USRE43934E1 - Method and apparatus to assign trust to a key - Google Patents

Method and apparatus to assign trust to a key Download PDF

Info

Publication number
USRE43934E1
USRE43934E1 US12/965,459 US96545910A USRE43934E US RE43934 E1 USRE43934 E1 US RE43934E1 US 96545910 A US96545910 A US 96545910A US RE43934 E USRE43934 E US RE43934E
Authority
US
United States
Prior art keywords
software module
keys
values
key
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US12/965,459
Inventor
Ned M. Smith
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intel Corp
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Priority to US12/965,459 priority Critical patent/USRE43934E1/en
Application granted granted Critical
Publication of USRE43934E1 publication Critical patent/USRE43934E1/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K1/00Secret communication
    • H04K1/02Secret communication by adding a second signal to make the desired signal unintelligible
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3265Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Definitions

  • the invention relates to the field of information security and, more particularly, to the assigning of trust to a key employed in an electronic operation.
  • a computer system may be any device comprising a processor to execute instructions and a memory to store the instructions.
  • desktop computers, laptop computers, hand held computers and set-top boxes are all examples of what may comprise a computer system.
  • software module may refer to any form of packaging (that is, organizing and grouping) sequences of software instructions, for example executable programs, statically-linked libraries, dynamically-linked libraries, applets, objects, and many other forms of packaging and organization for software sequences well known in the art.
  • One technique for providing security is to associate a secret value, sometimes called a key, with each software module seeking access. If the possessor of the key may be traced back to a trusted source, such as, for example a “Certificate Authority” such as Verisign Inc. of Mountain View, Calif., the module or modules associated with the key may be trusted with access to select services and data.
  • a trusted source such as, for example a “Certificate Authority” such as Verisign Inc. of Mountain View, Calif.
  • keys may be “compromised”, meaning that secret components of their value may become known to a third party not intended to possess such knowledge.
  • secret values may be compromised in a number of ways, including through inadvertent disclosure of the private key, or through reverse engineering (sometimes known as key or code “cracking”) of data or software encrypted with the key.
  • Software modules relying upon the revoked keys may embed an identification of the revoked key within the binary file or files comprising the modules themselves.
  • the software module may be re-compiled, re-linked, and redistributed with a new embedded key whose trust has not been compromised. Recompilation, re-linkage, and redistribution of software modules may be an arduous and expensive process. Therefore, there exists a continuing need for techniques to assign trust in a new key once trust in a key has been compromised.
  • One embodiment of a method includes determining whether a key is traceable to one of a set of keys associated with a trusted source and determining whether the key is identified in a list of compromised keys. If the key is not identified as compromised and is traceable to one of the keys in the set, the key is assigned a trusted status.
  • FIG. 1 is a flow chart illustrating an embodiment of a process to manufacture a security manager module and the manifest for the security manager module in accordance with the present invention.
  • FIG. 2 is a flow chart illustrating an embodiment of a process to manufacture the manifest for a client module of the security manager in accordance with the present invention.
  • FIG. 3 is a flow chart illustrating an embodiment of a process to create a revocation manifest in accordance with the present invention.
  • FIG. 4 is a flow chart illustrating an embodiment of a process by which trust may be assigned to a key relied upon by a software module to self-check itself or cross-check other modules, in accordance with the present invention.
  • FIG. 5 is a schematic diagram illustrating an embodiment of an apparatus to revoke trust in a key value in accordance with the present invention.
  • the present invention involves a technique to assign trust in a key to be used by software modules in electronic operations.
  • the embodiments described herein are merely illustrative, and one skilled in the art will appreciate that numerous modifications can be made which, nonetheless, fall within the scope of the present invention.
  • a “digital signature” may be generated by computing the hash value of a body of information, such as a data document or a sequence of program instructions, and then applying the private key to transform the generated hash value.
  • a signature may be “verified”, that is, determined to have been generated by the party or parties associated with the private key, by computing a second hash value on the body of information, then applying the public key component to the encrypted hash value corresponding to the private key value and comparing the hash values for a match.
  • the recipient of the signature may have confidence that the signed body of information originated from a party associated with the private key and, further, that the body of information is unaltered from its state when the signature was generated.
  • methods of generating and verifying signatures are well-known in the art of digital security.
  • a “manifest” typically comprises one or more files containing attributes of another data file or software module.
  • the manifest may typically comprise a hash value of the other file and an identification of the key used to sign the manifest. Using the identified key, a signature may be generated on the manifest.
  • the key used to sign the manifest is trusted, the integrity of the information comprised by the signed manifest may also be trusted.
  • This trusted source may be a key issued by a trusted party, such as a Certificate Authority (CA). Verisign Inc. is an example of a CA.
  • the certificate chain may comprise one or more “digital certificates”, that is, files comprising a key which are signed by keys which are closer in the chain of trust to the trusted source.
  • a bank may be assigned a private key for performing digital signatures. This private key may be assigned to the bank by a CA.
  • a certificate for the bank's key may be issued by the CA, in the form of a file comprising the bank's key, signed by the CA's key.
  • the CA's key may be described as the “anchor” of the trust extending to the bank's key. Certificates and certificate chains are well known by those of ordinary skill in the art of digital security; see, for example, Recommendation X.509 V.3 (1994) from the International Telecommunication Union.
  • the certificate chain may be comprised by the manifest for a software module, or it may be stored separately from the manifest.
  • the hash value comprised by the manifest may be used to verify the integrity of the software module with which the manifest is associated, and may also serve to associate the manifest with the software module by utilizing the unique character of the hash valve.
  • one software module may control access to secure data and services in a computer system.
  • This module may be called the security manager (SM).
  • the SM may verify the integrity and trusted status of (henceforth referred to as cross-checking) the other software module (henceforth referred to as the client module). For example, when a client module requests access, the SM may consult the manifest for the client module. A hash value for the client module may be stored in this manifest. The SM may generate a hash value of the client module and compare it with the hash value stored in the manifest. A match provides an indication regarding the integrity of the module to ensure that the module has not been tampered with.
  • the SM may perform a hash on the manifest itself and compare it with the hash value comprised by the manifest signature. If those values match, they provide an indication of the integrity of the manifest itself and, hence, the hash value comprised by the manifest, providing further verification of the client module's integrity.
  • the SM may read from the client module manifest an identification of the public key component corresponding to the private key used to sign the manifest. Using this public key component, the SM may trace the association of the signing key back to the trusted source using a certificate chain.
  • the certificates of the certificate chain may be comprised by the manifest or may be accessible separately from the manifest. For example, in one embodiment the key for the trusted source, to which the certificate chain traces back to, may be embedded within the binary file comprising the SM.
  • the SM may have an associated manifest similar to the manifest for the client module.
  • the manifest for the SM may comprise a hash value for the SM which the SM may use to verify its own integrity (self-check) in a manner similar in the manner in which the SM determines the integrity of the client module (cross check).
  • the SM manifest may further comprise the public key component corresponding to the private key used to sign the SM manifest which, in a manner similar to the pubic key for the client module, may be associated with a trusted source through a certificate chain.
  • the SM manifest may or may not comprise the certificate chain.
  • the public key associated with the trusted source may be the same public key to which the public key of the client module was traced through the client certificate chain. As previously noted, this public key component may be embedded in an SM binary file.
  • FIG. 1 shows one embodiment 100 of a process to produce an SM module and the manifest for the SM module.
  • the instructions 106 comprising the SM module, and a data file 110 may be input to a compilation/linking tool 120 (the compiler and linker may comprise separate tools).
  • the data file may comprise a primary key 102 and one or more backup keys 104 .
  • the primary key 102 and backup keys 104 comprise public keys which are trusted by the SM for performing secure operations, such as accessing secure data and services on a computer system.
  • the compiler/linker 120 may output an SM binary image 130 suitable for loading into the memory of a computer system, and comprising the instructions 106 of the SM in binary form, e.g.
  • the key values 102 , 104 are embedded in a data area of the SM binary 130 .
  • the key values 102 , 104 may be encoded in such a manner as to make their detection more difficult by unauthorized third parties examining the binary image 130 , such as may take place with the aid of debugging or disassembly tool.
  • the SM binary 130 may be input to a hash generator 140 to generate a hash value unique to the SM binary 130 with a high degree of confidence. In other words, it would be highly improbable that another input to the hash generator 140 would result in the same hash value.
  • this hash value may be archived by a trusted authority, such as a Certificate Authority, to be employed in a manner to be described later.
  • the hash value, along with a private key 160 may be input to a manifest generator 150 .
  • Other information (not shown) to be comprised by the manifest may also be input to the manifest generator 150 .
  • the manifest generator 150 may output a manifest for the SM signed with the private key 160 .
  • the manifest in addition to comprising the hash value of the SM, may comprise an identification of the public key corresponding to the private key 160 or a hash of this public key.
  • the private key 160 may be traceable, by way of a certificate chain (the dotted line in FIG. 1 ), back to the primary key 102 embedded in the SM binary 130 .
  • the certificate chain may be comprised by the manifest or separate from it.
  • FIG. 2 shows an embodiment 200 of a process to produce the manifest for a client module of the SM, in other words, a software module to request secure data or services from the SM.
  • Client module instructions 202 may be input to a compiler/linker 120 to produce a client binary 230 .
  • the client binary 230 may not have embedded key values.
  • the client binary 230 may be input to a hash generator 140 to produce a hash value for the client binary 230 .
  • the hash value may be archived with a trusted authority such as a Certificate Authority.
  • the hash value, along with a private key 260 may be input to manifest generator 150 to produce a manifest for the client module 230 , signed by private key 260 .
  • the manifest may comprise an identification of the public key corresponding to private key 260 used to used to sign the manifest.
  • the manifest may further comprise the hash value of the client binary 230 .
  • the manifest may also comprise a certificate chain through which the key 260 used to sign the manifest may be traced back to a key associated with a trusted authority such as a Certificate Authority.
  • the certification chain may also be separate from the manifest. In one embodiment, both the key 260 used to sign the client manifest and the key 160 used to sign the SM manifest are traceable back to the trusted primary key 102 embedded within the SM binary 130 .
  • Embodiments in accordance with the present invention may employ manifest technology to provide a new trusted key to replace a compromised trusted key, such as a compromised primary key 102 .
  • a compromised trusted key such as a compromised primary key 102
  • third parties such as Certificate Authorities, with access to the source or binary code for these software modules when a key is compromised. Instead, these third parties may archive a hash of the software modules, which may then be distributed along with a new trusted key in a signed manifest. Because the archived hash is comprised by a manifest signed by a new trusted key, software modules can trust the integrity of the archived hash value when performing self or cross checks for module integrity.
  • a revocation manifest may be issued, for example by a Certificate Authority responsible for maintaining and managing trust in the compromised key value.
  • the revocation may be issued in the form of a new manifest comprising an identification of a replacement key to be relied upon by software modules previously relying upon the compromised key.
  • FIG. 3 shows an embodiment 300 of a process to produce a revocation manifest identifying compromised keys.
  • An original hash of the SM possibly archived by a Certificate Authority, is input to a manifest generator 150 along with a list 302 identifying one or more compromised keys and a key 360 for signing the manifest.
  • a private key 360 may used to generate a signature on the manifest and an identification (such as a hash or the key value itself) of the public key component may be comprised by the manifest.
  • the key 360 to sign the manifest may be traceable through a certificate chain to a trusted key.
  • the trusted key to which the certificate chain may be traced comprises one of the back-up keys embedded in the SM.
  • FIG. 4 is a flow chart illustrating an embodiment of a process by which trust may be assigned to a key relied upon by a software module to self-check itself or cross-check other modules, in accordance with the present invention.
  • a revocation manifest may be generated at 410 , for example by the embodiment as illustrated in FIG. 3 .
  • the revocation manifest may be associated with the module by way of a hash value of the module comprised by the manifest.
  • the module is executed at 420 by a computer system, for example, by a personal computer, the module reads the manifest at 430 .
  • the module may read at 440 from the manifest an identification of the key used to sign the manifest, such as, for example, the public key component or a hash of the public key component of the signing key.
  • the module may then verify the manifest at 450 by generating a hash on the manifest and comparing it with the hash comprised by the manifest signature. If the values match the module may have confidence in the integrity of the manifest, e.g. the manifest contents have not been tampered with since the signature was generated. However, additional processing may be employed before the module may trust the contents of the manifest.
  • the module may trace at 460 the key used to sign the manifest through a certificate chain back to a trusted source. Also, the module may check at 470 that the key associated with this trusted source is not identified in the manifest as a compromised key.
  • the module may read at 480 the list of backup keys, which in one embodiment may be embedded in the module binary, to determine if the key of the trusted source is identified there. If the key of the trusted source is identified in the backup list, the module may trust this key as the new primary key 490 . This new primary key may be relied upon by the module for self and cross checks, among other secure operations. Further, the module may trust other modules whose manifest signature keys associate with the new primary key, either directly or through a certificate chain.
  • the module may cease to trust 495 any keys identified as compromised in the revocation manifest. Trust in these keys is therefore revoked. If the module had previously trusted a key identified as compromised, employing the present invention may result in the software modules revoking their trust in that key and trusting a new key, without requiring a recompilation or redistribution of the software modules. The software modules may instead trust one of the backup keys.
  • FIG. 5 shows an embodiment of an apparatus to assign trust in a new key.
  • embodiment 500 comprises a processor 505 to execute instructions supplied from a bus 520 .
  • the executed instructions are stored in a memory 510 from which they are supplied to the processor 510 by the bus 520 for execution.
  • the processor 505 may be implemented using any semiconductor fabrication technology and may execute any instruction set including, but not limited to, instruction sets supported by an Intel Corporation Pentium® processor or compatible processor.
  • the bus 520 may be implemented using technologies for propagating signals including, but not limited to, electronic and optical conductors.
  • the memory may include random access memory (RAM), read-only memory (ROM), or any other form of memory capable of storing instructions which may then be supplied to the processor 505 by the bus 520 for execution.
  • Embodiment 500 may include a machine-readable storage medium 540 to store instructions which may be loaded into volatile memory 510 from which they may be supplied to processor 505 for execution.
  • the machine-readable storage medium 540 may include, but is not limited to, a hard drive, a floppy drive, and a CD-ROM or other optical disk.
  • machine-readable storage medium 540 may be omitted from the embodiment 500 . Instructions, including instructions 550 to assign trust in a new key, may then be stored, in RAM, ROM, or other memory from which instructions may be accessed over the bus 520 by the processor 505 for execution.
  • embodiment 500 may comprise a mouse 560 , a keyboard 570 , a display 580 , and a scanner 590 , each coupled to the bus 520 for transmitting data so that it may be easily accessed or manipulated by a user.
  • the embodiment 500 may further include a network adapter 585 to couple the embodiment 500 to a network.
  • the invention is not limited in scope to this particular embodiment.
  • embodiment 500 may comprise instructions 550 to revoke trust in a key or secret value stored on the machine-readable storage medium 540 . Execution of the instructions may result in the apparatus performing the method embodiment illustrated in FIG. 4 .
  • the invention is not limited in scope to this particular embodiment.
  • the machine-readable storage medium 540 may comprise RAM, ROM, a floppy disk, and hard disk, a CD ROM, or any other memory capable of storing sequences of instructions which may be executed by a computer system.
  • the instructions may not occur in a particular order or in particular groups.
  • alternate embodiments could include additional instructions for performing other functions different from or supplementing the instructions to revoke trust in a key.
  • the manner of producing the machine-readable storage medium 540 storing instructions, such as instructions to assign trust to a new key, are well-known in the art and to elaborate in detail would merely obscure the description of the present invention.
  • a signed manifest may be issued comprising identifications of a key or keys whose trust is compromised.
  • the key used to sign the manifest may be traceable to a trusted key which, in one embodiment, is among a list of backup keys embedded in a software module relying on the compromised key.
  • a software module may verify the manifest signature and confirm the association of the signature key with a trusted source. If the trusted source key is among the backup keys embedded in the module, the module may revoke trust in the compromised key and assign trust to the trusted key. Recompilation and redistribution of the software module may thus be avoided.
  • the invention is not limited to the embodiments described. For example, one or more of the operations of the method embodiment of FIG. 4 may be carried out by hardware circuits or a cooperation of hardware circuits and software modules.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

A method includes determining whether a key is traceable to one of a set of keys associated with a trusted source and determining whether the key is identified in a list of compromised keys. If the key is not identified as compromised and is traceable to one of the keys in the set, the key is assigned a trusted status.

Description

BACKGROUND
1. Field
The invention relates to the field of information security and, more particularly, to the assigning of trust to a key employed in an electronic operation.
2. Background Information
In modern computing environments, it is desirable to identify the authenticity, integrity and authority of software modules seeking access to data/or and services for which access may be restricted. For example, on a computer system comprising software modules from a variety of sources, including commercial software vendors, the Internet, and private bulletin board services, it may be useful to restrict access by some modules to services that read, write, or otherwise modify information on the computer system mass storage device (for example, a hard drive). A computer system may be any device comprising a processor to execute instructions and a memory to store the instructions. For example desktop computers, laptop computers, hand held computers and set-top boxes are all examples of what may comprise a computer system. As used herein, the term “software module” may refer to any form of packaging (that is, organizing and grouping) sequences of software instructions, for example executable programs, statically-linked libraries, dynamically-linked libraries, applets, objects, and many other forms of packaging and organization for software sequences well known in the art.
One technique for providing security is to associate a secret value, sometimes called a key, with each software module seeking access. If the possessor of the key may be traced back to a trusted source, such as, for example a “Certificate Authority” such as Verisign Inc. of Mountain View, Calif., the module or modules associated with the key may be trusted with access to select services and data.
One difficulty with this approach is that keys may be “compromised”, meaning that secret components of their value may become known to a third party not intended to possess such knowledge. In well-known public-private key systems, such as the RSA Public Key Cryptosystem (1977), secret values may be compromised in a number of ways, including through inadvertent disclosure of the private key, or through reverse engineering (sometimes known as key or code “cracking”) of data or software encrypted with the key.
When a key is compromised, the parties with unauthorized access to the key may impersonate authorized parties to obtain access to the secure services or data available to those with legitimate knowledge of the key. Consequently, it may be desirable to “revoke” the trusted status of the key so that it may no longer be used for access to secure data and services. Once revocation occurs, it may be difficult or impossible for software modules authorized to rely on the key to continue accessing the secure data or services because, along with the unauthorized parties, their access is revoked along with the trusted status of the key.
Software modules relying upon the revoked keys may embed an identification of the revoked key within the binary file or files comprising the modules themselves. In this circumstance, the software module may be re-compiled, re-linked, and redistributed with a new embedded key whose trust has not been compromised. Recompilation, re-linkage, and redistribution of software modules may be an arduous and expensive process. Therefore, there exists a continuing need for techniques to assign trust in a new key once trust in a key has been compromised.
SUMMARY
One embodiment of a method includes determining whether a key is traceable to one of a set of keys associated with a trusted source and determining whether the key is identified in a list of compromised keys. If the key is not identified as compromised and is traceable to one of the keys in the set, the key is assigned a trusted status.
This and other embodiments are described in the following description. In light of the description and accompanying figures, numerous other aspects and implementations of the present invention may become readily apparent. The scope of the invention should be construed in light of the accompanying claims and not limited to the particular embodiments described.
BRIEF DESCRIPTION OF THE DRAWINGS
The subject matter regarded as the invention is particularly pointed out and distinctly claimed in the concluding portion of the specification. The invention, however, may be further understood by reference to the following detailed description read with reference to the accompanying drawings.
FIG. 1 is a flow chart illustrating an embodiment of a process to manufacture a security manager module and the manifest for the security manager module in accordance with the present invention.
FIG. 2 is a flow chart illustrating an embodiment of a process to manufacture the manifest for a client module of the security manager in accordance with the present invention.
FIG. 3 is a flow chart illustrating an embodiment of a process to create a revocation manifest in accordance with the present invention.
FIG. 4 is a flow chart illustrating an embodiment of a process by which trust may be assigned to a key relied upon by a software module to self-check itself or cross-check other modules, in accordance with the present invention.
FIG. 5 is a schematic diagram illustrating an embodiment of an apparatus to revoke trust in a key value in accordance with the present invention.
DETAILED DESCRIPTION
The present invention involves a technique to assign trust in a key to be used by software modules in electronic operations. The embodiments described herein are merely illustrative, and one skilled in the art will appreciate that numerous modifications can be made which, nonetheless, fall within the scope of the present invention.
In this description, the private component of a public/private key pair may be referred to as the “private key” and the public component may be referred to as the “public key”. Typically, in a manner well-known in the art of digital security, a “digital signature” may be generated by computing the hash value of a body of information, such as a data document or a sequence of program instructions, and then applying the private key to transform the generated hash value. A signature may be “verified”, that is, determined to have been generated by the party or parties associated with the private key, by computing a second hash value on the body of information, then applying the public key component to the encrypted hash value corresponding to the private key value and comparing the hash values for a match. If the hatch values match, the recipient of the signature may have confidence that the signed body of information originated from a party associated with the private key and, further, that the body of information is unaltered from its state when the signature was generated. Again, methods of generating and verifying signatures are well-known in the art of digital security.
A “manifest” typically comprises one or more files containing attributes of another data file or software module. The manifest may typically comprise a hash value of the other file and an identification of the key used to sign the manifest. Using the identified key, a signature may be generated on the manifest. When the key used to sign the manifest is trusted, the integrity of the information comprised by the signed manifest may also be trusted. In order to provide a measure of trust in the signing key, it may be possible to trace the signing key through a “certificate chain” back to a trusted source. This trusted source may be a key issued by a trusted party, such as a Certificate Authority (CA). Verisign Inc. is an example of a CA. The certificate chain may comprise one or more “digital certificates”, that is, files comprising a key which are signed by keys which are closer in the chain of trust to the trusted source. For example, a bank may be assigned a private key for performing digital signatures. This private key may be assigned to the bank by a CA. A certificate for the bank's key may be issued by the CA, in the form of a file comprising the bank's key, signed by the CA's key. The CA's key may be described as the “anchor” of the trust extending to the bank's key. Certificates and certificate chains are well known by those of ordinary skill in the art of digital security; see, for example, Recommendation X.509 V.3 (1994) from the International Telecommunication Union.
The certificate chain may be comprised by the manifest for a software module, or it may be stored separately from the manifest. The hash value comprised by the manifest may be used to verify the integrity of the software module with which the manifest is associated, and may also serve to associate the manifest with the software module by utilizing the unique character of the hash valve.
In one embodiment, one software module may control access to secure data and services in a computer system. This module may be called the security manager (SM). When another module in the computer system requests access to secure data or services, the SM may verify the integrity and trusted status of (henceforth referred to as cross-checking) the other software module (henceforth referred to as the client module). For example, when a client module requests access, the SM may consult the manifest for the client module. A hash value for the client module may be stored in this manifest. The SM may generate a hash value of the client module and compare it with the hash value stored in the manifest. A match provides an indication regarding the integrity of the module to ensure that the module has not been tampered with. The SM may perform a hash on the manifest itself and compare it with the hash value comprised by the manifest signature. If those values match, they provide an indication of the integrity of the manifest itself and, hence, the hash value comprised by the manifest, providing further verification of the client module's integrity.
To determine whether the client module is associated with a trusted source, the SM may read from the client module manifest an identification of the public key component corresponding to the private key used to sign the manifest. Using this public key component, the SM may trace the association of the signing key back to the trusted source using a certificate chain. The certificates of the certificate chain may be comprised by the manifest or may be accessible separately from the manifest. For example, in one embodiment the key for the trusted source, to which the certificate chain traces back to, may be embedded within the binary file comprising the SM.
The SM may have an associated manifest similar to the manifest for the client module. In one embodiment, the manifest for the SM may comprise a hash value for the SM which the SM may use to verify its own integrity (self-check) in a manner similar in the manner in which the SM determines the integrity of the client module (cross check). The SM manifest may further comprise the public key component corresponding to the private key used to sign the SM manifest which, in a manner similar to the pubic key for the client module, may be associated with a trusted source through a certificate chain. The SM manifest may or may not comprise the certificate chain. The public key associated with the trusted source may be the same public key to which the public key of the client module was traced through the client certificate chain. As previously noted, this public key component may be embedded in an SM binary file.
FIG. 1 shows one embodiment 100 of a process to produce an SM module and the manifest for the SM module. The instructions 106 comprising the SM module, and a data file 110 may be input to a compilation/linking tool 120 (the compiler and linker may comprise separate tools). The data file may comprise a primary key 102 and one or more backup keys 104. In one embodiment, the primary key 102 and backup keys 104 comprise public keys which are trusted by the SM for performing secure operations, such as accessing secure data and services on a computer system. The compiler/linker 120 may output an SM binary image 130 suitable for loading into the memory of a computer system, and comprising the instructions 106 of the SM in binary form, e.g. machine language, and further comprising the key values from the data file 110 embedded within the binary image 130. In one embodiment, the key values 102,104 are embedded in a data area of the SM binary 130. In another embodiment, the key values 102,104 may be encoded in such a manner as to make their detection more difficult by unauthorized third parties examining the binary image 130, such as may take place with the aid of debugging or disassembly tool.
The SM binary 130 may be input to a hash generator 140 to generate a hash value unique to the SM binary 130 with a high degree of confidence. In other words, it would be highly improbable that another input to the hash generator 140 would result in the same hash value. In one embodiment, this hash value may be archived by a trusted authority, such as a Certificate Authority, to be employed in a manner to be described later. The hash value, along with a private key 160, may be input to a manifest generator 150. Other information (not shown) to be comprised by the manifest may also be input to the manifest generator 150. The manifest generator 150 may output a manifest for the SM signed with the private key 160. In one embodiment, in addition to comprising the hash value of the SM, the manifest may comprise an identification of the public key corresponding to the private key 160 or a hash of this public key. The private key 160 may be traceable, by way of a certificate chain (the dotted line in FIG. 1), back to the primary key 102 embedded in the SM binary 130. The certificate chain may be comprised by the manifest or separate from it.
FIG. 2 shows an embodiment 200 of a process to produce the manifest for a client module of the SM, in other words, a software module to request secure data or services from the SM. Client module instructions 202 may be input to a compiler/linker 120 to produce a client binary 230. Unlike the SM binary 130, the client binary 230 may not have embedded key values. The client binary 230 may be input to a hash generator 140 to produce a hash value for the client binary 230. The hash value may be archived with a trusted authority such as a Certificate Authority. The hash value, along with a private key 260, may be input to manifest generator 150 to produce a manifest for the client module 230, signed by private key 260. The manifest may comprise an identification of the public key corresponding to private key 260 used to used to sign the manifest. The manifest may further comprise the hash value of the client binary 230. The manifest may also comprise a certificate chain through which the key 260 used to sign the manifest may be traced back to a key associated with a trusted authority such as a Certificate Authority. The certification chain may also be separate from the manifest. In one embodiment, both the key 260 used to sign the client manifest and the key 160 used to sign the SM manifest are traceable back to the trusted primary key 102 embedded within the SM binary 130.
Embodiments in accordance with the present invention may employ manifest technology to provide a new trusted key to replace a compromised trusted key, such as a compromised primary key 102. Using such embodiments, it may be possible to revoke a compromised key without recompiling and redistributing the software modules that rely upon the compromised key. It may not be necessary to provide third parties, such as Certificate Authorities, with access to the source or binary code for these software modules when a key is compromised. Instead, these third parties may archive a hash of the software modules, which may then be distributed along with a new trusted key in a signed manifest. Because the archived hash is comprised by a manifest signed by a new trusted key, software modules can trust the integrity of the archived hash value when performing self or cross checks for module integrity.
When a key is compromised, a revocation manifest may be issued, for example by a Certificate Authority responsible for maintaining and managing trust in the compromised key value. In one embodiment, the revocation may be issued in the form of a new manifest comprising an identification of a replacement key to be relied upon by software modules previously relying upon the compromised key.
FIG. 3 shows an embodiment 300 of a process to produce a revocation manifest identifying compromised keys. An original hash of the SM, possibly archived by a Certificate Authority, is input to a manifest generator 150 along with a list 302 identifying one or more compromised keys and a key 360 for signing the manifest. A private key 360 may used to generate a signature on the manifest and an identification (such as a hash or the key value itself) of the public key component may be comprised by the manifest. The key 360 to sign the manifest may be traceable through a certificate chain to a trusted key. In one embodiment, the trusted key to which the certificate chain may be traced comprises one of the back-up keys embedded in the SM.
FIG. 4 is a flow chart illustrating an embodiment of a process by which trust may be assigned to a key relied upon by a software module to self-check itself or cross-check other modules, in accordance with the present invention. When a trusted key employed by a software module is compromised or suspected of compromise, a revocation manifest may be generated at 410, for example by the embodiment as illustrated in FIG. 3. The revocation manifest may be associated with the module by way of a hash value of the module comprised by the manifest. When the module is executed at 420 by a computer system, for example, by a personal computer, the module reads the manifest at 430. The module may read at 440 from the manifest an identification of the key used to sign the manifest, such as, for example, the public key component or a hash of the public key component of the signing key. The module may then verify the manifest at 450 by generating a hash on the manifest and comparing it with the hash comprised by the manifest signature. If the values match the module may have confidence in the integrity of the manifest, e.g. the manifest contents have not been tampered with since the signature was generated. However, additional processing may be employed before the module may trust the contents of the manifest. The module may trace at 460 the key used to sign the manifest through a certificate chain back to a trusted source. Also, the module may check at 470 that the key associated with this trusted source is not identified in the manifest as a compromised key. If the key used to sign the manifest is found to be associated with a trusted source and is not identified among, the list of compromised keys, the module may read at 480 the list of backup keys, which in one embodiment may be embedded in the module binary, to determine if the key of the trusted source is identified there. If the key of the trusted source is identified in the backup list, the module may trust this key as the new primary key 490. This new primary key may be relied upon by the module for self and cross checks, among other secure operations. Further, the module may trust other modules whose manifest signature keys associate with the new primary key, either directly or through a certificate chain.
As a result of this procedure, the module may cease to trust 495 any keys identified as compromised in the revocation manifest. Trust in these keys is therefore revoked. If the module had previously trusted a key identified as compromised, employing the present invention may result in the software modules revoking their trust in that key and trusting a new key, without requiring a recompilation or redistribution of the software modules. The software modules may instead trust one of the backup keys.
FIG. 5 shows an embodiment of an apparatus to assign trust in a new key. Referring now to FIG. 5, embodiment 500 comprises a processor 505 to execute instructions supplied from a bus 520. The executed instructions are stored in a memory 510 from which they are supplied to the processor 510 by the bus 520 for execution. The processor 505 may be implemented using any semiconductor fabrication technology and may execute any instruction set including, but not limited to, instruction sets supported by an Intel Corporation Pentium® processor or compatible processor. The bus 520 may be implemented using technologies for propagating signals including, but not limited to, electronic and optical conductors. The memory may include random access memory (RAM), read-only memory (ROM), or any other form of memory capable of storing instructions which may then be supplied to the processor 505 by the bus 520 for execution. Embodiment 500 may include a machine-readable storage medium 540 to store instructions which may be loaded into volatile memory 510 from which they may be supplied to processor 505 for execution. The machine-readable storage medium 540 may include, but is not limited to, a hard drive, a floppy drive, and a CD-ROM or other optical disk.
One skilled in the art will appreciate that in “diskless” devices without mass storage mediums, the machine-readable storage medium 540 may be omitted from the embodiment 500. Instructions, including instructions 550 to assign trust in a new key, may then be stored, in RAM, ROM, or other memory from which instructions may be accessed over the bus 520 by the processor 505 for execution.
To perform signal input/output, embodiment 500 may comprise a mouse 560, a keyboard 570, a display 580, and a scanner 590, each coupled to the bus 520 for transmitting data so that it may be easily accessed or manipulated by a user. The embodiment 500 may further include a network adapter 585 to couple the embodiment 500 to a network. Of course, the invention is not limited in scope to this particular embodiment.
In accordance with the present invention, embodiment 500 may comprise instructions 550 to revoke trust in a key or secret value stored on the machine-readable storage medium 540. Execution of the instructions may result in the apparatus performing the method embodiment illustrated in FIG. 4. Of course, the invention is not limited in scope to this particular embodiment.
The machine-readable storage medium 540 may comprise RAM, ROM, a floppy disk, and hard disk, a CD ROM, or any other memory capable of storing sequences of instructions which may be executed by a computer system. Of course, those skilled in the art will appreciate that the instructions may not occur in a particular order or in particular groups. Also, alternate embodiments could include additional instructions for performing other functions different from or supplementing the instructions to revoke trust in a key. The manner of producing the machine-readable storage medium 540 storing instructions, such as instructions to assign trust to a new key, are well-known in the art and to elaborate in detail would merely obscure the description of the present invention.
In summary, a method and apparatus to revoke trust in a key has been described. In one embodiment, a signed manifest may be issued comprising identifications of a key or keys whose trust is compromised. The key used to sign the manifest may be traceable to a trusted key which, in one embodiment, is among a list of backup keys embedded in a software module relying on the compromised key. A software module may verify the manifest signature and confirm the association of the signature key with a trusted source. If the trusted source key is among the backup keys embedded in the module, the module may revoke trust in the compromised key and assign trust to the trusted key. Recompilation and redistribution of the software module may thus be avoided. Of course, the invention is not limited to the embodiments described. For example, one or more of the operations of the method embodiment of FIG. 4 may be carried out by hardware circuits or a cooperation of hardware circuits and software modules.
While certain features of the invention have been illustrated as described herein, many modifications, substitutions, changes and equivalents will now occur to those skilled in the art. It is, therefore, to be understood that the appended claims are intended to cover all such embodiments and changes as fall within the true spirit of the invention.

Claims (40)

1. A method comprising:
reading from a software module binary operating on a computing device, a set of keys associated with a trusted source, wherein the set of keys is embedded in the software module binary, the set of keys having been compiled and linked with a software module to generate the software module binary;
determining on the computing device, whether a key is traceable to one of the keys in the set of keys, the key being presented by or read from a document comprising a digital signature of the software module binary;
determining on the computing device, whether the key is identified in a list of compromised keys; and
if the key is not identified as compromised and is traceable to one of the keys in the set of keys, assigning the key a trusted status.
2. The method of claim 1 further comprising:
verifying on the computing device, the integrity of the document, the document further comprising the list of compromised keys.
3. The method of claim 1 in which determining on the computing device, whether the key is traceable to one of the keys in the set of keys further comprises:
tracing the key through a certificate chain to one of the keys in the set of keys.
4. The method of claim 1 wherein the digital signature is a hash of the software module binary.
5. The method of claim 2 in which the document is a manifest signed by the key.
6. The method of claim 1 in which determining on the computing device, whether the key is identified in the list of compromised keys further comprises:
searching on the computing device, the list of compromised keys for the key.
7. A method comprising:
producing on a computing device, a document comprising an identification of a software module binary and a list of compromised keys;
digitally signing the document, on the computing device, using a key presented by or read from the document and traceable to one key of a set of keys, wherein the set of keys is embedded in the software module binary, the set of keys having been compiled and linked with a software module to generate the software module binary; and
making the document available on a communication network by which computer systems comprising the software module binary may read the document.
8. The method of claim 7 in which the identification of the software module binary comprises a hash value of the software module binary.
9. The method of claim 7 in Which the key is traceable to one of the keys in the set of keys embedded in the software module binary by way of a certificate chain.
10. A device comprising:
a processor;
a machine-readable storage medium coupled to the processor by way of a bus, the storage medium storing instructions which, when executed by the processor, cause the device to
read from a software module binary a set of keys associated with a trusted source, wherein the set of keys is embedded in the software module binary, the set of keys having been compiled and linked with a software module to generate the software module binary,
determine whether a key is traceable to one of the keys in the set of keys, the key being presented by or read from a document comprising a digital signature of the software module binary,
determine whether the key is identified in a list of compromised key's, and
if the key is not identified as compromised and is traceable to one of the keys in the set of keys, assign the key a trusted status.
11. The device of claim 10 in which the instructions, when executed by the device, further cause the device to:
verify the integrity of the document, the document further comprising the list of compromised keys.
12. The device of claim 10 in which the instructions, when executed by the device, further cause the device to:
trace the key through a certificate chain to one of the keys in the set of keys.
13. A device comprising:
a processor;
a machine-readable storage medium coupled to the processor by way of a bus, the storage medium storing instructions which, when executed by the processor, cause the device to:
produce a document comprising an identification of a software module binary and a list of compromised keys; and
digitally sign the document using a key presented by or read from the document and traceable to one key of a set of keys, wherein the set of keys is embedded in the software module binary, the set of keys having been compiled and linked with a software module to generate the software module binary;
wherein the key is traceable to one of the keys in the set of keys embedded in the software module binary by way of a certificate chain.
14. The device of claim 13 in which the identification of the software module binary comprises a hash value of the software module binary.
15. An article comprising a machine tangible, non-transitory computer-readable medium having stored thereon instructions which, when executed by a processor of a device, result in:
reading from a software module binary operating on the device, a set of keys associated with a trusted source, wherein the set of keys is embedded in the software module binary, the set of keys having been compiled and linked with a software module to generate the software module binary;
determining on the device, whether a key is traceable to one of the keys in the set of keys, the key being presented by or read from a document comprising a digital signature of the software module binary;
determining on the device, whether the key is identified in a list of compromised keys; and
if the key is not identified as compromised and is traceable to one of keys in the set of keys, assigning the key a trusted status.
16. The article of claim 15 in which the instructions, when executed by the processor, further result in:
verifying on the device, the integrity of the document, the document further comprising the list of compromised keys.
17. The article of claim 15 in which the sequence of instructions, when executed by the processor, further result in:
tracing on the device, the key through a certificate chain to one of the keys in the set of keys.
18. An article comprising a machine tangible, non-transitory computer-readable medium having stored thereon instructions which, when executed by a processor of a device, result in:
producing on the device, a document comprising an identification of a software module binary and a list of compromised keys; and
digitally signing the document, on the device, using a key presented by or read from the document and traceable to one key of a set of keys, wherein the set of keys is embedded in the software module binary, the set of keys having been compiled and linked with a software module to generate the software module binary;
wherein the identification of the software module binary comprises a hash value of the software module binary.
19. The article of claim 18 in which the key is traceable by way of a certificate chain to one of the keys in the set of keys embedded in the software module binary.
20. A method comprising:
reading from a software module binary operating on a computing device, a set of values associated with a trusted source, wherein the set of values is embedded in the software module binary, the set of values having been compiled and linked with a software module to generate the software module binary;
determining on the computing device, whether a value is traceable to one of the values in the set of values, the value being presented by or read from a file comprising a digital signature of the software module binary;
determining whether the value is compromised; and
if the value is not determined to be compromised and is traceable to one of the values in the set of values, assigning the value a trusted status.
21. The method of claim 20 further comprising:
verifying on the computing device, the integrity of the file, the file further comprising the list of compromised values.
22. The method of claim 20 in which determining on the computing device, whether the value is traceable to one of the values in the set of values further comprises:
tracing on the computing device, the value through a certificate chain to one of the values in the set of values.
23. The method of claim 20 wherein the digital signature is a hash of the software module binary.
24. The method of claim 21 in which the file is a manifest signed using the value.
25. The method of claim 20 in which determining on the computing device, whether the value is compromised values comprises:
searching on the computing device, the list of compromised values for the value.
26. A method comprising:
producing on a computing device, a file for facilitating determining of whether a value is compromised, wherein the file comprises an identification of a software module binary;
digitally signing on the computing device, the file using a value presented by or read from the file and traceable to one value of a set of values, wherein the set of values is embedded in the software module binary, the set of values having been compiled and linked with a software module to generate the software module binary; and
making the file available on a communication network by which other computing devices comprising the software module binary may read the file.
27. The method of claim 26 in which the identification of the software module binary comprises a hash value of the software module binary.
28. The method of claim 26 in which the value is traceable to one of the values in the set of values embedded in the software module binary by way of a certificate chain.
29. A device comprising:
a processor;
a tangible, non-transitory computable-readable storage medium coupled to the processor, the storage medium storing instructions which, when executed by the processor, cause the device to:
read from a software module binary a set of values associated with a trusted source, wherein the set of values is embedded in the software module binary, the set of values having been compiled and linked with a software module to generate the software module binary;
determine whether a value is traceable to one of the values in the set of values, the value being presented by or read from a file comprising a digital signature of the software module binary;
determine whether the value is compromised; and
if the value is determined as compromised and is traceable to one of the values in the set of values, assign the value a trusted status.
30. The device of claim 29 in which the instructions, when executed by the device, further cause the device to:
verify the integrity of the file, the file further comprising a list of compromised values.
31. The device of claim 29 in which the instructions, when executed by the device, further cause the device to:
trace the value through a certificate chain to one of the values in the set of values.
32. A device comprising:
a processor;
a tangible, non-transitory computer-readable storage medium coupled to the processor, the storage medium storing instructions which, when executed by the processor, cause the device to:
produce on the device, a file for facilitating determining whether a value is compromised, the file comprising an identification of a software module binary; and
digitally sign the file, on the device, using a value presented by or read from the file and traceable to one value of a set of values, wherein the set of values is embedded in the software module binary, the set of values having been compiled and linked with a software module to generate the software module binary;
wherein the value is traceable to one of the values in the set of values embedded in the software module binary by way of a certificate chain.
33. The device of claim 32 in which the identification of the software module binary comprises a hash value of the software module binary.
34. An article comprising a tangible, non-transitory computer-readable medium having stored thereon instructions which, when executed on a device, result in:
reading on the device, from a software module binary a set of values associated with a trusted source, wherein the set of values is embedded in the software module binary, the set of values having been compiled and linked with a software module to generate the software module binary;
determining on the device, whether a value is traceable to one of the values in the set of values, the value being presented by or read from a file comprising a digital signature of the software module binary;
determining on the device, whether the value is compromised; and
if the value is not identified as compromised and is traceable to one of values in the set of values, assigning the value a trusted status.
35. The article of claim 34 in which the instructions, when executed on the device, further result in:
verifying on the device, the integrity of the file, the file further comprising the list of compromised values.
36. The article of claim 34 in which the instructions, when executed by the processor, further result in:
tracing on the device, the value through a certificate chain to one of the values in the set of values.
37. An article comprising a tangible, non-transitory computer-readable medium having stored thereon instructions which, when executed on a device, result in:
producing on the device, a file for facilitating determining whether a value is compromised, the file comprising an identification of a software module binary; and
digitally signing the file, on the device, using a value presented by or read from the file and traceable to one value of a set of values, wherein the set of values is embedded in the software module binary, the set of values having been compiled and linked with a software module to generate the software module binary;
wherein the identification of the software module binary comprises a hash value of the software module binary.
38. The article of claim 37 in which the value is traceable by way of a certificate chain to one of the values in the set of values embedded in the software module binary.
39. An article comprising a tangible, non-transitory computer-readable medium having stored thereon instructions which, when executed on a device, result in:
receiving, by a compilation module operating on the device, a software module binary and a data file comprising a set of values; and
generating, by the compilation module, a file for facilitating determining whether a value is compromised, using the software module binary and the data file, wherein the file comprises an identification of the software module binary and the set of values embedded in the software module binary;
wherein the file is to be digitally signed, on the device, using a value presented by or read from the file and traceable to one value of a set of values;
wherein the identification of the software module binary comprises a hash value of the software module binary.
40. The article of claim 39 in which the value is traceable by way of a certificate chain to one of the values in the set of values embedded in the software module binary.
US12/965,459 1999-09-16 2010-12-10 Method and apparatus to assign trust to a key Expired - Fee Related USRE43934E1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/965,459 USRE43934E1 (en) 1999-09-16 2010-12-10 Method and apparatus to assign trust to a key

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/397,455 US7571315B1 (en) 1999-09-16 1999-09-16 Method and apparatus to assign trust to a key
US12/965,459 USRE43934E1 (en) 1999-09-16 2010-12-10 Method and apparatus to assign trust to a key

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US09/397,455 Reissue US7571315B1 (en) 1999-09-16 1999-09-16 Method and apparatus to assign trust to a key

Publications (1)

Publication Number Publication Date
USRE43934E1 true USRE43934E1 (en) 2013-01-15

Family

ID=40910258

Family Applications (2)

Application Number Title Priority Date Filing Date
US09/397,455 Ceased US7571315B1 (en) 1999-09-16 1999-09-16 Method and apparatus to assign trust to a key
US12/965,459 Expired - Fee Related USRE43934E1 (en) 1999-09-16 2010-12-10 Method and apparatus to assign trust to a key

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US09/397,455 Ceased US7571315B1 (en) 1999-09-16 1999-09-16 Method and apparatus to assign trust to a key

Country Status (1)

Country Link
US (2) US7571315B1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10277567B2 (en) 2016-06-06 2019-04-30 Motorola Solutions, Inc. Method and server for issuing cryptographic keys to communication devices
US10333935B2 (en) 2016-06-06 2019-06-25 Motorola Solutions, Inc. Method and management server for revoking group server identifiers of compromised group servers
US10341107B2 (en) * 2016-06-06 2019-07-02 Motorola Solutions, Inc. Method, server, and communication device for updating identity-based cryptographic private keys of compromised communication devices

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7480384B2 (en) * 2003-02-10 2009-01-20 International Business Machines Corporation Method for distributing and authenticating public keys using random numbers and Diffie-Hellman public keys
AU2003902422A0 (en) * 2003-05-19 2003-06-05 Intellirad Solutions Pty. Ltd Access security system
JP2005128996A (en) * 2003-09-30 2005-05-19 Dainippon Printing Co Ltd Information processing apparatus and system, and program
US9894040B2 (en) 2012-09-11 2018-02-13 Microsoft Technology Licensing, Llc Trust services for securing data in the cloud
US8959351B2 (en) 2012-09-13 2015-02-17 Microsoft Corporation Securely filtering trust services records
RU2514138C1 (en) 2012-09-28 2014-04-27 Закрытое акционерное общество "Лаборатория Касперского" System and method for verifying public key certificate to counteract "man-in-middle" attacks
US11444780B2 (en) * 2019-05-21 2022-09-13 Micron Technology, Inc. Secure replaceable verification key architecture in a memory sub-system
US12113915B2 (en) 2022-03-30 2024-10-08 Intel Corporation Federal Information Processing Standard (FIPS) compliant Device Identifier Composition Engine (DICE) certificate chain architecture for embedded systems

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5214702A (en) * 1988-02-12 1993-05-25 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5680458A (en) * 1995-11-14 1997-10-21 Microsoft Corporation Root key compromise recovery
US5774552A (en) 1995-12-13 1998-06-30 Ncr Corporation Method and apparatus for retrieving X.509 certificates from an X.500 directory
WO2001016731A1 (en) * 1999-08-30 2001-03-08 Neoplanet, Inc. Method and system for modifying compiled code using a customization tool
US6215872B1 (en) 1997-10-24 2001-04-10 Entrust Technologies Limited Method for creating communities of trust in a secure communication system
US6560706B1 (en) 1998-01-26 2003-05-06 Intel Corporation Interface for ensuring system boot image integrity and authenticity

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5214702A (en) * 1988-02-12 1993-05-25 Fischer Addison M Public key/signature cryptosystem with enhanced digital signature certification
US5680458A (en) * 1995-11-14 1997-10-21 Microsoft Corporation Root key compromise recovery
US5774552A (en) 1995-12-13 1998-06-30 Ncr Corporation Method and apparatus for retrieving X.509 certificates from an X.500 directory
US6215872B1 (en) 1997-10-24 2001-04-10 Entrust Technologies Limited Method for creating communities of trust in a secure communication system
US6560706B1 (en) 1998-01-26 2003-05-06 Intel Corporation Interface for ensuring system boot image integrity and authenticity
WO2001016731A1 (en) * 1999-08-30 2001-03-08 Neoplanet, Inc. Method and system for modifying compiled code using a customization tool

Non-Patent Citations (12)

* Cited by examiner, † Cited by third party
Title
Final Office Action for U.S. Appl. No. 09/397,455, mailed Apr. 19, 2004, 7 pages.
Final Office Action for U.S. Appl. No. 09/397,455, mailed Feb. 2, 2009, 7 pages.
Final Office Action for U.S. Appl. No. 09/397,455, mailed Feb. 22, 2008, 9 pages.
Final Office Action for U.S. Appl. No. 09/397,455, mailed Jun. 24, 2005, 9 pages.
Guinee, R.A.; Blaszczyk, M.; "Experimental validation of the hardware implementation of a novel true random binary sequence generator for keystream applications"; IEEE Digital Object Identifier: 10.1109/MILCOM.2009.5379810 Publication Year: Mar. 2009 , pp. 1-7. *
Kocher, Paul, et al., "Security as a New Dimension in Embedded System design," Jun. 2004, DAC'04: Proceedings of the 41st annual conference on Design automation, pp. 753-760.
Notice of Allowability for U.S. Appl. No. 09/397,455, mailed Apr. 1, 2009, 7 pages.
Office Action for U.S. Appl. No. 09/397,455, mailed Aug. 13, 2003, 7 pages.
Office Action for U.S. Appl. No. 09/397,455, mailed Jan. 13, 2005, 8 pages.
Office Action for U.S. Appl. No. 09/397,455, mailed Jul. 22, 2008, 6 pages.
Office Action for U.S. Appl. No. 09/397,455, mailed Mar. 7, 2006, 8 pages.
Office Action for U.S. Appl. No. 09/397,455, mailed Oct. 3, 2007, 8 pages.

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10277567B2 (en) 2016-06-06 2019-04-30 Motorola Solutions, Inc. Method and server for issuing cryptographic keys to communication devices
US10333935B2 (en) 2016-06-06 2019-06-25 Motorola Solutions, Inc. Method and management server for revoking group server identifiers of compromised group servers
US10341107B2 (en) * 2016-06-06 2019-07-02 Motorola Solutions, Inc. Method, server, and communication device for updating identity-based cryptographic private keys of compromised communication devices

Also Published As

Publication number Publication date
US7571315B1 (en) 2009-08-04

Similar Documents

Publication Publication Date Title
USRE43934E1 (en) Method and apparatus to assign trust to a key
CN109313690B (en) Self-contained encrypted boot policy verification
US6546487B1 (en) System and method for protecting use of dynamically linked executable modules
JP4113274B2 (en) Authentication apparatus and method
US6421779B1 (en) Electronic data storage apparatus, system and method
US6381698B1 (en) System and method for providing assurance to a host that a piece of software possesses a particular property
US9276752B2 (en) System and method for secure software update
US6081893A (en) System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record
US6959382B1 (en) Digital signature service
US20130031371A1 (en) Software Run-Time Provenance
CN110677376B (en) Authentication method, related device and system and computer readable storage medium
US20080216147A1 (en) Data Processing Apparatus And Method
US20050039016A1 (en) Method for using trusted, hardware-based identity credentials in runtime package signature to secure mobile communications and high-value transaction execution
US12050667B2 (en) Cryptographically managing license compatibility
KR19980081644A (en) Information processing apparatus, methods and recording media
CN109981287B (en) Code signing method and storage medium thereof
MXPA04001596A (en) Issuing a publisher use license off-line in a digital rights management (drm) system.
KR20040076834A (en) Revocation of a certificate and exclusion of other principals in a digital rights management(drm) system based on a revocation list from a delegated revocation authority
KR20080030359A (en) Method for integrity attestation of a computing platform hiding its configuration information
CN104426658A (en) Method and device for performing identity authentication on application on mobile terminal
US20100223469A1 (en) Method, System and Computer Program Product for Certifying Software Origination
KR20010040248A (en) Method and system for transient key digital time stamps
CN112866235B (en) Data processing method, device and equipment
US8301894B2 (en) Method and apparatus for applying digital signatures to translated content
US20060212699A1 (en) Method and apparatus for certifying a design of a software computer program

Legal Events

Date Code Title Description
FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

FPAY Fee payment

Year of fee payment: 4

SULP Surcharge for late payment
FPAY Fee payment

Year of fee payment: 8

FEPP Fee payment procedure

Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

LAPS Lapse for failure to pay maintenance fees

Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY