| 发明名称 |
METHOD, DEVICE, AND SYSTEM OF PROVISIONING CRYPTOGRAPHIC DATA TO ELECTRONIC DEVICES |
| 摘要 |
System, device, and method of provisioning cryptographic assets to devices. A method includes: (a) generating a delegation message at a first provisioning server; the delegation message indicating provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device; wherein generating the delegation message comprises at least one of: (A) inserting into the delegation message an association key unknown to the first provisioning server, encrypted using a public key of the electronic device; (B) inserting into the delegation message a public key of the second provisioning server; enabling the electronic device to locally generate the association key unknown to the first provisioning server; (b) delivering the delegation message to the electronic device; (c) at the second provisioning server, based on the delegation message, provisioning cryptographic assets to the electronic device, using the association key. |
| 申请公布号 |
US2017063537(A1) |
申请公布日期 |
2017.03.02 |
| 申请号 |
US201514859364 |
申请日期 |
2015.09.21 |
| 申请人 |
ARM Technologies Israel Ltd. |
发明人 |
BAR-EL Hagai;KLIMOV Alexander;SHEN Asaf |
| 分类号 |
H04L9/08;H04L29/06 |
主分类号 |
H04L9/08 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of cryptographic material provisioning (CMP), the method comprising:
(a) generating a delegation message at a first provisioning server,
wherein the delegation message indicates provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device,wherein generating the delegation message comprises at least one of:
(A) inserting into the delegation message an association key unknown to the first provisioning server, encrypted using a public key of said electronic device, wherein said public key of said electronic device is usable to encrypt data for subsequent decrypting by said electronic device using said private encryption key of said electronic device;(B) inserting into the delegation message a public key of the second provisioning server; enabling the electronic device to locally generate said association key unknown to the first provisioning server; wherein the association key is retrievable by the second provisioning server based on the public key of the second provisioning server; (b) delivering the delegation message from the first provisioning server to the electronic device; (c) at the second provisioning server, and based on said delegation message, provisioning one or more cryptographic assets to the electronic device, using said association key. |
| 地址 |
Kfar Netter IL |
