Generating secure device secret key

US 9,165,148 B2
Filed: 12/02/2013
Issued: 10/20/2015
Est. Priority Date: 06/24/2011
Status: Active Grant

First Claim

Patent Images

1. A method in a device for providing secret information, comprising:

receiving, at the device, a request for secret information from a requesting device;

determining whether the requesting device has previously received the requested secret information;

in response to determining that the requesting device has not previously received the requested secret information;

encrypting, in the device, the secret information, andtransmitting the encrypted secret information to the requesting device; and

in response to determining that the requesting device has previously received the secret information, initiating a reset of the device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, devices, systems and computer program products are provided to facilitate cryptographically secure retrieval of secret information that is embedded in a device. The embedded secret information can include a random number that is not custom-designed for any specific requestor of the secret information. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded secret information by only the requestor. Moreover, a need for maintenance of a database of the embedded secret information and the associated requestors is eliminated.

21 Citations

19 Claims

1. A method in a device for providing secret information, comprising:
- receiving, at the device, a request for secret information from a requesting device;
  
  determining whether the requesting device has previously received the requested secret information;
  
  in response to determining that the requesting device has not previously received the requested secret information;
  
  encrypting, in the device, the secret information, andtransmitting the encrypted secret information to the requesting device; and
  
  in response to determining that the requesting device has previously received the secret information, initiating a reset of the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the request for secret information from the requesting device includes an identifier associated with the requesting device.
  - 3. The method of claim 2, further comprising:
    - deriving the secret information using the identifier associated with the requesting device andan embedded secret for the device.
  - 4. The method of claim 1, further comprising:
    - authenticating the requesting device prior to transmitting the encrypted secret information.
  - 5. The method of claim 3, further comprising:
    - receiving a usage flag from the requesting device.
  - 6. The method of claim 5, wherein deriving the secret information further comprises deriving the secret information using the identifier associated with the requesting device, the embedded secret for the device, and the usage flag.
  - 7. The method of claim 1, wherein the secret information is an embedded random number.
  - 8. The method of claim 7, further comprising:
    - receiving the secret information at the device during manufacture; and
      
      embedding the secret information in the device.
  - 9. The method of claim 7, further comprising:
    - generating the secret information at the device; and
      
      embedding the secret information in the device.

10. A computer readable storage device storing instructions executable by one or more processors which, upon such execution, cause the one or more processors to perform operations comprising:
- receiving a request for secret information from a first requesting device;
  
  determining whether the first requesting device has previously received the requested secret information;
  
  in response to determining the requesting device has not previously received the requested secret information;
  
  encrypting the secret information, andtransmitting the encrypted secret information to the requesting device; and
  
  in response to determining that the requesting device has previously received the secret information, initiating a reset of the device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer readable storage device of claim 10, wherein the request for secret information from the requesting device includes an identifier associated with the requesting device.
  - 12. The computer readable storage device of claim 10, wherein the operations further comprise:
    - deriving the secret information using the identifier associated with the requesting device and an embedded secret for the device.
  - 13. The computer readable storage device of claim 10, wherein the operations further comprise:
    - authenticating the requesting device prior to transmitting the encrypted secret information.
  - 14. The computer readable storage device of claim 12, wherein the operations further comprise:
    - receiving a usage flag from the requesting device.
  - 15. The computer readable storage device of claim 14, wherein the deriving further comprises deriving the secret information using the identifier associated with the requesting device, the embedded secret for the device, and the usage flag.
  - 16. The computer readable storage device of claim 10, wherein the secret information is an embedded random number.
  - 17. The computer readable storage device of claim 16, wherein the operations further comprise:
    - receiving the secret information during manufacture; and
      
      embedding the secret information.
  - 18. The computer readable storage device of claim 16, wherein the operations further comprise:
    - generating the secret information; and
      
      embedding the secret information.

19. A device for securely exporting secret information to a requesting device, the device comprising:
- a memory configured to store the secret information; and
  
  a processor coupled to the memory, wherein the processor is configured to;
  
  receive a request for the secret information from the requesting device,determine whether the requesting device has previously received the secret information,in response to determining the requesting device has not previously received the secret information;
  
  encrypt the secret information, andtransmit the encrypted secret information to the requesting device, andin response to determining that the requesting device has previously received the secret information, initiate a reset of the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Dellow, Andrew
Primary Examiner(s)
Lim, Krisna

Application Number

US14/094,640
Publication Number

US 20140090078A1
Time in Patent Office

687 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/604   Tools and structures for ma...

G06F 21/606   by securing the transmissio...

G06F 21/73   by creating or determining ...

H04L 9/0825   using asymmetric-key encryp...

Generating secure device secret key

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Generating secure device secret key

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links