公开(公告)号：US20250097018A1

公开(公告)日：2025-03-20

申请号：US18542176

申请日：2023-12-15

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Elad Efrat ,  David Tamagno ,  Armaiti Ardeshiricham ,  Wade Benson ,  Yannick L. Sierra

IPC: H04L9/08

Abstract: Techniques are disclosed relating to cryptographic key exchanges. In some embodiments, a first device belonging to a first device group receives a request to perform a key exchange to establish a shared secret with a second device belonging to a second device group. The first device verifies a key authorization data structure issued by a key authority, the key authorization data structure including a first public key of a first participant authority authorized to identify members of the first device group and a second public key of a second participant authority authorized to identify members of the second device group. In response to the verifying being successful, the first device performs the requested exchange using a public key pair attested to by the first participant authority as belonging to a member in the first device group.

公开(公告)号：US20240078343A1

公开(公告)日：2024-03-07

申请号：US18463744

申请日：2023-09-08

Applicant: Apple Inc.

Inventor： Hervé Sibert ,  Eric D. Friedman ,  Erik C. Neuenschwander ,  Jerrold V. Hauck ,  Thomas P. Mensch ,  Julien F. Freudiger ,  Alan W. Yu

IPC: G06F21/64 ,  H04L9/14 ,  H04L9/32

CPC classification number: G06F21/64 ,  H04L9/14 ,  H04L9/3236 ,  H04L9/3263 ,  H04L9/3271

Abstract: Techniques are disclosed relating to application verification. In various embodiments, a computing device includes a secure circuit configured to maintain a plurality of cryptographic keys of the computing device. In such an embodiment, the computing device receives, from an application, a request for an attestation usable to confirm an integrity of the application, instructs the secure circuit to use one of the plurality of cryptographic keys to supply the attestation for the application, and provides the attestation to a remote computing system in communication with the application. In some embodiments, the secure circuit is configured to verify received metadata pertaining to the identity of the application and use the cryptographic key to generate the attestation indicative of the identity of the application.

公开(公告)号：US20240169046A1

公开(公告)日：2024-05-23

申请号：US18521808

申请日：2023-11-28

Applicant: Apple Inc.

Inventor： Deepti S. Prakash ,  Lucia E. Ballard ,  Jerrold V. Hauck ,  Feng Tang ,  Etai Littwin ,  Pavan Kumar Anasosalu Vasu ,  Gideon Littwin ,  Thorsten Gernoth ,  Lucie Kucerova ,  Petr Kostka ,  Steven P. Hotelling ,  Eitan Hirsh ,  Tal Kaitz ,  Jonathan Pokrass ,  Andrei Kolin ,  Moshe Laifenfeld ,  Matthew C. Waldon ,  Thomas P. Mensch ,  Lynn R. Youngs ,  Christopher G. Zeleznik ,  Michael R. Malone ,  Ziv Hendel ,  Ivan Krstic ,  Anup K. Sharma

IPC: G06F21/32 ,  G06F21/83 ,  G06V40/16 ,  G06V40/40 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40 ,  H04W12/06

CPC classification number: G06F21/32 ,  G06F21/83 ,  G06V40/166 ,  G06V40/172 ,  G06V40/40 ,  H04L9/0844 ,  H04L9/085 ,  H04L9/3228 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3247 ,  H04L63/0861 ,  H04W12/06

Abstract: Techniques are disclosed relating to biometric authentication, e.g., facial recognition. In some embodiments, a device is configured to verify that image data from a camera unit exhibits a pseudo-random sequence of image capture modes and/or a probing pattern of illumination points (e.g., from lasers in a depth capture mode) before authenticating a user based on recognizing a face in the image data. In some embodiments, a secure circuit may control verification of the sequence and/or the probing pattern. In some embodiments, the secure circuit may verify frame numbers, signatures, and/or nonce values for captured image information. In some embodiments, a device may implement one or more lockout procedures in response to biometric authentication failures. The disclosed techniques may reduce or eliminate the effectiveness of spoofing and/or replay attacks, in some embodiments.

公开(公告)号：US11722315B2

公开(公告)日：2023-08-08

申请号：US16532197

申请日：2019-08-05

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Chiye K. Kojima ,  Han Jong Yu ,  Jerrold V. Hauck ,  Muralidhar S. Vempaty ,  Peter Chang ,  Tiffany Shih-Yu Fang ,  Yiqun Zhu

IPC: H04L9/32 ,  G06T7/80 ,  G06F16/901

CPC classification number: H04L9/3263 ,  G06F16/901 ,  G06T7/80

Abstract: Systems and methods for storing and recovering data for a device are described. In one embodiment, factory generated calibration data can be generated, sealed and restored securely even if two sensors in two different devices, such as a first ambient light sensor and a second ambient light sensor have the same sensor identifier. In one embodiment, a device transmits a database key to cause storage or recovery of the calibration data, and the database key includes a sensor identifier and a public cryptographic key of the device.

公开(公告)号：US20200159966A1

公开(公告)日：2020-05-21

申请号：US16683233

申请日：2019-11-13

Applicant: Apple Inc.

Inventor： Hervé Sibert ,  Eric D. Friedman ,  Erik C. Neuenschwander ,  Jerrold V. Hauck ,  Thomas P. Mensch ,  Julien F. Freudiger ,  Alan W. Yu

IPC: G06F21/64 ,  H04L9/14 ,  H04L9/32

Abstract: Techniques are disclosed relating to application verification. In various embodiments, a computing device includes a secure circuit configured to maintain a plurality of cryptographic keys of the computing device. In such an embodiment, the computing device receives, from an application, a request for an attestation usable to confirm an integrity of the application, instructs the secure circuit to use one of the plurality of cryptographic keys to supply the attestation for the application, and provides the attestation to a remote computing system in communication with the application. In some embodiments, the secure circuit is configured to verify received metadata pertaining to the identity of the application and use the cryptographic key to generate the attestation indicative of the identity of the application.

公开(公告)号：US10536271B1

公开(公告)日：2020-01-14

申请号：US15435229

申请日：2017-02-16

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Conrad Sauerwald ,  Jerrold V. Hauck ,  Timothy R. Paaske ,  Zhimin Chen ,  Andrew R. Whalley

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  G06F21/70 ,  G06F21/73 ,  G06F21/57

Abstract: Systems and methods are disclosed for generating one or more hardware reference keys (HRK) on a computing device, and for attesting to the validity of the hardware reference keys. An initial hardware reference key can be a silicon attestation key (SIK) generated during manufacture of a computing system, such as a system-on-a-chip. The SIK can comprise an asymmetric key pair based at least in part on an identifier of the processing system type and a unique identifier of the processing system. The SIK can be signed by the computing system and stored thereon. The SIK can be used to generate further HRKs on the computing device that can attest to the processing system type of the computing device and an operating system version that was running when the HRK was generated. The computing device can generate an HRK attestation (HRKA) for each HRK generated on the computing system.

公开(公告)号：US20180351748A1

公开(公告)日：2018-12-06

申请号：US15721538

申请日：2017-09-29

Applicant: Apple Inc.

Inventor： Raghunandan K. Pai ,  Thomas P. Mensch ,  Navin Bindiganavile Suparna

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  G06F11/14

Abstract: Some embodiments provide a method for recovering user data for a device. To initiate recovery, the method sends to a first server a first request including at least (i) a device identifier and (ii) a first set of cryptographic data for a second set of servers with which the first server communicates. If the first server verifies the device identifier with an attestation authority, the method receives from the second set of servers a second set of cryptographic data generated by the second set of servers. After receiving input of a device passcode for the device, the method sends to the first server a second request comprising at least a third set of cryptographic data for the second set of servers generated based on the device passcode. If the first server verifies the device passcode with the second set of servers, the method receives access to the user data.

公开(公告)号：US20250094602A1

公开(公告)日：2025-03-20

申请号：US18541961

申请日：2023-12-15

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Elad Efrat ,  David Tamagno ,  Armaiti Ardeshiricham ,  Wade Benson ,  Yannick L. Sierra

IPC: G06F21/60 ,  G06F21/72

Abstract: Techniques are disclosed relating to cryptographic key exchanges. In some embodiments, a computing device includes a cryptographic circuit coupled to a secure memory inaccessible to a processor of the computing device. Program instructions executing on the computing device can request performance of a key exchange to establish a shared secret with another device. The cryptographic circuit is configured to perform the key exchange including deriving the shared secret using private key material maintained in the secure memory. In some embodiments, the key exchange includes verifying a key authorization data structure issued by a key authority including a first public key of a first participant authority and a second public key of a second participant authority. In response to the verifying being successful, the exchange uses a public key pair attested to by the first participant authority as belonging to a member in the first device group.

公开(公告)号：US20240103840A1

公开(公告)日：2024-03-28

申请号：US18515689

申请日：2023-11-21

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Bailey E. Basile ,  Venkat V. Memula ,  Thomas P. Mensch ,  Robert M. Marini ,  David P. Remahl ,  Kelsey J. Skillman ,  Edward E. Thomas

IPC: G06F8/65 ,  G06F21/60 ,  H04L9/40

CPC classification number: G06F8/65 ,  G06F21/602 ,  H04L63/08

Abstract: Embodiments described herein provide a system and method for secure delivery of assets to a trusted device. Multiple levels of verification are implemented to enable components of a software update and asset delivery system to verify other components within the system. Furthermore, updates are provided only to client devices that are authorized to receive such updates. In one embodiment, the specific assets provided to a client device during a software update can be tailored to the client device, such that individual client devices can receive updated versions of software asset at a faster or slower rate than mass market devices. For example, developer or beta tester devices can receive pre-release assets, while enterprise devices can receive updates at a slower rate relative to mass market devices.

公开(公告)号：US11822664B2

公开(公告)日：2023-11-21

申请号：US17092030

申请日：2020-11-06

Applicant: Apple Inc.

Inventor： Xeno S. Kovah ,  Nikolaj Schlej ,  Thomas P. Mensch ,  Wade Benson ,  Jerrold V. Hauck ,  Josh P. de Cesare ,  Austin G. Jennings ,  John J. Dong ,  Robert C. Graham ,  Jacques Fortier

IPC: G06F21/57 ,  G06F21/72 ,  H04L9/32 ,  H04L9/08 ,  H04L9/40 ,  G06F21/73 ,  G06F9/4401

CPC classification number: G06F21/575 ,  G06F9/4406 ,  G06F21/72 ,  G06F21/73 ,  H04L9/0897 ,  H04L9/3226 ,  H04L9/3236 ,  H04L9/3268 ,  H04L63/123 ,  G06F2221/034

Abstract: Techniques are disclosed relating to securing computing devices during boot. In various embodiments, a secure circuit of a computing device generates for a public key pair and signs, using a private key of the public key pair, configuration settings for an operating system of the computing device. A bootloader of the computing device receives a certificate for the public key pair from a certificate authority and initiates a boot sequence to load the operating system. The boot sequence includes the bootloader verifying the signed configuration settings using a public key included in the certificate and the public key pair. In some embodiments, the secure circuit cryptographically protects the private key based on a passcode of a user, the passcode being usable by the user to authenticate to the computing device.