Invention Grant
- Patent Title: Apparatus and method for provisioning an endorsement key certificate for a firmware trusted platform module
- Patent Title (中): 用于为固件可信平台模块提供认可密钥证书的设备和方法
-
Application No.: US14037050Application Date: 2013-09-25
-
Publication No.: US09100192B2Publication Date: 2015-08-04
- Inventor: Bollapragada Venkata Janaki Manohar , Ashish Grover , Eamonn Coleman
- Applicant: QUALCOMM Incorporated
- Applicant Address: US CA San Diego
- Assignee: QUALCOMM Incorporated
- Current Assignee: QUALCOMM Incorporated
- Current Assignee Address: US CA San Diego
- Agency: Loza & Loza, LLP
- Main IPC: H04L29/06
- IPC: H04L29/06 ; H04L9/32 ; G06F21/53 ; G06F21/57 ; G06F21/72
Abstract:
Disclosed is a method for provisioning an endorsement key (EK) certificate for a firmware trusted platform module (fTPM). In the method, the fTPM receives a derived key (DK) from a hardware trusted platform (HWTP). The fTPM is implemented in the HWTP, the DK is derived from a hardware key (HWK) securely stored in the HWTP, the HWK is unique to the HWTP, and the HWK is not available to the fTPM. The fTPM generates an endorsement primary seed (EPS) based on the DK, and generates a hashed endorsement primary seed (HEPS) based on a hash of the EPS. The fTPM forwards the HEPS to a provisioning station, and receives, from the provisioning station, an EK certificate corresponding to the HEPS.
Public/Granted literature
Information query
