Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information
First Claim
1. A method comprising:
- authenticating a digital signature of a hardware device according to a public key of an issuer of a platform family that includes the hardware device, wherein a private signature key used by the hardware device to sign a received message is jointly computed by the hardware device and the issuer during a setup procedure with the issuer, but is unknown to the issuer;
establishing a secure session with the authenticated hardware device according to a session key formed from a key exchange using the received message; and
using the same public key of the issuer to authenticate multiple hardware devices, the hardware devices to compute different private signature keys, without disclosing any unique identification information of any authenticated hardware devices,wherein the different private signature keys are jointly computed by the hardware device and the issuer during respective setup procedures with the issuer, but are unknown to the issuer.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for establishing a secure session with a device without exposing privacy-sensitive information are described. In one embodiment, the method includes the authentication of a digitally signed message received from a hardware device. In one embodiment, a digital signature, created by a private signature key of the hardware device, is authenticated according to a public key of an issuer without disclosure of an identity of the hardware device. The digital signature is a signature of an ephemeral DH public key, which the verifier is now assured comes from a trusted device. An encrypted and authenticated session (“secure session”) is established with the authenticated hardware device according to a key exchange using this signed ephemeral DH public key. Other embodiments are described and claimed.
-
Citations
39 Claims
-
1. A method comprising:
-
authenticating a digital signature of a hardware device according to a public key of an issuer of a platform family that includes the hardware device, wherein a private signature key used by the hardware device to sign a received message is jointly computed by the hardware device and the issuer during a setup procedure with the issuer, but is unknown to the issuer; establishing a secure session with the authenticated hardware device according to a session key formed from a key exchange using the received message; and using the same public key of the issuer to authenticate multiple hardware devices, the hardware devices to compute different private signature keys, without disclosing any unique identification information of any authenticated hardware devices, wherein the different private signature keys are jointly computed by the hardware device and the issuer during respective setup procedures with the issuer, but are unknown to the issuer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
transmitting a message to a verifier in response to an authentication request, the message signed by a hardware device using a private signature key; authenticating, by the verifier, a digital signature of the hardware device according to a public key of an issuer of a platform family that includes the hardware device, wherein the private signature key used by the hardware device to sign the message is jointly generated by the hardware device and the issuer during a setup procedure with the issuer, but is unknown to the issuer, and the hardware device is authenticated, without disclosing any unique identification information of the hardware device; and establishing a secure session with the verifier according to a session key formed from a key exchange using a message received from the verifier. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. An apparatus, comprising:
-
a flash memory to store cryptographic information received from a certifying manufacturer of a platform family that includes the apparatus, wherein the cryptographic information is used to jointly compute a private signature key by the hardware device and the certifying manufacturer during a setup procedure with the certifying manufacturer, but is unknown to the certifying manufacturer; and a trusted platform module to transmit a message, signed using the private signature key, to a verifier in response to an authentication request, the trusted platform module to establish a secure session with the verifier according to a session key, the session key formed from a key exchange using a message received from the verifier, without disclosing any unique identification information of the apparatus. - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. A system comprising:
-
a processor to execute a trusted software module to issue a one-way authentication key exchange request to the hardware device; a chipset coupled to the processor; and a hardware device coupled to the chipset, the hardware device including a trusted platform module, the trusted platform module to transmit a signed message to the trusted software module in response to a one-way authentication request from the trusted software module and to establish a secure session with the trusted software module according to a session key formed from a key exchange using a message received from the trusted software module without disclosing any unique identification information of the hardware device, wherein the trusted software module to authenticate a digital signature of a hardware device according to a public key of an issuer of a platform family that includes the hardware device, wherein a private signature key used by the hardware device to sign the message is jointly computed by the hardware device and the issuer during a setup procedure with the issuer, but is unknown to the issuer. - View Dependent Claims (27, 28, 29)
-
-
30. A non-transitory computer-readable storage medium having stored thereon instructions which may be used to program a system to perform a method, comprising:
-
authenticating a digital signature of a hardware device according to a public key of an issuer of a platform family that includes the hardware device, wherein a private signature key used by the hardware device to sign a received message is jointly computed by the hardware device and the issuer during a setup procedure with the issuer, but is unknown to the issuer; establishing a secure session with the authenticated hardware device according to a session key formed from a key exchange using the received message; and using the same public key of the issuer to authenticate multiple hardware devices that use different private signature keys without disclosing any unique identification information of any authenticated hardware devices, wherein the different private signature keys are jointly computed by the hardware device and the issuer during respective setup procedures with the issuer, but are unknown to the issuer. - View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39)
-
Specification