| 发明名称 | System and method for authentication for field replaceable units | ||
| 摘要 | A method and apparatus of a network element that authenticates a field replaceable unit of the network element is described. The network element authenticates a field replaceable unit of the network element by generating a nonce. In addition, the network element generates a signature using a nonce and a private encryption key that is securely stored in the field replaceable unit. The network element further verifies the signature using a public encryption key that is a pair to the private encryption key and is not securely stored in the field replaceable unit. If the field replaceable unit is verified, the network element uses the field replaceable unit to operate the network element. Otherwise, the network element disables the field replaceable unit. | ||
| 申请公布号 | US9641339(B2) | 申请公布日期 | 2017.05.02 |
| 申请号 | US201414448883 | 申请日期 | 2014.07.31 |
| 申请人 | Arista Networks, Inc. | 发明人 | Ho Alexander Channing;Duda Kenneth James;Redlefsen Lorenz Wolfgang |
| 分类号 | H04L9/32;H04L29/06;G06F21/44 | 主分类号 | H04L9/32 |
| 代理机构 | Blakely, Sokoloff, Taylor & Zafman LLP | 代理人 | Blakely, Sokoloff, Taylor & Zafman LLP |
| 主权项 | 1. A non-transitory machine-readable medium having executable instructions to cause one or more processing units to perform a method to authenticate a field replaceable unit of a network element, the method comprising: authenticating the field replaceable unit by decrypting encrypted manufacturing data stored on the field replaceable unit using a developer public key that is a pair to a developer private key used to create the encrypted manufacturing data stored on the network element and comparing the decrypted manufacturing data with stored manufacturing data from the network element, wherein the encrypted manufacturing data is stored on the field replaceable unit prior to the field replaceable unit coupling to the network element and the field replaceable unit is selected from a group consisting of a line card and a fabric card; and if the decrypted manufacturing data is authenticated, generating a signature using a nonce and the developer private encryption key that is securely stored in the field replaceable unit;verifying the signature using the developer public encryption key that is a pair to the developer private encryption key and is stored in an insecure manner in the field replaceable unit; and using the field replaceable unit to operate the network element, if the field replaceable unit is verified. | ||
| 地址 | Santa Clara CA US | ||