SECURE SHARED KEY SHARING SYSTEMS AND METHODS

摘要

Systems and methods used to securely communicate a shared key to devices. One embodiment describes a method to securely communicate a shared key to a first device and a second device that includes receiving, using the first device, a shared key and unique identifier pairing associated with the first device from a key generator; receiving, using a trusted third party, the shared key and unique identifier pairing from the key generator; generating, using the first device, a signature using the unique identifier and the shared key; transmitting, using the first device, the signature and the unique identifier to the trusted third party; verifying, using the trusted third party, the unique identifier based on the signature; determining, using the trusted third party, the shared key when the unique identifier is verified; and transmitting, using the trusted third party, the shared key to the second device to enable the first device and the second device to communicate securely by encoding and decoding communicated data using the shared key.

主权项

1. A computing device configured to be communicatively coupled to a third party server via a network, comprising:
a boot device configured to:
store a unique identifier, a shared key, and startup routine instructions;generate a signature based at least in part on the unique identifier and the shared key;communicate the signature and the unique identifier to the third party server to enable the third party server to verify identity of the boot device and retrieve the shared key when the identity of the boot device is verified; andgenerate encoded data by encoding the startup routine instructions based at least in part on the shared key; and a central processing unit communicatively coupled to the boot device via a data bus, wherein the central processing unit is configured to:
receive the encoded data from the boot device via the data bus;receive the shared key from the third party server via the network when the identity of the boot device is verified by the third party server;determine the startup routine instructions by decoding the encoded data based at least in part on the shared key; andexecute the startup routine instructions to initialize the computing device.