Secure provisioning of secrets into MPSoC devices using untrusted third-party systems

What is claimed is: 1. A computer-implemented method comprising: generating, by a multiprocessor system-on-a-chip, a random number sequence from a true random number generator to produce secret information; storing the secret information in an on-chip secure storage of the multiprocessor system-on-a-chip; encrypting, in a device of the multiprocessor system-on-a-chip and using public key encryption, the secret information to generate an encrypted message; and transmitting the encrypted message, from the multiprocessor system-on-a-chip, to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting. 2. The computer-implemented method of claim 1 , wherein the secure storage is one of a one-time programmable electronic fuses (eFUSES), a battery-backed RAM (BBRAM), and an electronic circuit. 3. The computer-implemented method of claim 1 , further comprising, on system startup, commencing monitoring by a tamper detection circuit arranged to detect tamper events. 4. The computer-implemented method of claim 3 , further comprising, prior to commencing monitoring by the tamper detection circuit, performing a built-in self-test (BIST) on the device. 5. The computer-implemented method of claim 1 , further comprising, prior to system startup: commencing a verified boot of a processor on a platform; determining whether firmware is digitally signed and authorized to be loaded on the processor; in a case where the firmware is digitally signed and authorized, loading and executing the firmware on the processor; and in a case where the digitally signed firmware is not authorized, failing to boot the platform. 6. The computer-implemented method of claim 1 , further comprising, prior to encrypting the secret information, retrieving environmental log data indicating an environmental context during production of the secret information and storage of the secret information in the on-chip secure storage. 7. The computer-implemented method of claim 1 , wherein the random number sequence is processed using a physical unclonable function (PUF). 8. A computing system comprising: a memory storing instructions; and a processor configured to execute the instructions, wherein the executed instructions cause the processor to: generate a random number sequence from a true random number generator to produce secret information; store the secret information in an on-chip secure storage; seal the secret information by encrypting, in a device and using public key encryption, the secret information; and transmit the sealed secret information to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting. 9. The computing system of claim 8 , wherein the secure storage is one of a one-time programmable electronic fuses (eFUSES), a battery-backed RAM (BBRAM), and an electronic circuit. 10. The computing system of claim 8 , further comprising, on system startup, commencing monitoring by a tamper detection circuit arranged to detect tamper events. 11. The computing system of claim 10 , further comprising, prior to commencing monitoring by the tamper detection circuit, performing a built-in self-test (BIST) on the device. 12. The computing system of claim 8 , further comprising, prior to system startup: commencing a verified boot of a processor on a platform; determining whether firmware is digitally signed and authorized to be loaded on the processor; in a case where the firmware is digitally signed and authorized, loading and executing the firmware on the processor; and in a case where the digitally signed firmware is not authorized, failing to boot the platform. 13. The computing system of claim 8 , further comprising, prior to encrypting the secret information, retrieving environmental log data indicating an environmental context during production of the secret information and storage of the secret information in the on-chip secure storage. 14. The computing system of claim 8 , wherein the random number sequence is processed using a physical unclonable function (PUF). 15. A non-transitory computer-readable medium having stored therein instructions that when executed cause a computer to perform a method comprising: generating a random number sequence from a true random number generator to produce secret information; storing the secret information in an on-chip secure storage; encrypting, in a device and using public key encryption, the secret information to generate an encrypted message; and transmitting the encrypted message to a third-party system, wherein the secret information is inaccessible to the third-party system prior to the encrypting. 16. The non-transitory computer-readable medium of claim 15 , wherein the secure storage is one of a one-time programmable electronic fuses (eFUSES), a battery-backed RAM (BBRAM), and an electronic circuit. 17. The non-transitory computer-readable medium of claim 15 , further comprising, on system startup, commencing monitoring by a tamper detection circuit arranged to detect tamper events. 18. The non-transitory computer-readable medium of claim 17 , further comprising, prior to commencing monitoring by the tamper detection circuit, performing a built-in self-test (BIST) on the device. 19. The non-transitory computer-readable medium of claim 15 , further comprising, prior to system startup: commencing a verified boot of a processor on a platform; determining whether firmware is digitally signed and authorized to be loaded on the processor; in a case where the firmware is digitally signed and authorized, loading and executing the firmware on the processor; and in a case where the digitally signed firmware is not authorized, failing to boot the platform. 20. The non-transitory computer-readable medium of claim 15 , further comprising, prior to encrypting the secret information, retrieving environmental log data indicating an environmental context during production of the secret information and storage of the secret information in the on-chip secure storage.