Systems and methods for secure provisioning of production electronic circuits
First Claim
1. A circuit configuration and product provisioning method performed by a first entity, a second entity, and a third entity, the method comprising:
- embedding, by the first entity, one or more secret values in first and second electronic circuits, wherein each of the first and second electronic circuits includes key derivation logic and secure boot code;
generating, by the second entity, a code signing public key, a code signing private key, and a trust anchor;
embedding, by the second entity, the trust anchor in the first electronic circuit;
activating, by the second entity, the secure boot code, wherein the secure boot code causes the key derivation logic of the first electronic circuit to generate a secret key using a combination of the trust anchor and the one or more embedded secret values, and stores the secret key in the first electronic circuit;
signing, by the second entity, provisioning code using the code signing private key, resulting in signed provisioning code that includes the provisioning code and a provisioning code signature;
sending, by the second entity, the code signing public key, the trust anchor, and the signed provisioning code to the third entity;
embedding, by the third entity, the trust anchor in the second electronic circuit;
activating, by the third entity, the secure boot code in the second electronic circuit, wherein the secure boot code causes the key derivation logic of the second electronic circuit to generate the secret key using the combination of the trust anchor and the one or more embedded secret values, stores the secret key in the second electronic circuit, verifies the provisioning code signature of the signed provisioning code using the code signing public key, and when the provisioning code signature is verified, launches the provisioning code on the second electronic circuit;
preparing, by the provisioning code on the second electronic circuit, a first signed message that includes a first message that has been signed using the secret key stored in the second electronic circuit, and a first message signature;
sending, by the second electronic circuit, at least the first message signature to the second entity;
verifying the first signed message by the second entity using the first message signature and the first electronic circuit;
receiving, by the second electronic circuit over a channel between the second entity and the second electronic circuit, sensitive provisioning information from the second entity; and
storing the sensitive provisioning information on the second electronic circuit.
10 Assignments
0 Petitions
Accused Products
Abstract
To securely configure an electronic circuit and provision a product that includes the electronic circuit, a first entity (e.g., a chip manufacturer) embeds one or more secret values into copies of the circuit. A second entity (e.g., an OEM): 1) derives a trust anchor from a code signing public key; 2) embeds the trust anchor in a first circuit copy; 3) causes the first circuit copy to generate a secret key derived from the trust anchor and the embedded secret value(s); 4) signs provisioning code using a code signing private key; and 5) sends the code signing public key, the trust anchor, and the signed provisioning code to a third entity (e.g., a product manufacturer). The third entity embeds the trust anchor in a second circuit copy and causes it to: 1) generate the secret key; 2) verify the signature of the signed provisioning code using the code signing public key; and 3) launch the provisioning code. The OEM can authenticate the second circuit copy using the first circuit copy and a challenge/response protocol.
-
Citations
22 Claims
-
1. A circuit configuration and product provisioning method performed by a first entity, a second entity, and a third entity, the method comprising:
-
embedding, by the first entity, one or more secret values in first and second electronic circuits, wherein each of the first and second electronic circuits includes key derivation logic and secure boot code; generating, by the second entity, a code signing public key, a code signing private key, and a trust anchor; embedding, by the second entity, the trust anchor in the first electronic circuit; activating, by the second entity, the secure boot code, wherein the secure boot code causes the key derivation logic of the first electronic circuit to generate a secret key using a combination of the trust anchor and the one or more embedded secret values, and stores the secret key in the first electronic circuit; signing, by the second entity, provisioning code using the code signing private key, resulting in signed provisioning code that includes the provisioning code and a provisioning code signature; sending, by the second entity, the code signing public key, the trust anchor, and the signed provisioning code to the third entity; embedding, by the third entity, the trust anchor in the second electronic circuit; activating, by the third entity, the secure boot code in the second electronic circuit, wherein the secure boot code causes the key derivation logic of the second electronic circuit to generate the secret key using the combination of the trust anchor and the one or more embedded secret values, stores the secret key in the second electronic circuit, verifies the provisioning code signature of the signed provisioning code using the code signing public key, and when the provisioning code signature is verified, launches the provisioning code on the second electronic circuit; preparing, by the provisioning code on the second electronic circuit, a first signed message that includes a first message that has been signed using the secret key stored in the second electronic circuit, and a first message signature; sending, by the second electronic circuit, at least the first message signature to the second entity; verifying the first signed message by the second entity using the first message signature and the first electronic circuit; receiving, by the second electronic circuit over a channel between the second entity and the second electronic circuit, sensitive provisioning information from the second entity; and storing the sensitive provisioning information on the second electronic circuit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method performed by a first entity, the method comprising the steps of:
-
generating a code signing public key and a code signing private key; generating a trust anchor based on the code signing public key; signing provisioning code using the code signing private key, resulting in signed provisioning code that includes the provisioning code and a provisioning code signature; sending the code signing public key, the trust anchor, and the signed provisioning code to a second entity; embedding the trust anchor in a first electronic circuit, wherein the first electronic circuit includes key derivation logic, secure boot code, and one or more embedded secret values; activating the secure boot code, wherein the secure boot code causes the key derivation logic to generate a secret key using a combination of the trust anchor and the one or more embedded secret values, and to store the secret key in the first electronic circuit; receiving, from a second electronic circuit that is distinct from the first electronic circuit and within which the trust anchor and the one or more embedded secret values have been embedded by the second entity, a first signed message when the second electronic circuit successfully verifies the provisioning code signature using the code signing public key, wherein the first signed message includes a first message and a first message signature, wherein the first message has been signed using a secret key stored in the second electronic circuit, and wherein the secret key stored in the second electronic circuit was generated by the second electronic circuit using a combination of the trust anchor and the one or more embedded secret values embedded in the second electronic circuit; verifying the first signed message using the first electronic circuit; and when the first signed message is verified, sending sensitive provisioning information to the second electronic circuit. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method performed by a first entity, a first electronic circuit associated with the first entity, and a first computer system associated with the first entity, the method comprising the steps of:
-
receiving, from a second entity that has a second electronic circuit that is distinct from the first electronic circuit, a code signing public key, a trust anchor, and signed provisioning code that includes provisioning code and a signature; embedding the trust anchor in the first electronic circuit, which includes key derivation logic, secure boot code, and one or more embedded secret values; and activating the secure boot code in the first electronic circuit, wherein the secure boot code causes key derivation logic of the first electronic circuit to generate a secret key using a combination of the trust anchor and the one or more embedded secret values, stores the secret key in the first electronic circuit, verifies a provisioning code signature of the signed provisioning code using the code signing public key, and when the provisioning code signature is verified, launches the provisioning code on the first electronic circuit; preparing, by the provisioning code, a first signed message that includes a first message and a first message signature, wherein the first message was signed using the secret key stored on the first electronic circuit; sending at least the first message signature to the second electronic circuit of the second entity; receiving sensitive provisioning information from the second entity when the second entity has verified the first signed message using the second electronic circuit; and storing the sensitive provisioning information on the first electronic circuit. - View Dependent Claims (17, 18, 19, 20)
-
-
21. An electronic circuit comprising:
-
one or more embedded secret values, wherein the one or more secret values embedded in said electronic circuit comprises one or more secret values selected from a value embedded in logic gates of said electronic circuit, a value burned into a set of fuses of said electronic circuit, and a value embedded in masked read only memory (ROM) of said electronic circuit; an embedded trust anchor; key derivation logic configured by secure boot code in said electronic circuit to generate a secret key using a combination of the trust anchor and the one or more embedded secret values; message signing logic configured to prepare a first signed message that includes a first message and a first message signature, wherein the first message has been signed using the secret key; and verification logic configured to receive at least a second message signature of a second signed message generated by a second electronic circuit of an external entity which is external to said electronic circuit, to perform a comparison between the first message signature and the second message signature, and when the first and second message signatures match comparison is favorable, to indicate to the external entity that the second signed message is verified, wherein the one or more embedded secret values and the trust anchor also are embedded in the second electronic circuit, and are used by the second electronic circuit to generate the secret key and to prepare the second message signature so that the second message signature will match the first message signature. - View Dependent Claims (22)
-
Specification