Establishing a unique session key using a hardware functionality scan
First Claim
Patent Images
1. One or more computer storage devices having instructions stored thereon that, when executed by a computing device, cause the computing device to perform acts comprising:
- in a first instance;
sending a query to a hardware device, the hardware device being one of a plurality of devices associated with a manufacturing model having a common processing signature;
determining an expected result of the query, the expected result reflecting the common processing signature associated with the manufacturing model of the hardware device;
creating, on a processing unit of the computing device, a first session key based on the expected result of the query; and
using the first session key to encrypt or decrypt at least one communication with the hardware device,wherein the hardware device creates a second session key based on the query by passing an actual result of the query through a function to create the second session key, the second session key being usable to encrypt or decrypt the at least one communication, andwherein creating the first session key includes passing the expected result of the query through the function used by the hardware device to create the second session key; and
in a second instance;
performing the sending, the determining, and the creating again with a different query to obtain a different expected result and a different session key, andusing the different session key to encrypt or decrypt at least one other communication with the hardware device.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for independently generating a unique private session key at one or more hardware devices within a computing system using a subset of the functionality implemented in a hardware functionality scan combined with the use of a one-way mathematical function.
823 Citations
20 Claims
-
1. One or more computer storage devices having instructions stored thereon that, when executed by a computing device, cause the computing device to perform acts comprising:
-
in a first instance; sending a query to a hardware device, the hardware device being one of a plurality of devices associated with a manufacturing model having a common processing signature; determining an expected result of the query, the expected result reflecting the common processing signature associated with the manufacturing model of the hardware device; creating, on a processing unit of the computing device, a first session key based on the expected result of the query; and using the first session key to encrypt or decrypt at least one communication with the hardware device, wherein the hardware device creates a second session key based on the query by passing an actual result of the query through a function to create the second session key, the second session key being usable to encrypt or decrypt the at least one communication, and wherein creating the first session key includes passing the expected result of the query through the function used by the hardware device to create the second session key; and in a second instance; performing the sending, the determining, and the creating again with a different query to obtain a different expected result and a different session key, and using the different session key to encrypt or decrypt at least one other communication with the hardware device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system, comprising:
-
a processing unit; a hardware device configured to perform graphical rendering or audio decoding of data, wherein the graphical rendering or the audio decoding comprises characteristics particular to the hardware device; and a hardware device driver configured to execute on the processing unit to provide access to the hardware device, the hardware device being coupled to the processing unit via a bus, the hardware device driver further configured to; provide a query to the hardware device; determine an expected result of the query, the expected result having characteristics that are expected to be consistent with the characteristics particular to the hardware device; and execute a first one way function to generate a first session key based on the expected result of the query; the hardware device being further configured to; receive the query; generate an actual result of the query, the actual result having the characteristics particular to the hardware device; and pass the actual result to a second one way function to generate a second session key, wherein the first session key and the second session key are usable together to encrypt or decrypt the data, provided the characteristics of the expected result determined by the hardware device driver are consistent with the characteristics of the actual result generated by the hardware device. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A method comprising:
-
sending a query to a hardware device, the hardware device being configured to perform processing for digital to analog conversion of data, the processing having characteristics particular to the hardware device; identifying a known result of the query, the known result being consistent with the processing characteristics particular to the hardware device; creating a first session key based on the known result of the query; and using the first session key to encrypt or decrypt at least one communication with the hardware device, wherein the hardware device creates a second session key based on the query by passing the second session key through a one-way function to obtain the second session key, the second session key being usable to encrypt or decrypt the at least one communication, and wherein creating the first session key includes passing the known result of the query through the one-way function used by the hardware device to create the second session key. - View Dependent Claims (20)
-
Specification