| 发明名称 | Virally distributable trusted messaging | ||
| 摘要 | Technologies for utilizing trusted messaging include a local computing device including a message client and a local trusted message module established in a trusted execution environment. The local trusted message module performs attestation of a remote computing device based on communication with a corresponding remote trusted message module established in a trusted execution environment of the remote computing device. The local trusted message module further exchanges, with the remote trusted message module, cryptographic keys in response to successful attestation of the remote computing device. The message client forwards outgoing messages to the local trusted message module and receives incoming messages from the local trusted message module. To securely transmit an outgoing message to the remote computing device, the local trusted message module receives the outgoing message from the message client, encrypts the outgoing message, and cryptographically signs the outgoing message, prior to transmittal to the remote trusted message module of the remote computing device. To securely receive an incoming message from the remote computing device, the local trusted message module receives the incoming message from the remote trusted message module of the remote computing device, decrypts the incoming message, and verifies a cryptographic signature of the incoming message, based on the exchanged cryptographic keys and prior to transmittal of the incoming message to the message client. | ||
| 申请公布号 | US9467296(B2) | 申请公布日期 | 2016.10.11 |
| 申请号 | US201414473308 | 申请日期 | 2014.08.29 |
| 申请人 | Intel Corporation | 发明人 | Smith Ned M.;Deleeuw William C.;Willis Thomas G.;Goss Nathaniel J. |
| 分类号 | G06F21/00;H04L9/32;H04L29/06;H04L9/08 | 主分类号 | G06F21/00 |
| 代理机构 | Barnes & Thornburg LLP | 代理人 | Barnes & Thornburg LLP |
| 主权项 | 1. A local computing device for trusted messaging, the local computing device comprising: a processor; a local trusted message module, established in a trusted execution environment, to (i) perform attestation of a remote computing device based on communication with a corresponding remote trusted message module established in a trusted execution environment of the remote computing device and (ii) exchange, with the remote trusted message module, cryptographic keys in response to successful attestation of the remote computing device; and a message client to (i) forward outgoing messages to the local trusted message module and (ii) receive incoming messages from the local trusted message module, wherein, to securely transmit an outgoing message to the remote computing device, the local trusted message module is to (i) receive the outgoing message from the message client, (ii) encrypt the outgoing message, and (iii) cryptographically sign the outgoing message, prior to transmittal to the remote trusted message module of the remote computing device; and wherein, to securely receive an incoming message from the remote computing device, the local trusted message module is to (i) receive the incoming message from the remote trusted message module of the remote computing device, (ii) decrypt the incoming message, and (iii) verify a cryptographic signature of the incoming message, based on the exchanged cryptographic keys and prior to transmittal of the incoming message to the message client. | ||
| 地址 | Santa Clara CA US | ||