Method and system for in-field recovery of security when a certificate authority has been compromised

摘要

A certificate credential is generated based on a user device's private key securely stored, or accessible, by a certificate authority. When the certificate authority has been compromised, the credential, which typically includes information encrypted with the device's private key and the corresponding unencrypted information, is sent to the device. The device receives the information in encrypted and unencrypted form and decrypts the encrypted information. If the result of the decryption matches the unencrypted information, the device trusts the signer of the credential.

主权项

1. A computer-implemented method, comprising:
identifying an update to security information used by a plurality of customer premise equipment network access devices; generating a plurality of configuration files for distribution to respective customer premise equipment network access devices responsive to the update; including certificate credential information within the configuration files, wherein the certificate credential information is encrypted or signed using a plurality of device private keys respectively associated with each of the customer premise equipment network access devices; and sending a particular configuration file from the plurality configuration files over a service operator network to a particular customer premise equipment network access device from the plurality of customer premise equipment network access devices in response to the particular customer premise equipment network access device attempting to join the service operator network, the particular configuration file being a configuration file from the plurality of configuration files which uses the certificate credential information encrypted or signed using a device private key associated with the particular customer premise equipment network access device to which the particular configuration file is being sent.