Verification and protection of genuine software installation using hardware super key
First Claim
Patent Images
1. A controller, comprising:
- an I/O interface configured to enable communication with the controller; and
a management engine including key storage memory, the management engine configured to;
retrieve a user key by applying a user key decryption algorithm to an encrypted user key received from a user application of an apparatus hosting the controller,create a management engine key by applying a management engine key creation algorithm to the user key,encrypt the management engine key by applying a management engine key encryption algorithm to the management engine key,send the encrypted management engine key to a remote server,retrieve a server key by applying a server key decryption algorithm to an encrypted server key received from the remote server,perform a hash combination of the user key, the management engine key, and the server key stored in the key storage memory, to create a super key,perform an authentication of the super key, andsend a management engine certification to the user application in response to the super key being successfully authenticated.
1 Assignment
0 Petitions
Accused Products
Abstract
A device, system, and method are disclosed. In one embodiment the device receives a user key from a user application. The device then creates a management engine key by applying a management engine key creation algorithm to the user key. Then the device sends the management engine key to a remote server. Later, the device retrieves a server key from the remote server. The device next performs a hash combination of the user key, the management engine key, and the server key to create a super key. Once the super key has been created, the device authenticates the super key, and if the super key is valid, the device then sends a management engine certification to the user application.
7 Citations
24 Claims
-
1. A controller, comprising:
-
an I/O interface configured to enable communication with the controller; and a management engine including key storage memory, the management engine configured to; retrieve a user key by applying a user key decryption algorithm to an encrypted user key received from a user application of an apparatus hosting the controller, create a management engine key by applying a management engine key creation algorithm to the user key, encrypt the management engine key by applying a management engine key encryption algorithm to the management engine key, send the encrypted management engine key to a remote server, retrieve a server key by applying a server key decryption algorithm to an encrypted server key received from the remote server, perform a hash combination of the user key, the management engine key, and the server key stored in the key storage memory, to create a super key, perform an authentication of the super key, and send a management engine certification to the user application in response to the super key being successfully authenticated. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system, comprising:
-
a client device having a management engine, and a remote server wherein the management engine is configured to retrieve a user key by applying a user key decryption algorithm to an encrypted user key received from a user application, create a management engine key by applying a management engine key creation algorithm to the user key, encrypt the management engine key by applying a management engine key encryption algorithm to the management engine key, send the encrypted management engine key to a remote server, retrieve a server key by applying a server key decryption algorithm to an encrypted server key received from the remote server, perform a hash combination of the user key, the management engine key, and the server key to create a super key, perform an authentication of the super key, and send a management engine certification to the user application in response to the super key being successfully authenticated; and wherein the remote server is configured to receive the encrypted management engine key from the management engine, retrieve the management engine key by applying a management engine key decryption algorithm to the encrypted management engine key, create a server key by applying a server key creation algorithm to the management engine key, encrypt the server key by applying a server key encryption algorithm to the server key, and send the encrypted server key to the management engine. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method, comprising:
-
retrieving, using a computing device, a user key by applying a user key decryption algorithm to an encrypted user key received from a user application of the complain device; creating, using the computing device, a management engine key by applying a management engine key creation algorithm to the user key; encrypting, using the computing device, the management engine key by applying a management engine key encryption algorithm to the management engine key; sending, using the computing device, the encrypted management engine key to a remote server; retrieving, using the computing device, a server key by applying a server key decryption algorithm to an encrypted server key received from the remote server; performing, using the computing device, a hash combination of the user key, the management engine key, and the server key to create a super key; performing, using the computing device, an authentication of the super key; and sending, using the computing device, a management engine certification to the user application in response to the super key being successfully authenticated. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A controller, comprising:
-
an I/O interface configured to enable communication with the controller; and a management engine including key storage memory, the management engine configured to; receive a user key from a user application of an apparatus hosting the controller, create a management engine key by applying a management engine key creation algorithm to the user key, send the management engine key to a remote server, retrieve a server key from the remote server, perform a hash combination of the user key, the management engine key, and the server key stored in the key storage memory, to create a super key, perform an authentication of the super key, and send a management engine certification to the user application in response to the super key being successfully authenticated. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification