Key-attestation-contingent certificate issuance

Key-attestation-contingent certificate issuance

The present invention provides for streamlined issuance of certificates and other tokens that are contingent on key attestation of keys from a trusted platform module within a computing platform. Various methods are described for wrapping the requested token in a secret, such as an AES key, that is...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Waxman, Peter David, Salvan, Cristian Stefan, Kouladjie, Kam, Soni, Himanshu, Fenner, Christopher Edward, Stocco, Gabriel Fortunato, Raju, Prabu, Viswanathan, Gridhar
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATIONTECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING ORPROCESSING OF MEDICAL OR HEALTHCARE DATA
INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTEDFOR SPECIFIC APPLICATION FIELDS
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present invention provides for streamlined issuance of certificates and other tokens that are contingent on key attestation of keys from a trusted platform module within a computing platform. Various methods are described for wrapping the requested token in a secret, such as an AES key, that is encrypted to a TPM based key in a key challenge. If the requesting platform fails the key challenge, the encrypted certificate or token cannot be decrypted. If requesting platform passes the challenge, the encrypted certificate or token can be decrypted using the AES key recovered from the key challenge.