主权项 |
1. A method for a module to derive a public key infrastructure (PKI) key pair, the method performed by a module, the method comprising:
reading a first module private key and an identity from a nonvolatile memory, and sending the identity; receiving a symmetric key, wherein the symmetric key is decrypted using the first module private key; receiving a set of cryptographic parameters, wherein at least a portion of the set of cryptographic parameters is decrypted using the symmetric key selecting a subset of the set of cryptographic parameters, and sending the subset; deriving a second module private key and a module public key using the subset, wherein the derived module public key is associated with a module public key identity; and, sending the derived module public key and the module public key identity, wherein the module authenticates using the first module private key. |