发明名称 |
Secure generation of a device root key in the field |
摘要 |
Methods and systems for secure key generation are provided. In embodiments, during the manufacturing process, a device generates a primary seed for the device and stores the seed within the device. The device exports the device primary key to a secure manufacturer server. The secure manufacturer server generates a public/private root key for the device and requests a certificate for the public root key of the device from a certificate authority. The device, having the stored primary seed, is integrated into an end-user system. Upon occurrence of a condition, the device after integration into the end-user system generates the public/private root key in the field. The system also receives and installs the certificate for the public root key. |
申请公布号 |
US8953790(B2) |
申请公布日期 |
2015.02.10 |
申请号 |
US201213523801 |
申请日期 |
2012.06.14 |
申请人 |
Broadcom Corporation |
发明人 |
Qi Zheng;Buer Mark |
分类号 |
H04L9/22;G06F21/60;H04L9/32;H04L9/08;H04K1/00 |
主分类号 |
H04L9/22 |
代理机构 |
Sterne, Kessler, Goldstein & Fox PLLC |
代理人 |
Sterne, Kessler, Goldstein & Fox PLLC |
主权项 |
1. An apparatus for secure key generation, comprising:
a device having a secure module, wherein the secure module includes:
a random number generator configured to generate a primary seed,a non-volatile memory configured to store the generated primary seed, anda processor configured to generate a device root key including a public device root key and a private device root key from the primary seed upon occurrence of a condition within the apparatus; and a memory coupled to the device, wherein the device is configured to export the generated primary seed to a manufacturer server and to receive a certificate for the public device root key. |
地址 |
Irvine CA US |