Method for securely creating an endorsement certificate utilizing signing key pairs

Method for securely creating an endorsement certificate utilizing signing key pairs

A method and system for ensuring security-compliant creation and certificate generation for endorsement keys of manufactured TPMs. The endorsement keys are generated by the TPM manufacturer and stored within the TPM. The TPM manufacturer also creates a signing key pair and associated signing key cer...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: CATHERMAN RYAN C, HOFF JAMES P, CHALLENER DAVID C
Format: Patent
Sprache:eng
Schlagworte:
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A method and system for ensuring security-compliant creation and certificate generation for endorsement keys of manufactured TPMs. The endorsement keys are generated by the TPM manufacturer and stored within the TPM. The TPM manufacturer also creates a signing key pair and associated signing key certificate. The signing key pair is also stored within the TPM, while the certificate is provided to the OEM's credential server. During the endorsement key (EK) credential process, the TPM generates a signed endorsement key, which comprises the public endorsement key signed with the public signing key. The credential server matches the public signing key of the endorsement key with a public signing key within the received certificate. The EK certificate is generated and inserted into the TPM only when a match is confirmed.