Patent · US Active

Systems and methods for securely booting a computer with a trusted processing module

US7725703B2 · kind B2 · utility

63Cited by

11References

20Claims

0Family size

Assignee

Microsoft Corporation · US

Inventors

Jamie Hunter · Kirkland, US
Paul England · Bellevue, US
Russell Humphries · Redmond, US
Stefan Thom · Snohomish, US
James A. Schwartz, Jr. · Seattle, US
Kenneth D. Ray · Seattle, US
Jonathan Schwartz · Seattle, US

Key dates

Filing date	Jan 7, 2005
Grant date	May 25, 2010
Priority date	—
Expiry date	Jun 12, 2028

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/575
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

In a computer with a trusted platform module (TPM), an expected hash value of a boot component may be placed into a platform configuration register (PCR), which allows a TPM to unseal a secret. The secret may then be used to decrypt the boot component. The hash of the decrypted boot component may then be calculated and the result can be placed in a PCR. The PCRs may then be compared. If they do not, access to the an important secret for system operation can be revoked. Also, a first secret may be accessible only when a first plurality of PCR values are extant, while a second secret is accessible only after one or more of the first plurality of PCR values has been replaced with a new value, thereby necessarily revoking further access to the first secret in order to grant access to the second secret.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.