IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0576344
(2009-10-09)
|
등록번호 |
US-8621188
(2013-12-31)
|
발명자
/ 주소 |
- Srinivasan, Pramila
- Princen, John
|
출원인 / 주소 |
- Acer Cloud Technology, Inc.
|
대리인 / 주소 |
Sheppard, Mullin, Richter & Hampton LLP
|
인용정보 |
피인용 횟수 :
2 인용 특허 :
137 |
초록
▼
An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later
An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.
대표청구항
▼
1. A server comprising: a number generator;a certificate request module;a certificate verification module;an interface, coupled to the number generator, the certificate request module, and the certificate verification module,wherein, in operation: the number generator generates a first number;the ce
1. A server comprising: a number generator;a certificate request module;a certificate verification module;an interface, coupled to the number generator, the certificate request module, and the certificate verification module,wherein, in operation: the number generator generates a first number;the certificate request module generates a request for a device certificate;the first number and the request for a device certificate are sent via the interface;a response that includes a second number, a second signature that is generated using the second number, and a device certificate computed as a function of a device identifier (ID), an issuer ID, the second signature, and a public key are received at the interface; andthe certificate verification module validates the device certificate and the second signature, and verifies that the first number and the second number match. 2. The server of claim 1, wherein the public key is computed from a private key. 3. The server of claim 2, wherein the private key is an elliptic curve private key. 4. The server of claim 1, wherein the interface receives the signature and the certificate validation module validates the signature using the device certificate. 5. The server of claim 1, wherein the number generator is a pseudo-random number generator. 6. The server of claim 1, wherein the number generator is a true random number generator. 7. The server of claim 1, wherein, in operation, the certificate verification module validates the device certificate using a trusted certificate chain. 8. The server of claim 1, further comprising a certificate database, wherein the device certificate is imported to the certificate database if validated by the certificate verification module. 9. A server comprising: a means for generating a first number;a means for generating a request for a device certificate;a means for sending the first number and the request for a device certificate;a means for receiving a response that includes a second number, a second signature that is generated using the second number, and a device certificate computed as a function of a device identifier (ID), an issuer ID, the second signature, and a public key;a means for validating the device certificate and the second signature;a means for verifying that the first number and the second number match. 10. The server of claim 9, further comprising: a means for receiving the signature;a means for validating the signature using the device certificate. 11. The server of claim 9, further comprising generating a pseudo-random number as the first number. 12. The server of claim 9, further comprising generating a true random number as the first number. 13. The server of claim 9, further comprising validating the device certificate using a trusted certificate chain. 14. The server of claim 9, further comprising importing the device certificate to a certificate database after the device certificate is validated. 15. A computer program product including memory storing instructions and a processor for executing the instructions in memory: a processor;memory storing modules having instructions, coupled to the processor, including: a number generation module;a certificate request module;a certificate verification module;wherein, in operation, the processor executes the instructions such that: the number generation module generates a first number;the certificate request module generates a request for a device certificate and sends the first number and the request for a device certificate;the certificate verification module: receives a response that includes a second number, a second signature that is generated using the second number, and a device certificate computed as a function of a device identifier (ID), an issuer ID, the second signature, and a public key;validates the device certificate and the second signature; andverifies that the first number and the second number match. 16. The computer program product of claim 15, wherein the certificate verification module receives the signature and validates the signature using the device certificate. 17. The computer program product of claim 15, wherein the number generation module is a pseudo-random number generation module. 18. The computer program product of claim 15, wherein the number generation module is a true random number generation module. 19. The computer program product of claim 15, wherein the certificate verification module validates the device certificate using a trusted certificate chain. 20. The computer program product of claim 15, further comprising a certificate database, wherein the device certificate is imported to the certificate database if validated by the certificate verification module.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.