Automatic discovery and installation of secure boot certificates
US-2016378970-A1 · Dec 29, 2016 · US
Trusted platforms using minimal hardware resources
US9953167B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9953167-B2 |
| Application number | US-201514880746-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 12, 2015 |
| Priority date | Oct 12, 2015 |
| Publication date | Apr 24, 2018 |
| Grant date | Apr 24, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with the low-resource device and one or more software modules. The low-resource device can further be configured to use the migration keys and the sealing keys to both verify a software update and migrate secrets from a previous version of the software to a newer version of the software. Additionally, the low-resource device can be configured to generate an attestation statement using the attestation keys and perform attestation using the attestation statement and the at least one distributed resource.
First claim
Opening claim text (preview).
What is claimed is: 1. A device comprising: a processor; and a computer-readable medium including modules, the modules when executed by the processor, configure the device to perform a boot process, the modules comprising: a cryptographic module configured to generate, using a fuse-derived secret value, a sealing seed for re-verifying a software component that has been previously verified by the device after a software update and signed by the device using an authentication code; and a verification module configured to: retrieve a software descriptor associated with the software component; verify the software component using the software descriptor and the sealing seed; and based at least in part on verifying the software component, cause the device to continue performing the boot process, wherein the cryptographic module is further configure to generate a sealing key for the software component based at least partially on one or more of the sealing seed and the software descriptor; and a sealing module configured to seal secrets of the software component using the sealing key. 2. The device according to claim 1 , wherein to verify the software component using the software descriptor and the sealing seed, the verification module is configured to check the authentication code on the software descriptor using the sealing seed. 3. The device according to claim 1 , wherein the sealing key for the software component is generated based at least partially on the sealing seed and the software descriptor. 4. The device according to claim 1 , wherein to seal the secrets using the sealing key, the sealing module is configured to: generate one of more encryption keys using the sealing key; and encrypt the secrets of the software component using the one or more encryption keys. 5. The device according to claim 1 , wherein the verification module is further configured to: verify an additional software component using a software descriptor associated with the additional software component and the sealing key. 6. The device according to claim 1 , where in the device comprises a low-resource device. 7. A method comprising: generating, using a fuse-derived secret value, a sealing seed for re-verifying a software component that has been previously verified by a device after a software update and signed by the device using an authentication code; retrieving a software descriptor associated with the software component; generating a sealing key for the software component based at least partially on one or more of the sealing seed and the software descriptor; verifying the software component using the software descriptor and the sealing seed; based at least in part on verifying the software component, causing the device to continue performing a boot process; and sealing secrets of the software component using the sealing key. 8. The method according to claim 7 , wherein verifying the software component using the software descriptor and the sealing seed comprises checking the authentication code on the software descriptor using the sealing seed. 9. The method according to claim 7 , wherein the sealing key for the software component is generated based at least partially on the sealing seed and the software descriptor. 10. The method according to claim 7 , wherein sealing the secrets of the software component using the sealing key comprises: generating one of more encryption keys using the sealing key; and encrypting the secrets of the software component using the one or more encryption keys. 11. The method according to claim 7 , further comprising: verifying an additional software component using a software descriptor associated with the additional software component and the sealing key. 12. The method according to claim 7 , wherein the device comprises a low-resource device. 13. A device comprising: one or more processors; and one or more computer-readable media storing instruction that, when executed by the one or more processors, cause the one or more processor to perform operations comprising: generating, using a fuse-derived secret value, a sealing seed for re-verifying a software component that has been previously verified by the device after a software update and signed by the device using an authentication code; retrieving a software descriptor associated with the software component; generating a sealing key for the software component based at least partially on one or more of the sealing seed and the software descriptor; verifying the software component using the software descriptor and the sealing seed; based at least in part on verifying the software component, causing the device to continue performing a boot process; and sealing secrets of the software component using the sealing key. 14. The device according to claim 13 , wherein verifying the software component using the software descriptor and the sealing seed comprises checking the authentication code on the software descriptor using the sealing seed. 15. The device according to claim 13 , wherein the sealing key for the software component is generated based at least partially on the sealing seed and the software descriptor. 16. The device according to claim 13 , wherein sealing the secrets of the software component using the sealing key comprises: generating one of more encryption keys using the sealing key; and encrypting the secrets of the software component using the one or more encryption keys. 17. The device according to claim 13 , wherein the operations further comprise: verifying an additional software component using a software descriptor associated with the additional software component and the sealing key. 18. The device according to claim 13 , where in the device comprises a low-resource device.
Assignees
Inventors
Classifications
- G06F21/51Primary
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics · CPC title
Boot up procedures · CPC title
- G06F21/575Primary
Secure boot · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9953167B2 cover?
- Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with …
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/51. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 24 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).