公开(公告)号：US20170063537A1

公开(公告)日：2017-03-02

申请号：US14859364

申请日：2015-09-21

申请人： ARM Technologies Israel Ltd.

发明人： Hagai BAR-EL ,  Alexander KLIMOV ,  Asaf SHEN

IPC分类号： H04L9/08 ,  H04L29/06

CPC分类号： H04L9/083 ,  H04L9/0877 ,  H04L9/088 ,  H04L63/062

摘要： System, device, and method of provisioning cryptographic assets to devices. A method includes: (a) generating a delegation message at a first provisioning server; the delegation message indicating provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device; wherein generating the delegation message comprises at least one of: (A) inserting into the delegation message an association key unknown to the first provisioning server, encrypted using a public key of the electronic device; (B) inserting into the delegation message a public key of the second provisioning server; enabling the electronic device to locally generate the association key unknown to the first provisioning server; (b) delivering the delegation message to the electronic device; (c) at the second provisioning server, based on the delegation message, provisioning cryptographic assets to the electronic device, using the association key.

摘要翻译： 向设备提供加密资产的系统，设备和方法。 一种方法包括：（a）在第一配置服务器处生成委托消息; 所述委托消息指示由所述第一供应服务器委派给第二供应服务器的关于随后将密码资产提供给电子设备的供应权限; 其中生成所述委托消息包括以下中的至少一个：（A）使用所述电子设备的公开密钥对所述第一供应服务器未知的关联密钥插入所述委托消息中; （B）将所述第二供应服务器的公开密钥插入所述委托消息中; 使得所述电子设备能够本地生成所述第一供应服务器未知的关联密钥; （b）向电子设备发送授权消息; （c）在所述第二供应服务器处，基于所述委托消息，使用所述关联密钥向所述电子设备提供加密资产。

公开(公告)号：US20160234014A1

公开(公告)日：2016-08-11

申请号：US15130118

申请日：2016-04-15

申请人： ARM Technologies Israel Ltd.

发明人： Hagai Bar-El ,  Yaacov Sella ,  Alon Ziv ,  Roni Sasson

IPC分类号： H04L9/08 ,  H04L9/32 ,  H04W12/06 ,  H04L29/06

CPC分类号： H04L9/08 ,  G06F21/10 ,  G06F21/6281 ,  G06F21/83 ,  G06F21/84 ,  G09C5/00 ,  H04L9/0894 ,  H04L9/3226 ,  H04L9/3247 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/166 ,  H04L63/168 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/80 ,  H04W12/06

摘要： Devices, system, and methods of secure entry and handling of passwords and Personal Identification Numbers (PINs), as well as for secure local storage, secure user authentication, and secure payment via mobile devices and via payment terminals. A computing device includes: a secure storage unit to securely store a confidential data item; a non-secure execution environment to execute program code, the program code to transport to a remote server a message; a secure execution environment (SEE) to securely execute code, the SEE including: a rewriter module to securely obtain the confidential data item from the secure storage, and to securely write the confidential data item into one or more fields in said message prior to its encrypted transport to the remote server.

公开(公告)号：US20170272240A1

公开(公告)日：2017-09-21

申请号：US15619488

申请日：2017-06-11

申请人： ARM Technologies Israel Ltd.

发明人： Hagai Bar-El ,  Alexander Klimov ,  Asaf Shen

IPC分类号： H04L9/08 ,  H04L29/06

CPC分类号： H04L9/083 ,  H04L9/0877 ,  H04L9/088 ,  H04L63/062

摘要： System, device, and method of provisioning cryptographic assets to devices. A method includes: (a) generating a delegation message at a first provisioning server; the delegation message indicating provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device; wherein generating the delegation message comprises at least one of: (A) inserting into the delegation message an association key unknown to the first provisioning server, encrypted using a public key of the electronic device; (B) inserting into the delegation message a public key of the second provisioning server; enabling the electronic device to locally generate the association key unknown to the first provisioning server; (b) delivering the delegation message to the electronic device; (c) at the second provisioning server, based on the delegation message, provisioning cryptographic assets to the electronic device, using the association key.

公开(公告)号：US09705673B2

公开(公告)日：2017-07-11

申请号：US14859364

申请日：2015-09-21

申请人： ARM Technologies Israel Ltd.

发明人： Hagai Bar-El ,  Alexander Klimov ,  Asaf Shen

IPC分类号： H04L29/06 ,  H04L9/08

CPC分类号： H04L9/083 ,  H04L9/0877 ,  H04L9/088 ,  H04L63/062

摘要： System, device, and method of provisioning cryptographic assets to electronic devices. A delegation message is generated at a first provisioning server. The delegation message indicates provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device. The delegation message includes an association key unknown to the first provisioning server, encrypted using a public key of the electronic device. The delegation message further includes a public key of the second provisioning server. The electronic device locally generates the association key, which is unknown to the first provisioning server. The delegation message is delivered to the electronic device. Based on the delegation message, cryptographic assets are provisioned by the second provisioning server to the electronic device, using the association key.

公开(公告)号：US10009173B2

公开(公告)日：2018-06-26

申请号：US15130118

申请日：2016-04-15

申请人： ARM Technologies Israel Ltd.

发明人： Hagai Bar-El ,  Yaacov Sella ,  Alon Ziv ,  Roni Sasson

IPC分类号： H04L29/06 ,  H04L9/08 ,  G09C5/00 ,  H04L9/32 ,  H04W12/06 ,  G06F21/10 ,  G06F21/62 ,  G06F21/83 ,  G06F21/84

CPC分类号： H04L9/08 ,  G06F21/10 ,  G06F21/6281 ,  G06F21/83 ,  G06F21/84 ,  G09C5/00 ,  H04L9/0894 ,  H04L9/3226 ,  H04L9/3247 ,  H04L9/3263 ,  H04L9/3271 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/083 ,  H04L63/166 ,  H04L63/168 ,  H04L2209/56 ,  H04L2209/603 ,  H04L2209/80 ,  H04W12/06

摘要： Devices, system, and methods of secure entry and handling of passwords and Personal Identification Numbers (PINs), as well as for secure local storage, secure user authentication, and secure payment via mobile devices and via payment terminals. A computing device includes: a secure storage unit to securely store a confidential data item; a non-secure execution environment to execute program code, the program code to transport to a remote server a message; a secure execution environment (SEE) to securely execute code, the SEE including: a rewriter module to securely obtain the confidential data item from the secure storage, and to securely write the confidential data item into one or more fields in said message prior to its encrypted transport to the remote server.

公开(公告)号：US09866376B2

公开(公告)日：2018-01-09

申请号：US15619488

申请日：2017-06-11

申请人： ARM Technologies Israel Ltd.

发明人： Hagai Bar-El ,  Alexander Klimov ,  Asaf Shen

IPC分类号： H04L29/06 ,  H04L9/08

CPC分类号： H04L9/083 ,  H04L9/0877 ,  H04L9/088 ,  H04L63/062

摘要： System, device, and method of provisioning cryptographic assets to electronic devices. A delegation message is generated at a first provisioning server. The delegation message indicates provisioning rights that are delegated by the first provisioning server to a second provisioning server with regard to subsequent provisioning of cryptographic assets to an electronic device. The delegation message includes an association key unknown to the first provisioning server, encrypted using a public key of the electronic device. The delegation message further includes a public key of the second provisioning server. The electronic device locally generates the association key, which is unknown to the first provisioning server. The delegation message is delivered to the electronic device. Based on the delegation message, cryptographic assets are provisioned by the second provisioning server to the electronic device, using the association key.