What technology area does this patent fall under?

Primary CPC classification H04L63/061. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Oct 08 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Secure data provisioning

US10440000B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10440000-B2
Application number	US-201515322707-A
Country	US
Kind code	B2
Filing date	Jul 9, 2015
Priority date	Jul 11, 2014
Publication date	Oct 8, 2019
Grant date	Oct 8, 2019

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A first instruction to store an entity identification (ID) in a memory of a device may be received. The entity ID may be stored in the memory in response to receiving the first instruction. Furthermore, a second instruction to store a value based on a key in the memory of the device may be received. A determination may be made as to whether the value based on the key that is to be stored in the memory corresponds to the entity ID that is stored in the memory. The value based on the key may be stored in the memory of the device when the value based on the key corresponds to the entity ID.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: receiving, by an integrated circuit of a device, a first instruction to store an entity identification (ID) in a memory of the integrated circuit, wherein the entity ID is unique to a particular manufacturer, and wherein the integrated circuit comprises a secure data provisioning component; storing the entity ID in the memory of the device in response to receiving the first instruction; receiving, by the integrated circuit, a second instruction to store a hash value of a public key in the memory of the device, wherein the second instruction comprises the hash value and an ID check value, wherein the ID check value is used by the secure data provisioning component to detect an error with the entity ID prior to storing the hash value in the memory of the device, wherein the public key corresponds to a private key used by the particular manufacturer to sign software that is loaded on the device; prior to storing the hash value in the memory of the device, determining, by the secure data provisioning component, whether the hash value to be stored in the memory corresponds to the entity ID that is stored in the memory using the ID check value, wherein the hash value corresponds to the entity ID when the ID check value matches the entity ID stored in the memory; storing the hash value in the memory of the device when the hash value is determined to correspond to the entity ID by the secure data provisioning component; and preventing, by the secure data provisioning component, the storing of the hash value when the ID check value does not match the entity ID stored in the memory. 2. The method of claim 1 , further comprising: receiving, by the secure data provisioning component, a third instruction to store a symmetric key in the memory of the device, wherein the third instruction comprises the symmetric key and an expected value, wherein the expected value is used by the secure data provisioning component to detect an error with the hash value prior to storing the symmetric key in the memory of the device, wherein the symmetric key is specified by the particular manufacturer to authenticate the device during a later operation of the device; prior to storing the symmetric key in the memory of the device, determining, by the secure data provisioning component, whether the symmetric key to be stored in the memory corresponds to the hash value that is stored in the memory using the expected value, wherein the symmetric key corresponds to the hash value when the expected value matches the hash value stored in the memory; and storing the symmetric key in the memory of the device when the symmetric key is determined to correspond to the hash value. 3. The method of claim 2 , wherein the first instruction, the second instruction, and the third instruction are associated with a sequence of instructions received from an original equipment manufacturer (OEM) by an original device manufacturer (ODM) via a network. 4. The method of claim 3 , wherein the sequence of instructions is associated with a signature corresponding to the private key, the method further comprising: retrieving, from circuitry of the device, the public key corresponding to the private key; and authenticating the signature of the sequence of instructions based on the public key. 5. The method of claim 2 , wherein the symmetric key is encrypted based on a wrapping key. 6. The method of claim 5 , wherein the wrapping key is stored in the device. 7. A system comprising: a memory; and a integrated circuit comprising a secure data provisioning component operatively coupled with the memory, the secure data provisioning component to: receive a first instruction to store an entity identification (ID) in a memory of a device, wherein the entity ID is unique to a particular manufacturer; store the entity ID in the memory of the device in response to receiving the first instruction; receive a second instruction to store a hash value of a public key in the memory of the device, wherein the second instruction comprises the hash value and an ID check value, wherein the ID check value is used by the secure data provisioning component to detect an error with the entity ID prior to storing the hash value in the memory of the device, wherein the public key corresponds to a private key used by the particular manufacturer to sign software that is loaded on the device; prior to storing the hash value in the memory of the device, determine whether the hash value to be stored in the memory corresponds to the entity ID that is stored in the memory using the ID check value, wherein the hash value corresponds to the entity ID when the ID check value corresponds to the entity ID stored in the memory; and store the hash value in the memory of the device when the hash value is determined to correspond to the entity ID. 8. The system of claim 7 , wherein the secure data provisioning component is further to: receive a third instruction to store a symmetric key in the memory of the device, wherein the third instruction comprises the symmetric key and an expected value, wherein the expected value is used by the secure data provisioning component to detect an error with the hash value prior to storing the symmetric key in the memory of the device, wherein the symmetric key is specified by the particular manufacturer to authenticate the device during a later operation of the device; prior to storing the symmetric key in the memory of the device, determining, by the secure data provisioning component, determine whether the symmetric key to be stored in the memory corresponds to the hash value that is stored in the memory using the expected value, wherein the symmetric key corresponds to the hash value when the expected value matches the hash value stored in the memory; and store the symmetric key in the memory of the device when the symmetric key is determined to correspond to the hash value. 9. The system of claim 8 , wherein the first instruction, the second instruction, and the third instruction are associated with a sequence of instructions received from an original equipment manufacturer (OEM) by an original device manufacturer (ODM) via a network. 10. The system of claim 9 , wherein the sequence of instructions is associated with a signature corresponding to the private key, the secure data provisioning component is further to: retrieve, from circuitry of the device, the public key corresponding to the private key; and authenticate the signature of the sequence of instructions based on the public key. 11. The system of claim 8 , wherein the symmetric key is encrypted based on a wrapping key. 12. The system of claim 11 , wherein the wrapping key is stored in the device. 13. A non-transitory computer readable medium including data that, when accessed by a secure data provisioning component of an integrated circuit of a device, cause the secure data provisioning component to perform operations comprising: receiving a first instruction to store an entity identification (ID) in a memory of the device, wherein the entity ID is unique to a particular manufacturer; storing the entity ID in the memory of the device in response to receiving the first instruction; receiving a second instruction to store a hash value of a public key in the memory of the device, wherein the second instruction comprises the hash value and an ID check value, wherein the ID check value is used by the secure data provisioning component to detect an error with the entity ID prior to storing the hash value in the memory of the device, wherein the public key corresponds to a private key used by the part

Assignees

Cryptography Res Inc

Inventors

Classifications

G06F21/575
Secure boot · CPC title
H04L63/0435
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
H04W12/04
Key management, e.g. using generic bootstrapping architecture [GBA] · CPC title
G06F2212/1052
Security improvement · CPC title
H04L63/061Primary
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title

Patent family

Related publications grouped by family.

View patent family 55064915

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10440000B2 cover?: A first instruction to store an entity identification (ID) in a memory of a device may be received. The entity ID may be stored in the memory in response to receiving the first instruction. Furthermore, a second instruction to store a value based on a key in the memory of the device may be received. A determination may be made as to whether the value based on the key that is to be stored in the…
Who is the assignee on this patent?: Cryptography Res Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/061. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Oct 08 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).