Keying infrastructure

US 9,633,210 B2
Filed: 03/31/2014
Issued: 04/25/2017
Est. Priority Date: 09/13/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

setting, by a computing device, an initial application key in a sequence of application keys;

deriving a first application key for the sequence of application keys with a first key derivation function, the first application key being derived based at least in part on the initial application key and based at least in part on a first hash of a first component;

determining that a second component is loaded or executed;

based at least on the second component being loaded or executed;

deriving a second application key for the sequence of application keys with a second key derivation function, the second application key being derived based at least in part on the first application key that directly precedes the second application key in the sequence of application keys and based at least in part on a second hash of the second component; and

deleting the first application key based at least on deriving the second application key;

utilizing, by the computing device, the second application key that remains in the sequence of application keys, after deleting the first application key, to derive an image operation key; and

utilizing the image operation key to at least one of verify an application state of the computing device or encrypt data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A keying infrastructure may generate and/or manage cryptographic keys. The cryptographic keys may include identity keys, encryption keys, and a variety of other types of keys. The cryptographic keys may be derived or created with a key derivation function (KDF) or other one-way function. The cryptographic keys may include keys that are accessible to a boot loader, keys that are accessible to particular components of a Trusted Execution Environment (TrEE), and so on. In some examples, a key may be derived from a preceding key in a sequence of keys. The preceding key may be deleted when the key is derived.

50 Citations

View as Search Results

19 Claims

1. A method comprising:
- setting, by a computing device, an initial application key in a sequence of application keys;
  
  deriving a first application key for the sequence of application keys with a first key derivation function, the first application key being derived based at least in part on the initial application key and based at least in part on a first hash of a first component;
  
  determining that a second component is loaded or executed;
  
  based at least on the second component being loaded or executed;
  
  deriving a second application key for the sequence of application keys with a second key derivation function, the second application key being derived based at least in part on the first application key that directly precedes the second application key in the sequence of application keys and based at least in part on a second hash of the second component; and
  
  deleting the first application key based at least on deriving the second application key;
  
  utilizing, by the computing device, the second application key that remains in the sequence of application keys, after deleting the first application key, to derive an image operation key; and
  
  utilizing the image operation key to at least one of verify an application state of the computing device or encrypt data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein an individual application key in the sequence of application keys comprises an encryption key utilized for data encryption.
  - 3. The method of claim 1, wherein an individual application key in the sequence of application keys comprises an identity key utilized to verify the application state of the computing device.
  - 4. The method of claim 1, further comprising:
    - obtaining a root identity key from at least one of multiple fuses of the computing device or a third key derivation function; and
      
      deriving a platform identity key with the third key derivation function, the platform identity key being derived based at least in part on the root identity key and a platform identifier for a platform that is implemented on the computing device;
      
      wherein the setting comprises setting the initial application key in the sequence of application keys to the platform identity key.
  - 5. The method of claim 1, wherein the image operation key is derived with a third key derivation function based at least in part on the second application key that remains in the sequence of application keys after deleting the first application key and a hash of an image of a Trusted Execution Environment (TrEE).
  - 6. The method of claim 5, wherein the second component comprises a TrEE application and the image operation key is utilized to verify the application state of the computing device by:
    - sending, to a service provider, a device identifier of the computing device and a log of applications that have been loaded;
      
      receiving a challenge from the service provider to verify the application state of the computing device;
      
      deriving an application identity operation key for the TrEE application, the application identity operation key being derived based at least in part on the image operation key and a hash of the TrEE application;
      
      generating a response to the challenge based at least in part on the application identity operation key; and
      
      sending the response to the service provider to verify the application state of the computing device.
  - 7. The method of claim 1, wherein the second component is loaded or executed directly after the first component is loaded or executed during a boot process of the computing device.

8. A system comprising:
- a processor; and
  
  a computer-readable storage medium having computer-executable instructions stored thereupon that, when executed by the processor, cause a computer to;
  
  set an initial application key in a sequence of application keys;
  
  deriving a first application key for the sequence of application keys with a first key derivation function, the first application key being derived based at least in part on the initial application key and based at least in part on a first hash of a first component;
  
  determine that a second component is loaded or executed;
  
  based at least on the second component being loaded or executed;
  
  derive a second application key for the sequence of application keys with a second key derivation function, the second application key being derived based at least in part on the first application key that directly precedes the second application key in the sequence of application keys and based at least in part on a hash of the second component; and
  
  delete the first application key based at least on deriving the second application key;
  
  utilize the second application key that remains in the sequence of application keys after deleting the first application key to derive an image operation key; and
  
  utilize the image operation key to at least one of verify an application state of the computer or encrypt data.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, wherein an individual application key in the sequence of application keys comprises an encryption key utilized for data encryption.
  - 10. The system of claim 8, wherein an individual application key in the sequence of application keys comprises an identity key utilized to verify the application state of the computer.
  - 11. The system of claim 8, wherein the computer-readable storage medium has further instructions stored thereupon that cause the computer to:
    - obtain a root identity key from at least one of multiple fuses of the computer or a third key derivation function; and
      
      derive a platform identity key with the third key derivation function, the platform identity key being derived based at least in part on the root identity key and a platform identifier for a platform that is implemented on the computer;
      
      wherein the setting comprises setting the initial application key in the sequence of application keys to the platform identity key.
  - 12. The system of claim 8, wherein the image operation key is derived with a third key derivation function based at least in part on the second application key that remains in the sequence of application keys after deleting the first application key and a hash of an image of a Trusted Execution Environment (TrEE).
  - 13. The system of claim 12, wherein the second component comprises a TrEE application and the image operation key is utilized to verify the application state of the computer by:
    - sending, to a service provider, a device identifier of the computer and a log of applications that have been loaded;
      
      receiving a challenge from the service provider to verify the application state of the computer;
      
      deriving an application identity operation key for the TrEE application, the application identity operation key being derived based at least in part on the image operation key and a hash of the TrEE application;
      
      generating a response to the challenge based at least in part on the application identity operation key; and
      
      sending the response to the service provider to verify the application state of the computer.

14. An apparatus comprising:
- a processor; and
  
  a computer-readable storage medium having computer-executable instructions stored thereupon that, when executed by the processor, cause the apparatus to perform operations comprising;
  
  setting an initial application key in a sequence of application keys;
  
  deriving a first application key for the sequence of application keys with a first key derivation function, the first application key being derived based at least in part on the initial application key and based at least in part on a first hash of a first component;
  
  determining that a second component is loaded or executed;
  
  based at least on the second component being loaded or executed;
  
  deriving a second application key for the sequence of application keys with a second key derivation function, the second application key being derived based at least in part on the first application key that directly precedes the second application key in the sequence of application keys and based at least in part on a hash of the second component; and
  
  deleting the first application key based at least on deriving the second application key;
  
  utilizing the second application key that remains in the sequence of application keys, after deleting the first application key, to derive an image operation key; and
  
  utilizing the image operation key to at least one of verify an application state of the apparatus or encrypt data.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The apparatus of claim 14, wherein an individual application key in the sequence of application keys comprises an encryption key utilized for data encryption.
  - 16. The apparatus of claim 14, wherein an individual application key in the sequence of application keys comprises an identity key utilized to verify the application state of the apparatus.
  - 17. The apparatus of claim 14, wherein the operations further comprise:
    - obtaining a root identity key from at least one of multiple fuses of the apparatus or a third key derivation function; and
      
      deriving a platform identity key with the third key derivation function, the platform identity key being derived based at least in part on the root identity key and a platform identifier for a platform that is implemented on the apparatus;
      
      wherein the setting comprises setting the initial application key in the sequence of application keys to the platform identity key.
  - 18. The apparatus of claim 14, wherein the image operation key is derived with a third key derivation function based at least in part on the second application key that remains in the sequence of application keys after deleting the first application key and a hash of an image of a Trusted Execution Environment (TrEE).
  - 19. The apparatus of claim 18, wherein the second component comprises a TrEE application and the image operation key is utilized to verify the application state of the apparatus by:
    - sending, to a service provider, a device identifier of the apparatus and a log of applications that have been loaded;
      
      receiving a challenge from the service provider to verify the application state of the apparatus;
      
      deriving an application identity operation key for TrEE application, the application identity operation key being derived based at least in part on the image operation key and a hash of the TrEE application;
      
      generating a response to the challenge based at least in part on the application identity operation key; and
      
      sending the response to the service provider to verify the application state of the apparatus.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Ferguson, Niels T., Nystrom, Magnus Bo Gustaf, McPherson, Dave M., England, Paul, Novak, Mark Fishel
Primary Examiner(s)
Kim, Jung
Assistant Examiner(s)
TRAN, TRI MINH

Application Number

US14/230,812
Publication Number

US 20150082048A1
Time in Patent Office

1,121 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/575   Secure boot

G06F 21/602   Providing cryptographic fac...

G06F 9/4401   Bootstrapping security arra...

H04L 9/0836   using tree structure or hie...

H04L 9/0861   Generation of secret inform...

H04L 9/0866   involving user or device id...

H04L 9/3234   involving additional secure...

H04L 9/50   using hash chains, e.g. blo...

Keying infrastructure

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

50 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Keying infrastructure

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links