Network bound encryption for recovery of trusted execution environments
US11611431B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 1, 2020 |
| Grant date | Mar 21, 2023 |
| Priority date | — |
| Expiry date | Jul 1, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/0816
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
The technology disclosed herein provides network bound encryption that enables a trusted execution environment to persistently store and access recovery data without persistently storing the decryption key. An example method may include: establishing a trusted execution environment in a first computing device, the trusted execution environment comprising an encrypted memory area; loading cryptographic key data of a second computing device and executable code into the trusted execution environment; transmitting combined key data that is based on the cryptographic key data to a third computing device; deriving a cryptographic key from combined key data received from the third computing device, the received combined key data being based on the cryptographic key data of the second computing device and cryptographic key data of the third computing device; and causing the trusted execution environment to execute the executable code and use the cryptographic key to access sensitive data on a persistent storage device.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.