the store the chip secret key.
- View Dependent Claims (20, 21)
- - 20. The system of claim 19, wherein the key logic comprises:
    - a manageability engine to provide cryptographic application services.
  - 21. The system of claim 19, further comprising:
    - a display coupled to the graphics controller including a high-bandwidth digital content protection (HDCP) receiver to receive HDCP content from an HDCP transmitter of the graphics controller, the HDCP content encrypted according to the application key as an HDCP key.

22. A method comprising:
- receiving from an integrated chip platform a chip identification (ID) generated in response to a determining that no encrypted application key is present on the integrated chip platform and that sending the chip ID is a first application-specific operation since a power-up of the integrated chip platform;
  
  obtaining an application key from a key generation facility as an assigned application key for the integrated chip platform in response to a key request issued by a manufactured chip of the integrated chip platform, the key request including the chip ID;
  
  directing a manufactured chip of the integrated chip platform to encrypt the assigned application key according to a chip secret key derived from a secret random number programmed into the manufactured chip prior to integration of the manufactured chip within a platform to form the integrated chip platform; and
  
  storing an encrypted application key within persistent memory of the integrated chip platform; and
  
  storing an encrypted application key, indexed by the chip ID, to enable recovery of the encrypted application key in response to a key reprovisioning request, from the manufactured chip, that it is authenticated according to the chip ID.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The method of claim 22, wherein the method, prior to obtaining the application key, further comprises:
    - receiving the manufactured chip programmed with the secret random number;
      
      integrating the manufactured chip into a platform to form the integrated chip platform;
      
      directing the manufactured chip to provide a chip identification (ID) of the integratedchip platform; and
      
      storing the chip ID of the integrated chip platform in to a database.
  - 24. The method of claim 22, wherein storing the encrypted application key further comprising:
    - reading an encrypted application key from the manufactured chip; and
      
      directing the manufactured chip to provide a chip identification (ID) of the integrated chip platform;
      
      storing the chip ID of the integrated chip platform in to a database; and
      
      storing the encrypted application key within the database, indexed by the chip ID.
  - 25. The method of claim 22, wherein the method, prior to obtaining the application key, further comprises:
    - reading, by the manufactured chip, the secret random number from chip fuses of the manufactured chip; and
      
      encrypting, by the manufactured chip, a global constant with the secret random number programmed into the manufactured chip as a key to form the chip secret key.
  - 26. The method of claim 24, wherein directing the manufactured chip to provide the chip ID further comprises:
    - computing, by the manufactured chip, the chip ID using a cryptographic computation with one or more global constants and the secret random number programmed into the manufactured chip as inputs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Graunke, Gary, Vembu, Balaji, Brickell, Ernest, Stevens, William A.
Primary Examiner(s)
LaForgia; Christian
Assistant Examiner(s)
OLION, BRIAN L

Application Number

US11/387,203
Publication Number

US 20070223704A1
Time in Patent Office

1,994 Days
Field of Search

380/281, 380/286
US Class Current

380/286
CPC Class Codes

G09C 1/00   Apparatus or methods whereb...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0841   involving Diffie-Hellman or...

Method and apparatus for authenticated, recoverable key distribution with no database secrets

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

315 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for authenticated, recoverable key distribution with no database secrets

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

315 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links