The present application is directed to symmetric keying and chain of trust. In one embodiment a prover may communicate with a verifier to perform device or data authentication. The verifier may issue a challenge to authenticate the prover, to which the prover may respond with key data and ticket data that may be forwarded to a certifier. If the ticket data is recognized, the certifier may transmit an authorization token to the verifier, which may then set a symmetric attestation key. The prover may utilize the symmetric attestation key to establish a chain of trust for use in responding to challenges to application or data authenticity. The symmetric attestation key may be used to generate a first level key that may be utilized to generate program keys. A challenge response may include at least program key data that may be authenticated by the verifier using the symmetric attestation key.