Secure computing device, secure computing method, verifier and device attestation method

Secure computing device, secure computing method, verifier and device attestation method

A device including a network interface, a memory and a processor. The network interface is configured to communicate with a verifier over a communication network. The memory is configured to store multiple layers of mutable code, the layers identifiable by respective measurements. The processor is c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: MORAV, DAN, HERSHMAN, ZIV
Format: Patent
Sprache:chi ; eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A device including a network interface, a memory and a processor. The network interface is configured to communicate with a verifier over a communication network. The memory is configured to store multiple layers of mutable code, the layers identifiable by respective measurements. The processor is configured to generate, for a given boot cycle, a nonce associated uniquely with the given boot cycle, to receive a challenge from the verifier for attestation of a given layer of the mutable code, to calculate an attestation key based on (i)a Unique Device Secret (UDS) stored securely in the device, (ii)a measurement of the given layer taken by another layer, and (iii)the nonce generated for the given boot cycle, to calculate a response for the challenge, by signing the challenge using the attestation key, and to send the response to the verifier for verification of the given layer.