Enhanced privacy ID based platform attestation
US8782401B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 26, 2012 |
| Grant date | Jul 15, 2014 |
| Priority date | — |
| Expiry date | Jan 3, 2033 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2209/805
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
As opposed to utilizing a manufacturer provisioned EK Certificate for AIK processes, embodiments of the invention utilize EPID based data. EPID mitigates the privacy issues of common RSA PKI security implementations where every individual is uniquely identified by their private keys. Instead, EPID provides the capability of remote attestation but only identifies the client computing system as having a component (such as a chipset) from a particular technology generation. EPID is a group signature scheme, where one group's public key corresponds to multiple private keys, and private keys generate a group signature which is verified by the group public key. EPID provides the security property of being anonymous and unlinkable—given two signatures, one cannot determine whether the signatures are generated from one or two private keys. EPID also provides the security property of being unforgeable—without a private key, one cannot create a valid signature.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.