Secure provisioning in an untrusted environment

US 9,094,205 B2
Filed: 08/31/2012
Issued: 07/28/2015
Est. Priority Date: 08/31/2012
Status: Active Grant

First Claim

Patent Images

1. A method of provisioning a first electronic circuit comprising:

storing, within the electronic circuit, a message signing private key that is inaccessible external to the first electronic circuit;

storing, within the electronic circuit one or more immutable domain parameters;

storing, within the electronic circuit, an immutable trust anchor that is derived from a code signing public key;

generating, by private key derivation logic of the first electronic circuit, the message signing private key using a combination of the trust anchor and the one or more immutable domain parameters;

storing the message signing private key in a first circuitry;

generating, by public key generation logic of the first electronic circuit, a message signing public key to match the message signing private key;

deriving a value from the code signing public key;

comparing the value derived from the code signing public key with the trust anchor stored in the first circuitry;

verifying a signature of signed provisioning code using the code signing public key, wherein the signed provisioning code includes provisioning code and the signature;

receiving a challenge message from a remote computer system, wherein the remote computer system has a message signing public key that was generated by a second electronic circuit, wherein the message signing public key was generated by the second electronic circuit using a message signing private key that was generated using the trust anchor and the one or more immutable domain parameters, which also are stored in the second electronic circuit, and wherein the message signing private key used by the second electronic circuit is the same as the message signing private key generated by the first electronic circuit;

preparing, by message signing logic of the first electronic circuit, a signed response message using the message signing private key;

sending the signed response message to the remote computer system; and

receiving sensitive provisioning information from the remote computer system when the remote computer system is able to verify the signed response message using the message signing public key.

View all claims

23 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of methods of provisioning an electronic circuit enable security of sensitive data in a design and manufacturing process that includes multiple parties. In an illustrative embodiment, a method of provisioning an electronic circuit includes generating at least one secret value, embedding the at least one secret value into the electronic circuit, programming into the electronic circuit a private key derivation function that derives the private key from the at least one secret value and a trust anchor, and programming into the electronic circuit a public key generation function that generates a public key matching the private key. The method can further include receiving for execution trust anchor-authenticated logic that contacts a predetermined actor of the plurality of distinct actors and communicates to the predetermined actor a message signed with the private key.

Citations

14 Claims

1. A method of provisioning a first electronic circuit comprising:
- storing, within the electronic circuit, a message signing private key that is inaccessible external to the first electronic circuit;
  
  storing, within the electronic circuit one or more immutable domain parameters;
  
  storing, within the electronic circuit, an immutable trust anchor that is derived from a code signing public key;
  
  generating, by private key derivation logic of the first electronic circuit, the message signing private key using a combination of the trust anchor and the one or more immutable domain parameters;
  
  storing the message signing private key in a first circuitry;
  
  generating, by public key generation logic of the first electronic circuit, a message signing public key to match the message signing private key;
  
  deriving a value from the code signing public key;
  
  comparing the value derived from the code signing public key with the trust anchor stored in the first circuitry;
  
  verifying a signature of signed provisioning code using the code signing public key, wherein the signed provisioning code includes provisioning code and the signature;
  
  receiving a challenge message from a remote computer system, wherein the remote computer system has a message signing public key that was generated by a second electronic circuit, wherein the message signing public key was generated by the second electronic circuit using a message signing private key that was generated using the trust anchor and the one or more immutable domain parameters, which also are stored in the second electronic circuit, and wherein the message signing private key used by the second electronic circuit is the same as the message signing private key generated by the first electronic circuit;
  
  preparing, by message signing logic of the first electronic circuit, a signed response message using the message signing private key;
  
  sending the signed response message to the remote computer system; and
  
  receiving sensitive provisioning information from the remote computer system when the remote computer system is able to verify the signed response message using the message signing public key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method according to claim 1, further comprising:
    - preventing use, by a secure boot logic, of the message signing logic unless software authentication is successful and the authenticated software contains a correct capability token.
  - 3. The method according to claim 1, further comprising:
    - storing, within the electronic circuit, an immutable message tag concatenated with all messages prior to signing by the message signing logic.
  - 4. The method according to claim 3, further comprising:
    - storing, within the electronic circuit, one or more immutable message tag components;
      
      deriving, by message tag derivation logic of the electronic circuit, a message tag from the message tag components;
      
      storing the message tag in a message tag register of the first electronic circuit; and
      
      locking the message tag register against modification after storing the message tag.
  - 5. The method according to claim 4, further comprising:
    - cryptographically binding, by the message signing logic, messages to the trust anchor by including the trust anchor as one of the message tag components.
  - 6. The method according to claim 4, further comprising:
    - provisioning message tag component storage of the first electronic circuit with message tag components; and
      
      protecting the message tag component storage against further modification using one-time programmable fuses for a unique identifier or serial number, or the trust anchor, where the message tag components can be either common or specific to copies of the electronic circuit.
  - 7. The method according to claim 4, further comprising:
    - accessing, by the message derivation logic, the message tag components directly.
  - 8. The method according to claim 4, further comprising:
    - copying the message tag components to the message tag derivation logic.
  - 9. The method according to claim 1, further comprising:
    - storing the message signing private key in a private key register of the first electronic circuit; and
      
      locking the private key register against modification after storing the message signing private key, wherein the private key register is readable only by the public key generation logic and the message signing logic.
  - 10. The method according to claim 9, further comprising:
    - cryptographically binding messages to the trust anchor, by the message signing logic, using the trust anchor.
  - 11. The method according to claim 9, further comprising:
    - permanently storing, within the electronic circuit, independent private key components, wherein the independent private key components are selected from a logic secret value embedded within the private key derivation logic or other electronic circuit logic, a read-only memory (ROM) secret value masked in ROM.
  - 12. The method according to claim 9, further comprising:
    - provisioning private key component storage of the first electronic circuit with independent private key components and protected against further modification, wherein the private key component storage includes one-time programmable fuses for a secret value or the trust anchor, and wherein the first electronic circuit, once provisioned with the private key components are either common to or specific to copies of the first electronic circuit.
  - 13. The method according to claim 9, further comprising:
    - accessing, by the private key derivation logic, the private key components directly.
  - 14. The method according to claim 9, further comprising:
    - copying the private key components to the private key derivation logic; and
      
      preventing, by the private key derivation logic, further access to the private key components.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Original Assignee
Freescale Semiconductor, Inc. (NXP Semiconductors NV)
Inventors
Hartley, David H., Tkacik, Thomas E., Covey, Carlin R., Case, Lawrence L., Ziolkowski, Rodney D.
Primary Examiner(s)
Jeudy, Josnel

Application Number

US13/601,987
Publication Number

US 20140064480A1
Time in Patent Office

1,061 Days
Field of Search

713/159, 713182-186, 713168-172, 713/194, 380 44- 47
US Class Current

1/1
CPC Class Codes

H04L 9/0866   involving user or device id...

H04L 9/0877   using additional device, e....

H04L 9/0897   involving additional device...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

Secure provisioning in an untrusted environment

First Claim

23 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Secure provisioning in an untrusted environment

First Claim

23 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links