Method and System for an Efficient Shared-Derived Secret Provisioning Mechanism
Abstract
Embodiments of systems and methods disclosed herein include an embedded secret provisioning system that is based on a shared-derivative mechanism. Embodiments of this mechanism use a trusted third-party topology, but only a single instance of a public-private key exchange is required for initialization. Embodiments of the system and methods are secure and any of the derived secret keys are completely renewable in untrusted environments without any reliance on asymmetric cryptography. The derived secrets exhibit zero knowledge attributes and the associated zero knowledge proofs are open and available for review. Embodiments of systems and methods can be implemented in a wide range of previously-deployed devices as well as integrated into a variety of new designs using minimal roots-of-trust.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method for provisioning a device with an embedded secret comprising:
providing a first embedded key register in the device; providing a second embedded key register in the device; providing a pair of keyed hash functions in the device; permanently writing a first value into the first embedded key register of the device to create an embedded secret; and creating an external reference code by hashing an external reference code using one of a pair of keyed hash functions, wherein the keyed hash function is keyed using the embedded secret and creating the external reference code comprises transferring the contents of the first embedded key register to the second embedded key register of the device when the device powers-up and providing the contents of the second embedded key register as a key to the one of the keyed hash functions.
2 . The method of claim 1 , further comprising, after device power-up, updating the contents of the second embedded key register with a second value derived from the first value permanently stored in the first embedded key register.
3 . The method of claim 2 , wherein the second value is derived from an external message input using the known value as a key to a hash function.
4 . The method of claim 1 , further comprising providing an output by hashing a message input using the contents of the second embedded key register as the key to the one of the keyed hash functions.
5 . The method of claim 4 , wherein the message input is received from an external source.
6 . The method of claim 5 , further comprising:
receiving a reference code input value; and comparing the received reference code input value to a calculated reference; and conditioning the availability of the internal output based on the comparison of the received reference code input value to the calculated internal reference.
7 . The method of claim 6 , wherein the internal output is made available only when the received external reference code input value matches the calculated internal reference.
8 . A system for provisioning a device with an embedded secret comprising:
a processor; first and second embedded key registers; and the device is adapted to:
permanently write a first value into the first embedded key register of the device to create an embedded secret; and
create an external reference code by hashing an external reference code using one of a pair of keyed hash functions, wherein the keyed hash function is keyed using the embedded secret and creating the external reference code comprises transferring the contents of the first embedded key register to the second embedded key register of the device when the device powers-up and providing the contents of the second embedded key register as a key to the one of the keyed hash functions.
9 . The system of claim 8 , further comprising, after device power-up, updating the contents of the second embedded key register with a second value derived from the first value permanently stored in the first embedded key register.
10 . The system of claim 9 , wherein the second value is derived from an external message input using the known value as a key to a hash function.
11 . The system of claim 8 , further comprising providing an output by hashing a message input using the contents of the second embedded key register as the key to the one of the keyed hash functions.
12 . The system of claim 11 , wherein the message input is received from an external source.
13 . The system of claim 12 , further comprising:
receiving a reference code input value; and comparing the received reference code input value to a calculated reference; and conditioning the availability of the internal output based on the comparison of the received reference code input value to the calculated internal reference.
14 . The system of claim 13 , wherein the internal output is made available only when the received external reference code input value matches the calculated internal reference.
15 . A non-transitory computer readable medium comprising instructions for provisioning a device with an embedded secret by:
permanently write a first value into a first embedded key register of the device to create an embedded secret; and create an external reference code by hashing an external reference code using one of a pair of keyed hash functions, wherein the keyed hash function is keyed using the embedded secret and creating the external reference code comprises transferring the contents of the first embedded key register to a second embedded key register of the device when the device powers-up and providing the contents of the second embedded key register as a key to the one of the keyed hash functions.
16 . The non-transitory computer readable medium of claim 15 , further comprising, after device power-up, updating the contents of the second embedded key register with a second value derived from the first value permanently stored in the first embedded key register.
17 . The non-transitory computer readable medium of claim 16 , wherein the second value is derived from an external message input using the known value as a key to a hash function.
18 . The non-transitory computer readable medium of claim 15 , further comprising providing an output by hashing a message input using the contents of the second embedded key register as the key to the one of the keyed hash functions.
19 . The non-transitory computer readable medium of claim 18 , wherein the message input is received from an external source.
20 . The non-transitory computer readable medium of claim 19 , further comprising:
receiving a reference code input value; and comparing the received reference code input value to a calculated reference; and conditioning the availability of the internal output based on the comparison of the received reference code input value to the calculated internal reference.
21 . The non-transitory computer readable medium of claim 20 , wherein the internal output is made available only when the received external reference code input value matches the calculated internal reference.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.