Apparatus and methods for distributed certificate enrollment

    公开(公告)号:US11283626B2

    公开(公告)日:2022-03-22

    申请号:US16331055

    申请日:2016-09-06

    Abstract: An apparatus including a processor and a memory, where the processor and the memory are configured to provide a secure execution environment and the memory stores a hardware unique key and a class key. The processor is configured to recover, in the secure execution environment, a certificate signing key based on the class key, where the certificate signing key is associated with a certificate authority. The processor is further configured to derive a device key pair based on the hardware unique key, where the device key pair includes a device public key and a device private key, and generate a device certificate based on the device public key and the certificate signing key. The generated device certificate is configured to be validated based on a public key associated with the certificate authority.

Patent Agency Ranking