MULTI-PLATFORM KEY RECOVERY FOR TRUSTED CODE

A system that supports the providing of keys to application enclaves (AEs) that can be used to decrypt data regardless of the CPU that executes an application enclave is provided. A key derivation provider provides a key derivation enclave (KDE) that provides keys to authorized AEs that can used to...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Hopkins, Roy, Streich, Katarzyna, Fytraki, Sotiria
Format: Patent
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A system that supports the providing of keys to application enclaves (AEs) that can be used to decrypt data regardless of the CPU that executes an application enclave is provided. A key derivation provider provides a key derivation enclave (KDE) that provides keys to authorized AEs that can used to decrypt data regardless of the CPU upon which an AE is currently executing. The KDE provides the same key to affiliated AEs that may have the same trusted code or different trusted code that is provided by the same author. The KDE generates the same key regardless of the CPU on which it is executing. The KDE and the AEs use attestations to ensure that they are communicating with enclaves that include code that is trusted.