SG11202109815YA - Onboarding software on secure devices to generate device identities for authentication with remote servers - Google Patents

Onboarding software on secure devices to generate device identities for authentication with remote servers

Info

Publication number
SG11202109815YA
SG11202109815YA SG11202109815YA SG11202109815YA SG 11202109815Y A SG11202109815Y A SG 11202109815YA SG 11202109815Y A SG11202109815Y A SG 11202109815YA SG 11202109815Y A SG11202109815Y A SG 11202109815YA
Authority
SG
Singapore
Prior art keywords
authentication
remote servers
generate device
secure devices
device identities
Prior art date
Application number
Inventor
Olivier Duval
Original Assignee
Micron Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Micron Technology Inc filed Critical Micron Technology Inc
Publication of SG11202109815YA publication Critical patent/SG11202109815YA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
SG11202109815Y 2019-04-04 2020-03-10 Onboarding software on secure devices to generate device identities for authentication with remote servers SG11202109815YA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/374,905 US11101984B2 (en) 2019-04-04 2019-04-04 Onboarding software on secure devices to generate device identities for authentication with remote servers
PCT/US2020/021824 WO2020205173A1 (en) 2019-04-04 2020-03-10 Onboarding software on secure devices to generate device identities for authentication with remote servers

Publications (1)

Publication Number Publication Date
SG11202109815YA true SG11202109815YA (en) 2021-10-28

Family

ID=72661696

Family Applications (1)

Application Number Title Priority Date Filing Date
SG11202109815Y SG11202109815YA (en) 2019-04-04 2020-03-10 Onboarding software on secure devices to generate device identities for authentication with remote servers

Country Status (7)

Country Link
US (2) US11101984B2 (en)
EP (1) EP3949261A4 (en)
JP (1) JP7351925B2 (en)
KR (1) KR20210135627A (en)
CN (1) CN113661681A (en)
SG (1) SG11202109815YA (en)
WO (1) WO2020205173A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3662626B1 (en) * 2017-08-02 2022-05-11 British Telecommunications public limited company Malicious host detection
US11734458B2 (en) * 2019-02-26 2023-08-22 Intel Corporation Extensible layered trusted computing base for computing devices
US20220131847A1 (en) * 2020-10-26 2022-04-28 Micron Technology, Inc. Subscription Sharing among a Group of Endpoints having Memory Devices Secured for Reliable Identity Validation
US20220131700A1 (en) 2020-10-26 2022-04-28 Micron Technology, Inc. Virtual Subscriber Identification Module and Virtual Smart Card
CN115037492A (en) 2021-03-03 2022-09-09 美光科技公司 Online security services based on security features implemented in memory devices
DE102022104834A1 (en) 2021-03-03 2022-09-08 Micron Technology, Inc. ONBOARDING CLOUD SERVICES WITHOUT PRIOR CUSTOMIZATION OF DEVICES
CN114613042B (en) * 2022-02-25 2023-11-28 深圳数马电子技术有限公司 Software configuration method and device for general automobile key
US20240004984A1 (en) * 2022-06-29 2024-01-04 Lennox Industries, Inc. Security Token Provisioning for a Product

Family Cites Families (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7697691B2 (en) * 2004-07-14 2010-04-13 Intel Corporation Method of delivering Direct Proof private keys to devices using an on-line service
US8924728B2 (en) * 2004-11-30 2014-12-30 Intel Corporation Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information
US8014530B2 (en) 2006-03-22 2011-09-06 Intel Corporation Method and apparatus for authenticated, recoverable key distribution with no database secrets
JP2008185616A (en) * 2007-01-26 2008-08-14 Canon Inc Secret key ciphering method, secret key ciphering device and computer program
US7913086B2 (en) * 2007-06-20 2011-03-22 Nokia Corporation Method for remote message attestation in a communication system
US9047450B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Identification of embedded system devices
AU2011205391B2 (en) * 2010-01-12 2014-11-20 Visa International Service Association Anytime validation for verification tokens
EP2544121B1 (en) * 2010-03-03 2020-07-29 Panasonic Intellectual Property Management Co., Ltd. Controller embedded in recording medium device, recording medium device, recording medium device manufacturing system, and recording medium device manufacturing method
EP2538606B1 (en) * 2011-06-21 2017-08-09 BlackBerry Limited Provisioning a shared secret to a portable electronic device and to a service entity
US20130006869A1 (en) 2011-06-30 2013-01-03 Rovi Corp. Method to identify consumer electronics products
JP5479408B2 (en) 2011-07-06 2014-04-23 日立オートモティブシステムズ株式会社 In-vehicle network system
US8938792B2 (en) * 2012-12-28 2015-01-20 Intel Corporation Device authentication using a physically unclonable functions based key generation system
US9239920B2 (en) * 2013-04-23 2016-01-19 Qualcomm Incorporated Generation of working security key based on security parameters
US9100192B2 (en) * 2013-06-07 2015-08-04 Qualcomm Incorporated Apparatus and method for provisioning an endorsement key certificate for a firmware trusted platform module
CN103825741B (en) * 2014-01-24 2017-03-15 安徽云盾信息技术有限公司 The solution of certificate of the injection with signature in a kind of encryption device production process
US10454919B2 (en) * 2014-02-26 2019-10-22 International Business Machines Corporation Secure component certificate provisioning
EP3197089B1 (en) * 2014-11-06 2019-08-07 Huawei Technologies Co., Ltd. Secure information configuration method, secure authentication method and related chip
US9430658B2 (en) * 2014-12-16 2016-08-30 Freescale Semiconductor, Inc. Systems and methods for secure provisioning of production electronic circuits
CN107852404A (en) * 2015-06-30 2018-03-27 维萨国际服务协会 Secret communication is mutually authenticated
JP6217728B2 (en) * 2015-10-19 2017-10-25 トヨタ自動車株式会社 Vehicle system and authentication method
WO2017153990A1 (en) 2016-03-08 2017-09-14 Protectivx Ltd. System and method for device authentication using hardware and software identifiers
US10277407B2 (en) * 2016-04-19 2019-04-30 Microsoft Technology Licensing, Llc Key-attestation-contingent certificate issuance
CN105790938B (en) * 2016-05-23 2019-02-19 中国银联股份有限公司 Safe unit key generation system and method based on credible performing environment
US10708067B2 (en) * 2016-06-18 2020-07-07 Intel Corporation Platform attestation and registration for servers
WO2018010791A1 (en) * 2016-07-14 2018-01-18 Huawei Technologies Co., Ltd. Apparatus and method for certificate enrollment
US10268844B2 (en) * 2016-08-08 2019-04-23 Data I/O Corporation Embedding foundational root of trust using security algorithms
US10505931B2 (en) * 2017-06-02 2019-12-10 Nxp B.V. Method for authenticating an integrated circuit device
EP3422628B1 (en) * 2017-06-29 2021-04-07 Siemens Aktiengesellschaft Method, safety device and safety system
US10505732B2 (en) * 2017-08-14 2019-12-10 Nxp B.V. Method for generating a public/private key pair and public key certificate for an internet of things device
US10439816B2 (en) * 2017-09-08 2019-10-08 Nxp B.V. Method for provisioning a device with a verified and diversified public key
US11050556B2 (en) * 2018-07-13 2021-06-29 Micron Technology, Inc. Secure vehicular communication
US10869190B2 (en) * 2018-07-13 2020-12-15 Micron Technology, Inc. Secure vehicular services communication
US11734458B2 (en) * 2019-02-26 2023-08-22 Intel Corporation Extensible layered trusted computing base for computing devices
US10749680B1 (en) * 2019-03-25 2020-08-18 Micron Technology, Inc. Secure communication between a vehicle and a remote device

Also Published As

Publication number Publication date
EP3949261A4 (en) 2022-12-14
WO2020205173A1 (en) 2020-10-08
JP7351925B2 (en) 2023-09-27
EP3949261A1 (en) 2022-02-09
US20210377004A1 (en) 2021-12-02
US20200322134A1 (en) 2020-10-08
JP2022527985A (en) 2022-06-07
KR20210135627A (en) 2021-11-15
CN113661681A (en) 2021-11-16
US11101984B2 (en) 2021-08-24

Similar Documents

Publication Publication Date Title
SG11202109815YA (en) Onboarding software on secure devices to generate device identities for authentication with remote servers
EP3010177B8 (en) Method for authenticating a client device with a server using a secret element
MX2018003708A (en) Secure enrolment of security device for communication with security server.
ZA201708085B (en) Method for enabling a secure provisioning of a credential, and related wireless devices and servers
SG10202108677WA (en) Trusted login method, server, and system
EP3532971A4 (en) System and method for authenticating and authorizing devices
EP3111317A4 (en) Transferring authorization from an authenticated device to an unauthenticated device
WO2013106688A3 (en) Authenticating cloud computing enabling secure services
MX2017008651A (en) Method and apparatus for securing a mobile application.
EP3309330A4 (en) Electronic locking device dual authentication system using electronic key
EP3146670A4 (en) Network authentication system with dynamic key generation
MX361152B (en) Provisioning drm credentials on a client device using an update server.
EP3108613A4 (en) Method and apparatus for authenticating client credentials
EP3316544A4 (en) Token generation and authentication method, and authentication server
IL277461A (en) Dynamic domain key exchange for authenticated device to device communications
EP3531732A4 (en) Anchor key generation method, device and system
EP3554034B8 (en) Method and device for authenticating login
WO2015056010A3 (en) Registry apparatus, agent device, application providing apparatus and corresponding methods
SG10201608532PA (en) Methods, apparatus and devices for authenticating a call session
EP3499836A4 (en) Authentication method, device and authentication client
EP3677005A4 (en) Authentication protocol based on trusted execution environment
MX370797B (en) Techniques for managing a remote web client from an application on a mobile device.
GB2565662B (en) Method and system for authenticating a session on a communication device
EP3195523A4 (en) Methods, devices and management terminals for establishing a secure session with a service
PL3347849T3 (en) Method, device and system for authenticating to a mobile network and a server for authenticating devices to a mobile network