Circuit for secure provisioning in an untrusted environment

US 9,129,536 B2
Filed: 08/31/2012
Issued: 09/08/2015
Est. Priority Date: 08/31/2012
Status: Active Grant

First Claim

Patent Images

1. A first electronic circuit comprising:

first circuitry configured to store a message signing private key that is inaccessible external to the first electronic circuit;

second circuitry configured to store one or more immutable domain parameters;

third circuitry configured to store an immutable trust anchor that is derived from a code signing public key;

private key derivation logic configured to generate the message signing private key using a combination of the trust anchor and the one or more immutable domain parameters;

public key generation logic configured to generate a message signing public key to match the message signing private key;

secure boot logic configured to cause the private key derivation logic to generate the message signing private key, store the message signing private key in the first circuitry, derive a value from the code signing public key, compare the value derived from the code signing public key with the trust anchor stored in the third circuitry, and verify a signature of signed provisioning code using the code signing public key, wherein the signed provisioning code includes provisioning code and the signature;

transfer logic that receives a challenge message from a remote computer system, wherein the remote computer system has a message signing public key that was generated by a second electronic circuit, wherein the message signing public key was generated by the second electronic circuit using a message signing private key that was generated using the trust anchor and the one or more immutable domain parameters, which also are stored in the second electronic circuit, and wherein the message signing private key used by the second electronic circuit is the same as the message signing private key generated by the first electronic circuit; and

message signing logic that prepares, based on the challenge message, a signed response message using the message signing private key, andwherein the transfer logic is further configured to send the signed response message to the remote computer system, and to receive sensitive provisioning information from the remote computer system when the remote computer system is able to verify the signed response message using the message signing public key.

View all claims

22 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of electronic circuits enable security of sensitive data in a design and manufacturing process that includes multiple parties. An embodiment of an electronic circuit can include a private key embedded within the electronic circuit that is derived from a plurality of components including at least one component known only to the electronic circuit and at least one immutable value cryptographically bound into messages and residing on the electronic circuit, public key generation logic that generates a public key to match the private key, and message signing logic that signs messages with the private key.

Citations

13 Claims

1. A first electronic circuit comprising:
- first circuitry configured to store a message signing private key that is inaccessible external to the first electronic circuit;
  
  second circuitry configured to store one or more immutable domain parameters;
  
  third circuitry configured to store an immutable trust anchor that is derived from a code signing public key;
  
  private key derivation logic configured to generate the message signing private key using a combination of the trust anchor and the one or more immutable domain parameters;
  
  public key generation logic configured to generate a message signing public key to match the message signing private key;
  
  secure boot logic configured to cause the private key derivation logic to generate the message signing private key, store the message signing private key in the first circuitry, derive a value from the code signing public key, compare the value derived from the code signing public key with the trust anchor stored in the third circuitry, and verify a signature of signed provisioning code using the code signing public key, wherein the signed provisioning code includes provisioning code and the signature;
  
  transfer logic that receives a challenge message from a remote computer system, wherein the remote computer system has a message signing public key that was generated by a second electronic circuit, wherein the message signing public key was generated by the second electronic circuit using a message signing private key that was generated using the trust anchor and the one or more immutable domain parameters, which also are stored in the second electronic circuit, and wherein the message signing private key used by the second electronic circuit is the same as the message signing private key generated by the first electronic circuit; and
  
  message signing logic that prepares, based on the challenge message, a signed response message using the message signing private key, andwherein the transfer logic is further configured to send the signed response message to the remote computer system, and to receive sensitive provisioning information from the remote computer system when the remote computer system is able to verify the signed response message using the message signing public key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The electronic circuit according to claim 1, further comprising:
    - circuitry configured to store an immutable message tag that the message signing logic incorporates into the signed response message before the message signing logic signs the signed response message.
  - 3. The electronic circuit according to claim 2, further comprising:
    - a message tag register configured to be locked against modification after storing the message tag;
      
      circuitry configured to store one or more immutable message tag components; and
      
      message tag derivation logic configured to derive the message tag from the message tag components and to store the message tag in the message tag register.
  - 4. The electronic circuit according to claim 3, wherein:
    - the message signing logic is configured to cryptographically bind messages to the trust anchor by including the trust anchor as one of the message tag components.
  - 5. The electronic circuit according to claim 3, further comprising:
    - message tag component storage that can be provisioned with message tag components and protected against further modification, including one-time programmable fuses for a unique identifier or serial number, or the trust anchor, where the message tag components can be either common or specific to copies of the first electronic circuit.
  - 6. The electronic circuit according to claim 3, wherein:
    - the message derivation logic is configured to access the message tag components directly.
  - 7. The electronic circuit according to claim 3, wherein:
    - the secure boot logic or other logic of the first electronic circuit is configured to copy the message tag components to the message tag derivation logic.
  - 8. The electronic circuit according to claim 1, further comprising:
    - a private key register configured to store the message signing private key, wherein the private key register is configured to be locked against modification after storing the message signing private key, and the private key register is readable only by the public key generation logic and the message signing logic; and
      
      circuitry configured to store one or more immutable private key components, wherein at least one of the one or more immutable private key components is secret.
  - 9. The electronic circuit according to claim 8, wherein:
    - the message signing logic is configured to cryptographically bind messages to the trust anchor by including the trust anchor as one of the private key components.
  - 10. The electronic circuit according to claim 8, further comprising:
    - circuitry configured to permanently store independent private key components, wherein the independent private key components are selected from a logic secret value embedded within the private key derivation logic or other electronic circuit logic, a read-only memory (ROM) secret value masked in ROM.
  - 11. The electronic circuit according to claim 8, further comprising:
    - private key component storage configured to be provisioned with independent private key components and protected against further modification, wherein the private key component storage includes one-time programmable fuses for a secret value or the trust anchor, and wherein the first electronic circuit, once provisioned with the private key components are either common to or specific to copies of the first electronic circuit.
  - 12. The electronic according to claim 8, wherein:
    - the private key derivation logic is further configured to access the private key components directly.
  - 13. The electronic circuit according to claim 8, wherein:
    - the secure boot logic or other logic of the first electronic circuit is configured to copy the private key components to the private key derivation logic; and
      
      the private key derivation logic is configured to prevent further access to the private key components.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP USA, Inc. (NXP Semiconductors NV)
Original Assignee
Freescale Semiconductor, Inc. (NXP Semiconductors NV)
Inventors
Case, Lawrence L., Covey, Carlin R., Hartley, David H., Ziolkowski, Rodney D., Tkacik, Thomas E.
Primary Examiner(s)
Pyzocha, Michael
Assistant Examiner(s)
Branske, Hilary

Application Number

US13/601,993
Publication Number

US 20140068246A1
Time in Patent Office

1,103 Days
Field of Search

713155-157, 713/164, 713/168, 713172-173, 713/176, 713/180, 713/187, 713/191, 713193-194
US Class Current

1/1
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G09C 1/00   Apparatus or methods whereb...

H04L 2209/12   Details relating to cryptog...

H04L 9/0866   involving user or device id...

H04L 9/3247   involving digital signatures

Circuit for secure provisioning in an untrusted environment

First Claim

22 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Circuit for secure provisioning in an untrusted environment

First Claim

22 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links