-
1.发明申请SECURE IN-BAND UPGRADE USING KEY REVOCATION LISTS AND CERTIFICATE-LESS ASYMMETRIC TERTIARY KEY PAIRS 审中-公开安全的带内升级使用关键的撤销列表和无证书的非对称三级密钥对
公开(公告)号:WO2017218265A1
公开(公告)日:2017-12-21
申请号:PCT/US2017/036407
申请日:2017-06-07
Applicant: HONEYWELL INTERNATIONAL INC.
Inventor: HARIDAS, Harshal S. , HOJSIK, Michal , FINDEJS, Jiri , POHANKA, Lukas
Abstract: A method includes securely booting a device (106, 114, 116, 122, 124, 130, 132, 138, 140, 142, 200) using a bootloader (FSBL, SSBL), where the bootloader is digitally signed (FSBL.sig, SSBL.sig) using a first cryptographic key (SSK) associated with the bootloader. The method also includes executing one or more kernel or user applications using the device, where the one or more kernel or user applications are digitally signed (Partition1.sig, Partition2.sig, Partition3.sig) using one or more second cryptographic keys (TSK) associated with the one or more kernel or user applications. In addition, the method includes using (800) an in-band channel to update or replace the first cryptographic key.
Abstract translation: 一种方法包括使用引导加载器(FSBL,SSBL)来安全地引导设备(106,114,116,122,124,130,132,138,140,142,200),其中引导加载器 使用与引导加载程序相关联的第一加密密钥(SSK)进行数字签名(FSBL.sig,SSBL.sig)。 该方法还包括使用设备执行一个或多个内核或用户应用程序,其中使用一个或多个第二密码密钥(TSK)对一个或多个内核或用户应用程序进行数字签名(Partition1.sig,Partition2.sig,Partition3.sig) )与一个或多个内核或用户应用程序相关联。 另外,该方法包括使用(800)带内信道来更新或替换第一密码密钥。
Search Results
1
records
(took 0.008 seconds)
