Key certification in one round trip
US8700893B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 28, 2009 |
| Grant date | Apr 15, 2014 |
| Priority date | — |
| Expiry date | Feb 8, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/127
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Certification of a key, which a Trusted Platform Module (TPM) has attested as being non-migratable, can be performed in a single round trip between the certificate authority (CA) and the client that requests the certificate. The client creates a certificate request, and then has the TPM create an attestation identity key (AIK) that is bound to the certificate request. The client then asks the TPM to sign the new key as an attestation of non-migratability. The client then sends the certificate request, along with the attestation of non-migratability to the CA. The CA examines the certificate request and attestation of non-migratability. However, since the CA does not know whether the attestation has been made by a trusted TPM, it certifies the key but includes, in the certificate, an encrypted signature that can only be decrypted using the endorsement key of the trusted TPM.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.