摘要 |
Systems and methods provide for a device to engage in zero-knowledge proof with an entity requiring authentication either of secret material or of the device itself. The device may provide protection of the secret material or its private key for device authentication using a hardware security module (HSM) including, for example, a read-only memory (ROM) programmable only by the device manufacturer. For authenticating the device itself a zero-knowledge proof of knowledge may be used. The zero-knowledge proof or zero -knowledge proof of knowledge may be conducted via a communication channel on which an end-to-end unbroken chain of trust is established. Unbroken chain of trust refers to a communication channel for which endpoints of each link in the communication channel mutually authenticate each other prior to conducting the zero-knowledge proof and for which each link is protected by at least one of hardware protection and encryption. |