IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0576904
(2009-10-09)
|
등록번호 |
US-8601247
(2013-12-03)
|
발명자
/ 주소 |
- Srinivasan, Pramila
- Princen, John
|
출원인 / 주소 |
- Acer Cloud Technology, Inc.
|
대리인 / 주소 |
Sheppard, Mullin, Richter & Hampton LLP
|
인용정보 |
피인용 횟수 :
2 인용 특허 :
137 |
초록
▼
An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later
An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.
대표청구항
▼
1. A method comprising: providing a number to use as a small-signature private key;computing a signature with a small-signature algorithm;programming, by a manufacturer during the manufacturing of a device, a compressed certificate into a chip-internal non-volatile memory of the device, wherein the
1. A method comprising: providing a number to use as a small-signature private key;computing a signature with a small-signature algorithm;programming, by a manufacturer during the manufacturing of a device, a compressed certificate into a chip-internal non-volatile memory of the device, wherein the compressed certificate includes a device ID, the small-signature private key, an issuer ID, and the signature;enabling, in operation, a calling application to obtain a device certificate generated at the device using the device ID, the small-signature private key, the issuer ID, and the signature of the compressed certificate, wherein the device certificate is a function of the device ID, the issuer ID, the signature, and a public key, wherein the public key is a function of the small-signature private key, and wherein the device certificate is larger than the compressed certificate. 2. The method of claim 1, further comprising programming the number in read-only memory (ROM) of the device. 3. The method of claim 1, further comprising generating the number as a secret seed random number. 4. The method of claim 1, further comprising computing the number using an elliptic curve digital signature algorithm (DSA). 5. The method of claim 1, further comprising: receiving a request for the device certificate from the calling application;reading the device ID, the small-signature private key, the issuer ID, and the signature from the non-volatile memory of the device;computing the public key as a function of the small-signature private key and common parameters;constructing the device certificate as a function of the device ID, the issuer ID, the public key, the signature, and the common parameters;providing the device certificate to the calling application. 6. The method of claim 1, further comprising incrementing a runtime state of the device. 7. The method of claim 3, further comprising: receiving a request for a random number from the calling application;generating the random number from the number;incrementing a runtime state of the device based on the generated random number. 8. The method of claim 3, further comprising: generating a key from the number and a sequence number;receiving a request for a random number from the calling application;generating the random number from the key and a runtime state of the device;incrementing the runtime state of the device based on the generated random number. 9. The method of claim 1, further comprising: receiving the device certificate;storing the device certificate in system external storage;retrieving the device certificate from the system external storage as the device certificate is needed.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.