CN106256103A - 用于导出芯片上系统装置中的衍生密钥的远程站 - Google Patents

用于导出芯片上系统装置中的衍生密钥的远程站 Download PDF

Info

Publication number
CN106256103A
CN106256103A CN201580020234.5A CN201580020234A CN106256103A CN 106256103 A CN106256103 A CN 106256103A CN 201580020234 A CN201580020234 A CN 201580020234A CN 106256103 A CN106256103 A CN 106256103A
Authority
CN
China
Prior art keywords
party
key
integrated circuit
pki
available
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201580020234.5A
Other languages
English (en)
Chinese (zh)
Inventor
伊万·休·麦克莱恩
维尔希·曼费雷德·冯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN106256103A publication Critical patent/CN106256103A/zh
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0457Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply dynamic encryption, e.g. stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Systems (AREA)
CN201580020234.5A 2014-04-29 2015-04-14 用于导出芯片上系统装置中的衍生密钥的远程站 Pending CN106256103A (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/264,645 2014-04-29
US14/264,645 US20150312228A1 (en) 2014-04-29 2014-04-29 Remote station for deriving a derivative key in a system-on-a-chip device
PCT/US2015/025794 WO2015167798A1 (en) 2014-04-29 2015-04-14 A remote station for deriving a derivative key in a system-on-a-chip device

Publications (1)

Publication Number Publication Date
CN106256103A true CN106256103A (zh) 2016-12-21

Family

ID=52998277

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201580020234.5A Pending CN106256103A (zh) 2014-04-29 2015-04-14 用于导出芯片上系统装置中的衍生密钥的远程站

Country Status (7)

Country Link
US (1) US20150312228A1 (enExample)
EP (1) EP3138230A1 (enExample)
JP (1) JP2017517192A (enExample)
KR (1) KR20160145609A (enExample)
CN (1) CN106256103A (enExample)
BR (1) BR112016024886A2 (enExample)
WO (1) WO2015167798A1 (enExample)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11334884B2 (en) * 2012-05-04 2022-05-17 Institutional Cash Distributors Technology, Llc Encapsulated security tokens for electronic transactions
KR20150128081A (ko) * 2014-05-08 2015-11-18 삼성전자주식회사 키 관리 방법 및 그 방법을 이용하는 전자 장치
DE102017201891A1 (de) * 2017-02-07 2018-08-09 Siemens Aktiengesellschaft Programmierbares Hardware-Sicherheitsmodul und Verfahren auf einem programmierbaren Hardware-Sicherheitsmodul
US10505931B2 (en) * 2017-06-02 2019-12-10 Nxp B.V. Method for authenticating an integrated circuit device
CN111600860B (zh) * 2020-05-08 2022-05-31 格尔软件股份有限公司 适用于车联网环境的隐式证书计算方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420300A (zh) * 2008-05-28 2009-04-29 北京易恒信认证科技有限公司 双因子组合公钥生成和认证方法
WO2013022651A1 (en) * 2011-08-08 2013-02-14 Marvell World Trade Ltd. Key derivative function for network communications
EP2575068A1 (en) * 2011-09-30 2013-04-03 Certicom Corp. System and method for providing hardware-based security
US20140082358A1 (en) * 2012-09-17 2014-03-20 General Instrument Corporation Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc)

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2255285C (en) * 1998-12-04 2009-10-13 Certicom Corp. Enhanced subscriber authentication protocol
JP2002368733A (ja) * 2001-06-04 2002-12-20 Nec Corp 通信機器とその製造方法及びそのコンピュータプログラム
US7987356B2 (en) * 2004-11-29 2011-07-26 Broadcom Corporation Programmable security platform
JP4997769B2 (ja) * 2005-12-26 2012-08-08 日本電気株式会社 暗号通信システム、鍵共有方法、鍵提供装置
FR2898747A1 (fr) * 2006-03-15 2007-09-21 Gemplus Sa Procede de chiffrement cherchable dechiffrable, systeme pour un tel chiffrement
US8442507B2 (en) * 2007-09-26 2013-05-14 Qualcomm Incorporated Methods and apparatus for dynamic source determination of provisioning information on a per-network service basis for open market wireless devices
TWI505129B (zh) * 2010-03-03 2015-10-21 Panasonic Corp A manufacturing method of a controller, a recording medium device, a recording medium apparatus, and a recording medium apparatus assembled to a recording medium apparatus
EP2487828A1 (en) * 2011-02-10 2012-08-15 Thomson Licensing Method and device for generating control words
CA2780879C (en) * 2011-06-21 2019-02-12 Research In Motion Limited Provisioning a shared secret to a portable electronic device and to a service entity
CN104221347B (zh) * 2012-02-14 2017-03-29 苹果公司 支持多个访问控制客户端的移动装置和对应的方法
US9323950B2 (en) * 2012-07-19 2016-04-26 Atmel Corporation Generating signatures using a secure device
US9100174B2 (en) * 2012-08-31 2015-08-04 Freescale Semiconductor, Inc. Secure provisioning in an untrusted environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101420300A (zh) * 2008-05-28 2009-04-29 北京易恒信认证科技有限公司 双因子组合公钥生成和认证方法
WO2013022651A1 (en) * 2011-08-08 2013-02-14 Marvell World Trade Ltd. Key derivative function for network communications
EP2575068A1 (en) * 2011-09-30 2013-04-03 Certicom Corp. System and method for providing hardware-based security
US20140082358A1 (en) * 2012-09-17 2014-03-20 General Instrument Corporation Efficient key generator for distribution of sensitive material from mulitple application service providers to a secure element such as a universal integrated circuit card (uicc)

Also Published As

Publication number Publication date
WO2015167798A1 (en) 2015-11-05
US20150312228A1 (en) 2015-10-29
BR112016024886A2 (pt) 2017-08-15
JP2017517192A (ja) 2017-06-22
KR20160145609A (ko) 2016-12-20
EP3138230A1 (en) 2017-03-08

Similar Documents

Publication Publication Date Title
US12244696B2 (en) Ecdhe key exchange for server authentication and a key server
US12047516B2 (en) Combined digital signature algorithms for security against quantum computers
US9942049B2 (en) Remote station and method for re-enabling a disabled debug capability in a system-on-a-chip device
US9288672B2 (en) Method for configuring a remote station with a certificate from a local root certificate authority for securing a wireless network
CN105339948B (zh) 用于供应用于固件受信任平台模块的认可密钥证书的装置和方法
CN101523800B (zh) 用于双向认证的方法和装置
US9949115B2 (en) Common modulus RSA key pairs for signature generation and encryption/decryption
EP2335375B1 (en) Trusted and confidential remote tpm initialization
CN104040938B (zh) 用于产生基于权限的密钥的方法和设备
CN103416082A (zh) 用于使用安全元件对远程站进行认证的方法
CN106256103A (zh) 用于导出芯片上系统装置中的衍生密钥的远程站
US20240187262A1 (en) Encrypted and authenticated firmware provisioning with root-of-trust based security
US10242234B2 (en) Wireless enabled secure storage drive
CN115242395A (zh) 数据通信方法、装置、分布式系统及存储介质
US20210374287A1 (en) Authentication of an original equipment manufacturer entity
CN104272646B (zh) 用于用证书配置实体的方法以及装置

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20161221