-
公开(公告)号:EP3591564A1
公开(公告)日:2020-01-08
申请号:EP19192167.5
申请日:2017-11-09
申请人: Trustonic Limited
发明人: HAYTON, Richard , LORESKAR, Chris , FELTON, Donald
摘要: A method for validating an electronic device 2 comprises receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations, each event attestation providing a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device, and determining a validation result indicating whether the attestation information is valid. By providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device, this can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.
-
公开(公告)号:EP3163494A1
公开(公告)日:2017-05-03
申请号:EP16187055.5
申请日:2016-09-02
申请人: Trustonic Limited
发明人: EKBERG, Jan-Erik , FELTON, Donald
CPC分类号: G06F21/71 , G06F21/14 , G06F21/53 , G06F21/606 , G06F2221/033 , G06F2221/0704 , G06F2221/2149 , H04L63/0435 , H04L63/0876
摘要: A device 8, 10, 12 has an installed cryptographic program 18 that performs cryptographic operations in dependence upon a received diversification value. The diversification value is generated by an obfuscated personalisation program 26 installed in the device and is dependent upon a personalisation input to the personalisation program. The personalisation input is characteristic of the particular execution environment provided by the device, and may take the form of a proper subset selected from among variables characterising the device, such as hardware properties, static software configuration and results from processing dynamic variables to check that they have expected properties. The diversification value generated by the personalisation program 26 is returned (in encrypted form) to a server which also has a copy of the cryptographic program 16. Thus, the server and the device may communicate using a secure channel provided by the combination of the cryptographic program and the diversification value. The personalisation program installed may be obfuscated by code flattening, reordering and variable fragmentation.
摘要翻译: 设备8,10,12具有安装的密码程序18,其根据所接收的多样化值来执行密码操作。 多样化值由安装在设备中的模糊化个性化程序26生成,并取决于个性化程序的个性化输入。 个性化输入是由设备提供的特定执行环境的特征,并且可以采取从表征设备的变量中选择的适当子集的形式,例如硬件属性,静态软件配置以及处理动态变量以检查它们的结果 有预期的性能。 由个人化程序26生成的多样化值被返回(以加密形式)给也具有密码程序16的副本的服务器。因此,服务器和设备可以使用由密码 计划和多元化价值。 安装的个性化程序可能会被代码压扁,重新排序和变量碎片混淆。
-
公开(公告)号:EP3346415B1
公开(公告)日:2019-12-25
申请号:EP17200828.6
申请日:2017-11-09
申请人: Trustonic Limited
发明人: HAYTON, Richard , LORESKAR, Chris , FELTON, Donald
-
公开(公告)号:EP3346415A3
公开(公告)日:2018-10-10
申请号:EP17200828.6
申请日:2017-11-09
申请人: Trustonic Limited
发明人: HAYTON, Richard , LORESKAR, Chris , FELTON, Donald
摘要: A method for validating an electronic device 2 comprises receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations, each event attestation providing a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device, and determining a validation result indicating whether the attestation information is valid. By providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device, this can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.
-
公开(公告)号:EP3346415A2
公开(公告)日:2018-07-11
申请号:EP17200828.6
申请日:2017-11-09
申请人: Trustonic Limited
发明人: HAYTON, Richard , LORESKAR, Chris , FELTON, Donald
摘要: A method for validating an electronic device 2 comprises receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations, each event attestation providing a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device, and determining a validation result indicating whether the attestation information is valid. By providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device, this can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.
-
-
-
-
搜索结果
5 条记录 (耗时 0.009 秒)
