Secure provisioning in an untrusted environment

Assignee

• Freeescale Semiconductor, Inc. · US

Inventors

• David H. Hartley · Adelaide, AU
• Thomas E. Tkacik · Phoenix, US
• Carlin R. Covey · Tempe, US
• Lawrence Case · Boynton Beach, US
• Rodney D. Ziolkowski · Del Mar, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3247
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Embodiments include methods for securely provisioning copies of an electronic circuit. A first entity (e.g., a chip manufacturer) embeds one or more secret values into copies of the electronic circuit. A second entity (e.g., an OEM): 1) embeds a trust anchor in a first copy of the electronic circuit; 2) causes the electronic circuit to generate a message signing key pair using the trust anchor and the embedded secret value(s); 3) signs provisioning code using a code signing private key; and 4) sends a corresponding code signing public key, the trust anchor, and the signed provisioning code to a third entity (e.g., a product manufacturer). The third entity embeds the trust anchor in a second copy of the electronic circuit and causes the electronic circuit to: 1) generate the message signing private key; 2) verify the signature of the signed provisioning code using the code signing public key; and 3) launch the provisioning code on the electronic circuit. The electronic circuit can authenticate itself to the OEM using the message signing key pair.