One or more embodiments of the invention relate generally to the field of cryptography. More particularly, one or more of the embodiments of the invention relates to a method and apparatus for distributing private keys to an entity with minimal secret, unique information.
The proliferation of the Internet has led to the creation of a new form of commerce, generally referred to as Internet or electronic commerce (E-commerce). E-commerce enables users to sell and purchase items from a worldwide community connected via the Internet. This added simplicity, coupled with the continually reduced costs and increasing processing speed of modern-day computers, has led to the inclusion of a personal computer (PC) in many homes throughout the world. Unfortunately, the proliferation of PCs within the homes throughout the world, as well as the use of such PCs for E-commerce, often results in the storage of sensitive information within a computer.
As a result, computer users become susceptible to rogue agents, which may desire to gain access to secure information loaded within their personal computer. In order to combat the various rogue agents from gaining access to the secure information, many computer systems employ some form of cryptographs in order to prevent access to sensitive information. As known to those skilled in the art, cryptography provides a technique for keeping information secret, for determining that the information has not been tampered with and for determining who authored pieces of information.
One form of cryptography involves public/private key systems. Public/private key systems encrypt information prior to transmission using a public key and decrypting received encrypted information using a private key that is only known to the recipient of the encrypted information. However, once the sensitive information arrives at its designated location, the information is often decrypted and stored in a clear format. In other words, the sensitive information is not maintained in a secure format at its destination. As a result, during operation of a PC, a rogue agent could possibly gain access to the PC and gain access to sensitive information.
Furthermore, the proliferation of E-commerce has led to the availability of media applications, such as motion pictures and music, which may be downloaded to a PC for one-time use or for use for a predetermined period of time. Unfortunately, without some mechanism for protecting the contents of such media applications from access by rogue agents, E-commerce involving media applications may be prohibitive to the media providers. As a result, media or content providers may be reluctant to create high quality media or content providing applications when such content may be susceptible to rogue agents.
The various embodiments of the present invention are illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings and in which:
A method and apparatus for distributing private keys to an entity with minimal secret, unique information are described. In one embodiment, the method includes the storage of a chip secret key within a manufactured chip. Once the chip secret key is stored or programmed within the chip, the chip is sent to a system original equipment manufacturer (OEM) in order to integrate the chip within a system or device. Subsequently, a private key is generated for the chip by a key distribution facility (KDF) according to a key request received from the system OEM. In one embodiment, the KDF is the chip manufacturer.
In the following description, certain terminology is used to describe features of the invention. For example, the term “logic” is representative of hardware and/or software configured to perform one or more functions. For instance, examples of “hardware” include, but are not limited or restricted to, an integrated circuit, a finite state machine or even combinatorial logic. The integrated circuit may take the form of a processor such as a microprocessor, application specific integrated circuit, a digital signal processor, a micro-controller, or the like.
An example of “software” includes executable code in the form of an application, an applet, a routine or even a series of instructions. The software may be stored in any type of computer or machine readable medium such as a programmable electronic circuit, a semiconductor memory device inclusive of volatile memory (e.g., random access memory, etc.) and/or non-volatile memory (e.g., any type of read-only memory “ROM,” flash memory), a floppy diskette, an optical disk (e.g., compact disk or digital video disk “DVD”), a hard drive disk, tape, or the like.
System
Chipset 310 is coupled to main memory 120 and non-volatile (e.g., Flash) memory 150. In one embodiment, main memory 120 is volatile memory including, but not limited to, random access memory (RAM), synchronous RAM (SRAM), double data rate (DDR), synchronous dynamic RAM (SDRAM), rambus dynamic RAM (RDRAM), or the like. In addition, hard disk drive devices (HDD) 130, as well as one or more input/output (I/O) devices 140 (140-1, . . . , 140-N) are also coupled to chipset 310. As illustrated, chipset 310 includes store chip secret key 250 and key logic 320, which are further described with reference to
In one embodiment, the installation of chip secret key 250 within manufactured chip 222 enables public key cryptography. As described herein, a cryptographic system refers to a system that uses two keys; a public key known to everyone, and a private, or secret, key known only to the recipient of digital content. Accordingly, digital content is initially encrypted by transforming the content into an unreadable format referred to as “cipher text” using a recipient's public key. Subsequently, when the encrypted digital content, or cipher text, is received by the recipient, the received content may be decrypted, or deciphered, using a private key of the recipient to form the digital content in the clear format.
However, as will be recognized by those skilled in the art, the embodiments described herein are not limited to public key cryptography or asymmetric encryption, which uses a public key and private key pair, but may be used within systems for symmetric encryption, which uses single secret, or private, key. Hence, the techniques described herein can be modified to function within cryptographic system, such as symmetric key systems that use a single key that both the sender and the recipient have, as well as public key systems that use two public keys; a public key known to everyone and a private key known to only the recipient of encrypted cipher text.
Referring again to
As illustrated with reference to
In one embodiment, block cipher 236 and block cipher 244 may be implemented using the advanced encryption standard (AES), the triple data encryption standard (3DES), the data encryption standard (DES) or other like encryption/decryption standard. Accordingly, as described herein, the term cryptographic block refers to logic designed to encrypt content or decrypt cipher text according to AES, DES, 3DES or other like encryption/decryption standard.
In one embodiment, chip secret key 250 is installed and programmed into manufactured chip 222 by blowing fuses or equivalent mechanism to store chip set key 250 within manufactured chip 222. Once installed, chip 222 is sent to system OEM 300 for integration. For example, referring again to
As illustrated with reference to
Subsequently, OEM sends request 352 to key request logic 350. Representatively, key request logic 350 directs block cipher 336 to generate a key update request (Rkey) 340. In one embodiment, key update request 340 is formed by encrypting random chip ID 240, chip secret key 250 and a pad value 332 to preserve privacy. In one embodiment a public key crypto-system is used to encrypt the information using a public key of a trusted key distribution facility, such as KDF 270 of
Once the key update request is received by OEM 300, OEM 300 signs random cipher text G 302 with a private key of the OEM (KOEM) to produce a digital signature (S(G)). As known to those skilled in the art, a digital signature represents a digital code that can be attached to an electronically transmitted message that uniquely identifies the sender of the message for security purposes. Once signed, OEM sends key request 322, signature S(G) and random cipher text G 302 to KDF 270, as further illustrated with reference to
As illustrated with reference to
Accordingly, logic 272 may verify that chip secret key 250 within key request 340 is authentic by decrypting chip secret key 250 to form chip ID 240 to derive decrypted manufacturing information and compare the manufacturing information with the initial or original manufacturing information used to form chip ID 240. If matching information is detected, control flow is provided to key generation logic 280. Otherwise, invalid request logic 274 may invalidate trust in OEM 300 and subsequently suspend trust, pending an investigation of an attempt to obtain keys for false chips.
Assuming the OEM is trusted, key generation logic 280 computes private key (PKc) 282. Subsequently, PKc 282 is provided to cryptographic block 286. In one embodiment block 286 performs cipher block chaining (CBC mode) encryption using a random number or initialization vector (IV) to produce a message C. As known to those skilled in the art, cipher block chaining (CBC) is a confidential mode whose encryption features the combining (chaining) of the plain text blocks with previous cipher blocks. In one embodiment, the message C or cipher text 292 is comprised of PKc 282, a digital key certificate and chip ID 240, which are encrypted using chip secret key 250. Once formed, cipher text 292, along with initialization vector 294, are transmitted to OEM 300.
Referring again to
As known to those skilled in the art, a digital certificate represents an attachment to an electronic message used for security purposes. Accordingly, an individual wishing to send an encrypted message applies for a digital certificate from a certificate authority (CA). As described herein, a CA is a trusted third-party organization or company that issues digital certificates used to create digital signature and public-private key pairs. Hence, attachment of a digital certificate to an encrypted message enables a recipient of the encrypted message, or cipher text, to verify that the sender of the cipher text is an authenticated, or trusted, individual. Procedural methods for implementing one or more of the above-mentioned embodiments are now described.
Operation
At process block 414, the identification information is encrypted using a first key to form a chip ID for the manufactured chip, for example, as illustrated with reference to
Referring again to
Accordingly, in one embodiment, the initial installation of the chip secret key enables insulation of an order of magnitude more keys that would normally be used by a conventional crypto-system using less unique bits in the chip than are required to install even one asymmetric private key pair. Referring again to
Referring now to
Once transmitted, the key distribution facility will generate cipher text including at least one private key assigned to the integrated chip from the KDF. Subsequently, the integrated chip may use the private key to send a received encrypted digital content in the form of cipher text, which may be decrypted using a private key of the integrated chip once received. Accordingly, by using the assigned private key, the integrated chip is capable of forming a secure authenticated channel in order to receive protected content from content protection applications.
Representatively, since the digital key certificate associated with, for example, a key vector, may be shared by many platforms, the digital certificate cannot be used as a platform identity. Hence, content protection applications cannot identify the recipient of content. As such, content protection applications are able to verify that the integrated chip is an authorized recipient using the private key digital certificate. Hence, privacy is maintained by using the private key digital certificate during authentication protocols. In one embodiment, privacy is best preserved if access to received cipher text is limited to access during initial boot. Subsequently, following initial boot, access to received cipher text, including the at least one private key assigned to the chip, is disabled. However, if access to the received cipher text may not be disabled following initial boot, the integrated chip may be further requested to generate a second key update request.
Referring to
As such, the KDF will generate a new private key for the integrated chip to enable integrated chip to use the private key for future authentication with content protection applications. Accordingly, the process of replacing the initially assigned at least one private key to the integrated chip may be repeated as desired. Furthermore, this process may be repeated in order to preserve privacy of the integrated chip from applications that may be able to access the received cipher text after device initialization or initial system boot.
Accordingly, conventional systems generally install a unique asymmetric crypto-system private key within a device. Unfortunately, such private keys take more space (bits) than a symmetric secret key, which is a cost problem for integrated chips since the space required to store such asymmetric or symmetric keys is costly. Furthermore, once a device authenticates with a content protection application, user privacy is generally violated since the identity of the device is made known to the authentication application. Accordingly, by using multiple, non-unique public/private key pairs to provide privacy, implementation of such a scheme would require significantly more space to store multiple keys.
Accordingly, in one embodiment, the chip secret key enables the minimum possible number of fuse bits, such as enough to prevent a hacker from attacking the compromised device by merely guessing the information, but less information than required to store a secret key of a public/private key pair. Hence, in one embodiment, the device receives an arbitrary number of keys within a key vector. Subsequently, an identify of the device is only revealed to a trusted party that distributes keys to legitimate devices during system initialization. Hence, an identity of the device is not revealed during normal use or authentication to receive protected content.
It is to be understood that even though numerous characteristics and advantages of various embodiments of the present invention have been set forth in the foregoing description, together with details of the structure and function of various embodiments of the invention, this disclosure is illustrative only. In some cases, certain subassemblies are only described in detail with one such embodiment. Nevertheless, it is recognized and intended that such subassemblies may be used in other embodiments of the invention. Changes may be made in detail, especially matters of structure and management of parts within the principles of the embodiments of the present invention to the full extent indicated by the broad general meaning of the terms in which the appended claims are expressed.
Having disclosed exemplary embodiments and the best mode, modifications and variations may be made to the disclosed embodiments while remaining within the scope of the embodiments of the invention as defined by the following claims.
This application is a continuation of U.S. patent application Ser. No. 10/782,572 filed on Feb. 18, 2004, now U.S. Pat. No. 7,802,085.
Number | Name | Date | Kind |
---|---|---|---|
3699532 | Schaffer et al. | Oct 1972 | A |
3996449 | Attanasio et al. | Dec 1976 | A |
4037214 | Birney et al. | Jul 1977 | A |
4162536 | Morley | Jul 1979 | A |
4207609 | Luiz et al. | Jun 1980 | A |
4247905 | Yoshida et al. | Jan 1981 | A |
4276594 | Morley | Jun 1981 | A |
4278837 | Best | Jul 1981 | A |
4307447 | Provanzano et al. | Dec 1981 | A |
4319233 | Matsuoka et al. | Mar 1982 | A |
4319323 | Ermolovich et al. | Mar 1982 | A |
4347565 | Kaneda et al. | Aug 1982 | A |
4366537 | Heller et al. | Dec 1982 | A |
4403283 | Myntti et al. | Sep 1983 | A |
4419724 | Branigin et al. | Dec 1983 | A |
4430709 | Schleupen | Feb 1984 | A |
4521852 | Guttag | Jun 1985 | A |
4529870 | Chaum | Jul 1985 | A |
4571672 | Hatada et al. | Feb 1986 | A |
4621318 | Maeda | Nov 1986 | A |
4759064 | Chaum | Jul 1988 | A |
4795893 | Ugon | Jan 1989 | A |
4802084 | Ikegaya et al. | Jan 1989 | A |
4825052 | Chemin et al. | Apr 1989 | A |
4843541 | Bean et al. | Jun 1989 | A |
4907270 | Hazard | Mar 1990 | A |
4907272 | Hazard | Mar 1990 | A |
4910774 | Barakat | Mar 1990 | A |
4974159 | Hargrove et al. | Nov 1990 | A |
4975836 | Hirosawa et al. | Dec 1990 | A |
5007082 | Cummins | Apr 1991 | A |
5022077 | Bealkowski et al. | Jun 1991 | A |
5075842 | Lai | Dec 1991 | A |
5079737 | Hackbarth | Jan 1992 | A |
5187802 | Inoue et al. | Feb 1993 | A |
5230069 | Brelsford et al. | Jul 1993 | A |
5237616 | Abraham et al. | Aug 1993 | A |
5255379 | Melo | Oct 1993 | A |
5287363 | Wolf et al. | Feb 1994 | A |
5293424 | Hotley et al. | Mar 1994 | A |
5295251 | Wakui et al. | Mar 1994 | A |
5317705 | Gannon et al. | May 1994 | A |
5319760 | Mason et al. | Jun 1994 | A |
5361375 | Ogi | Nov 1994 | A |
5386552 | Garney | Jan 1995 | A |
5421006 | Jablon et al. | May 1995 | A |
5434999 | Goire et al. | Jul 1995 | A |
5437033 | Inoue et al. | Jul 1995 | A |
5442645 | Ugon et al. | Aug 1995 | A |
5455909 | Blomgren et al. | Oct 1995 | A |
5459867 | Adams et al. | Oct 1995 | A |
5459869 | Spilo | Oct 1995 | A |
5469557 | Salt et al. | Nov 1995 | A |
5473692 | Davis | Dec 1995 | A |
5479509 | Ugon | Dec 1995 | A |
5504922 | Seki et al. | Apr 1996 | A |
5506975 | Onodera | Apr 1996 | A |
5511217 | Nakajima et al. | Apr 1996 | A |
5515441 | Faucher | May 1996 | A |
5522075 | Robinson et al. | May 1996 | A |
5528231 | Patarin | Jun 1996 | A |
5533126 | Hazard et al. | Jul 1996 | A |
5555385 | Osisek | Sep 1996 | A |
5555414 | Hough et al. | Sep 1996 | A |
5560013 | Scalzi et al. | Sep 1996 | A |
5564040 | Kubala | Oct 1996 | A |
5566323 | Ugon | Oct 1996 | A |
5568552 | Davis | Oct 1996 | A |
5574936 | Ryba et al. | Nov 1996 | A |
5582717 | Di Santo | Dec 1996 | A |
5604805 | Brands | Feb 1997 | A |
5606617 | Brands | Feb 1997 | A |
5615263 | Takahashi | Mar 1997 | A |
5628022 | Ueno et al. | May 1997 | A |
5628023 | Bryant et al. | May 1997 | A |
5631961 | Mills et al. | May 1997 | A |
5633929 | Kaliski, Jr. | May 1997 | A |
5657445 | Pearce | Aug 1997 | A |
5668971 | Neufeld | Sep 1997 | A |
5680547 | Chang | Oct 1997 | A |
5684948 | Johnson et al. | Nov 1997 | A |
5699431 | Van Oorschot et al. | Dec 1997 | A |
5706469 | Kobayashi | Jan 1998 | A |
5717903 | Bonola | Feb 1998 | A |
5720609 | Pfefferle | Feb 1998 | A |
5721222 | Bernstein et al. | Feb 1998 | A |
5724425 | Chang et al. | Mar 1998 | A |
5729760 | Poisner | Mar 1998 | A |
5737604 | Miller et al. | Apr 1998 | A |
5737760 | Grimmer, Jr. et al. | Apr 1998 | A |
5740178 | Jacks et al. | Apr 1998 | A |
5752046 | Oprescu et al. | May 1998 | A |
5757918 | Hopkins | May 1998 | A |
5757919 | Herbert et al. | May 1998 | A |
5764969 | Kahle | Jun 1998 | A |
5771291 | Newton et al. | Jun 1998 | A |
5796835 | Saada | Aug 1998 | A |
5796845 | Serikawa et al. | Aug 1998 | A |
5805712 | Davis | Sep 1998 | A |
5809546 | Greenstein et al. | Sep 1998 | A |
5815665 | Teper et al. | Sep 1998 | A |
5825875 | Ugon | Oct 1998 | A |
5825880 | Sudia et al. | Oct 1998 | A |
5835594 | Albrecht et al. | Nov 1998 | A |
5844986 | Davis | Dec 1998 | A |
5852717 | Bhide et al. | Dec 1998 | A |
5854913 | Goetz et al. | Dec 1998 | A |
5857021 | Kataoka et al. | Jan 1999 | A |
5867577 | Patarin | Feb 1999 | A |
5872994 | Akiyama et al. | Feb 1999 | A |
5890189 | Nozue et al. | Mar 1999 | A |
5900606 | Rigal et al. | May 1999 | A |
5901225 | Ireton et al. | May 1999 | A |
5903752 | Dingwall et al. | May 1999 | A |
5919257 | Trostle | Jul 1999 | A |
5924094 | Sutter | Jul 1999 | A |
5935242 | Madany et al. | Aug 1999 | A |
5935247 | Pai et al. | Aug 1999 | A |
5937063 | Davis | Aug 1999 | A |
5944821 | Angelo | Aug 1999 | A |
5953502 | Helbig, Sr. | Sep 1999 | A |
5956408 | Arnold | Sep 1999 | A |
5970147 | Davis et al. | Oct 1999 | A |
5978475 | Schneier et al. | Nov 1999 | A |
5978481 | Ganesan et al. | Nov 1999 | A |
5987557 | Ebrahim | Nov 1999 | A |
6014745 | Ashe | Jan 2000 | A |
6032260 | Sasmazel et al. | Feb 2000 | A |
6032261 | Hulyalkar | Feb 2000 | A |
6035374 | Panwar et al. | Mar 2000 | A |
6036061 | O'Donnell | Mar 2000 | A |
6036601 | Heckel | Mar 2000 | A |
6038322 | Harkins | Mar 2000 | A |
6044478 | Green | Mar 2000 | A |
6055637 | Hudson et al. | Apr 2000 | A |
6058478 | Davis | May 2000 | A |
6061794 | Angelo | May 2000 | A |
6073237 | Ellison | Jun 2000 | A |
6075938 | Bugnion et al. | Jun 2000 | A |
6078667 | Johnson | Jun 2000 | A |
6085296 | Karkhanis et al. | Jul 2000 | A |
6088262 | Nasu | Jul 2000 | A |
6092095 | Maytal | Jul 2000 | A |
6093213 | Favor et al. | Jul 2000 | A |
6101584 | Satou et al. | Aug 2000 | A |
6108644 | Goldschlag et al. | Aug 2000 | A |
6115816 | Davis | Sep 2000 | A |
6125430 | Noel et al. | Sep 2000 | A |
6131166 | Wong-Insley | Oct 2000 | A |
6138239 | Veil | Oct 2000 | A |
6148379 | Schimmel | Nov 2000 | A |
6151676 | Cuccia et al. | Nov 2000 | A |
6154841 | Oishi | Nov 2000 | A |
6158546 | Hanson et al. | Dec 2000 | A |
6173417 | Merrill | Jan 2001 | B1 |
6175924 | Arnold | Jan 2001 | B1 |
6175925 | Nardone et al. | Jan 2001 | B1 |
6178509 | Nardone | Jan 2001 | B1 |
6182089 | Ganapathy et al. | Jan 2001 | B1 |
6185316 | Buffam | Feb 2001 | B1 |
6188257 | Buer | Feb 2001 | B1 |
6192455 | Bogin et al. | Feb 2001 | B1 |
6199152 | Kelly et al. | Mar 2001 | B1 |
6205550 | Nardone et al. | Mar 2001 | B1 |
6212635 | Reardon | Apr 2001 | B1 |
6222923 | Schwenk | Apr 2001 | B1 |
6246771 | Stanton et al. | Jun 2001 | B1 |
6249872 | Wildgrube et al. | Jun 2001 | B1 |
6252650 | Nakamura | Jun 2001 | B1 |
6269392 | Cotichini et al. | Jul 2001 | B1 |
6272533 | Browne | Aug 2001 | B1 |
6272637 | Little et al. | Aug 2001 | B1 |
6275933 | Fine et al. | Aug 2001 | B1 |
6278782 | Ober et al. | Aug 2001 | B1 |
6282650 | Davis | Aug 2001 | B1 |
6282651 | Ashe | Aug 2001 | B1 |
6282657 | Kaplan et al. | Aug 2001 | B1 |
6292874 | Barnett | Sep 2001 | B1 |
6301646 | Hostetter | Oct 2001 | B1 |
6308270 | Guthery | Oct 2001 | B1 |
6314409 | Schneck et al. | Nov 2001 | B2 |
6321314 | Van Dyke | Nov 2001 | B1 |
6327652 | England et al. | Dec 2001 | B1 |
6330670 | England et al. | Dec 2001 | B1 |
6339815 | Feng | Jan 2002 | B1 |
6339816 | Bausch | Jan 2002 | B1 |
6357004 | Davis | Mar 2002 | B1 |
6363485 | Adams et al. | Mar 2002 | B1 |
6374286 | Gee et al. | Apr 2002 | B1 |
6374317 | Ajanovic et al. | Apr 2002 | B1 |
6378068 | Foster | Apr 2002 | B1 |
6378072 | Collins et al. | Apr 2002 | B1 |
6389403 | Dorak, Jr. | May 2002 | B1 |
6389537 | Davis et al. | May 2002 | B1 |
6397242 | Devine et al. | May 2002 | B1 |
6397379 | Yates, Jr. et al. | May 2002 | B1 |
6411715 | Liskov et al. | Jun 2002 | B1 |
6412035 | Webber | Jun 2002 | B1 |
6421702 | Gulick | Jul 2002 | B1 |
6435416 | Slassi | Aug 2002 | B1 |
6445797 | McGough | Sep 2002 | B1 |
6463535 | Drews et al. | Oct 2002 | B1 |
6463537 | Tello | Oct 2002 | B1 |
6473508 | Young et al. | Oct 2002 | B1 |
6473800 | Jerger et al. | Oct 2002 | B1 |
6496847 | Bugnion et al. | Dec 2002 | B1 |
6499123 | McFarland et al. | Dec 2002 | B1 |
6505279 | Phillips et al. | Jan 2003 | B1 |
6507904 | Ellison et al. | Jan 2003 | B1 |
6529909 | Bowman-Amuah | Mar 2003 | B1 |
6535988 | Poisner | Mar 2003 | B1 |
6557104 | Vu et al. | Apr 2003 | B2 |
6560627 | McDonald et al. | May 2003 | B1 |
6609199 | DeTreville | Aug 2003 | B1 |
6615278 | Curtis | Sep 2003 | B1 |
6633963 | Ellison et al. | Oct 2003 | B1 |
6633981 | Davis | Oct 2003 | B1 |
6651171 | England et al. | Nov 2003 | B1 |
6678825 | Ellison et al. | Jan 2004 | B1 |
6684326 | Cromer et al. | Jan 2004 | B1 |
6711263 | Nordenstam et al. | Mar 2004 | B1 |
6738904 | Linnartz et al. | May 2004 | B2 |
6792113 | Ansell et al. | Sep 2004 | B1 |
6826616 | Larson et al. | Nov 2004 | B2 |
6987853 | Uner | Jan 2006 | B2 |
6988250 | Proudler et al. | Jan 2006 | B1 |
7028149 | Grawrock et al. | Apr 2006 | B2 |
7133990 | Link et al. | Nov 2006 | B2 |
7165181 | Brickell | Jan 2007 | B2 |
7178030 | Scheidt et al. | Feb 2007 | B2 |
7181620 | Hur | Feb 2007 | B1 |
7216110 | Ogg et al. | May 2007 | B1 |
7233666 | Lee et al. | Jun 2007 | B2 |
7299500 | Klebe et al. | Nov 2007 | B1 |
7339400 | Walstrum et al. | Mar 2008 | B1 |
7526651 | Arditti Modiano et al. | Apr 2009 | B2 |
7802085 | Graunke | Sep 2010 | B2 |
20010011267 | Kihara et al. | Aug 2001 | A1 |
20010021969 | Burger et al. | Sep 2001 | A1 |
20010027511 | Wakabayashi et al. | Oct 2001 | A1 |
20010027527 | Khidekel et al. | Oct 2001 | A1 |
20010037450 | Metlitski et al. | Nov 2001 | A1 |
20010044786 | Ishibashi | Nov 2001 | A1 |
20010044886 | Cassagnol et al. | Nov 2001 | A1 |
20020004900 | Patel | Jan 2002 | A1 |
20020007456 | Peinado et al. | Jan 2002 | A1 |
20020012432 | England et al. | Jan 2002 | A1 |
20020023032 | Pearson et al. | Feb 2002 | A1 |
20020044567 | Voit et al. | Apr 2002 | A1 |
20020048369 | Ginter et al. | Apr 2002 | A1 |
20020065136 | Day | May 2002 | A1 |
20020080190 | Hamann et al. | Jun 2002 | A1 |
20020120844 | Faccin et al. | Aug 2002 | A1 |
20020147916 | Strongin et al. | Oct 2002 | A1 |
20020166053 | Wilson | Nov 2002 | A1 |
20020166061 | Falik et al. | Nov 2002 | A1 |
20020169717 | Challener | Nov 2002 | A1 |
20020169966 | Nyman et al. | Nov 2002 | A1 |
20020178354 | Ogg et al. | Nov 2002 | A1 |
20020178534 | Massaro | Dec 2002 | A1 |
20020198302 | Rouse et al. | Dec 2002 | A1 |
20030002668 | Graunke et al. | Jan 2003 | A1 |
20030018892 | Tello | Jan 2003 | A1 |
20030037237 | Abgrall et al. | Feb 2003 | A1 |
20030041250 | Proudler | Feb 2003 | A1 |
20030074548 | Cromer et al. | Apr 2003 | A1 |
20030105718 | Hurtado et al. | Jun 2003 | A1 |
20030112008 | Hennig | Jun 2003 | A1 |
20030114144 | Minemura | Jun 2003 | A1 |
20030115453 | Grawrock | Jun 2003 | A1 |
20030126442 | Glew et al. | Jul 2003 | A1 |
20030126453 | Glew et al. | Jul 2003 | A1 |
20030159056 | Cromer et al. | Aug 2003 | A1 |
20030182584 | Banes et al. | Sep 2003 | A1 |
20030188156 | Yasala et al. | Oct 2003 | A1 |
20030188179 | Challener et al. | Oct 2003 | A1 |
20030188181 | Kunitz et al. | Oct 2003 | A1 |
20030195857 | Acquisti | Oct 2003 | A1 |
20030196085 | Lampson et al. | Oct 2003 | A1 |
20030231328 | Chapin et al. | Dec 2003 | A1 |
20030235175 | Naghian et al. | Dec 2003 | A1 |
20040003324 | Uhlig et al. | Jan 2004 | A1 |
20040039924 | Baldwin et al. | Feb 2004 | A1 |
20040064694 | Lee et al. | Apr 2004 | A1 |
20040103281 | Brickell | May 2004 | A1 |
20040107286 | Larson et al. | Jun 2004 | A1 |
20040117539 | Bennett et al. | Jun 2004 | A1 |
20040123288 | Bennett et al. | Jun 2004 | A1 |
20040240667 | Lee et al. | Dec 2004 | A1 |
20040260926 | Arditti Modiano et al. | Dec 2004 | A1 |
20050010535 | Camenisch | Jan 2005 | A1 |
20050081038 | Arditti Modiano et al. | Apr 2005 | A1 |
20050100161 | Husemann et al. | May 2005 | A1 |
20050114682 | Zimmer et al. | May 2005 | A1 |
20050154890 | Vembu | Jul 2005 | A1 |
20050283586 | Mondal et al. | Dec 2005 | A1 |
20060013399 | Brickell et al. | Jan 2006 | A1 |
20060013400 | Sutton et al. | Jan 2006 | A1 |
20060013402 | Sutton et al. | Jan 2006 | A1 |
20060020786 | Helms et al. | Jan 2006 | A1 |
20060117181 | Brickell | Jun 2006 | A1 |
20070100913 | Sumner et al. | May 2007 | A1 |
20070192829 | Ford | Aug 2007 | A1 |
Number | Date | Country |
---|---|---|
1985466 | Jun 2007 | CN |
101019368 | Aug 2007 | CN |
101019369 | Aug 2007 | CN |
4217444 | Dec 1992 | DE |
10218835 | Apr 2002 | DE |
112005001666 | May 2007 | DE |
112005001672 | May 2007 | DE |
112005001654 | Nov 2007 | DE |
0473913 | Mar 1992 | EP |
0492692 | Jul 1992 | EP |
0600112 | Jun 1994 | EP |
0602867 | Jun 1994 | EP |
0877314 | Nov 1998 | EP |
0892521 | Jan 1999 | EP |
0930567 | Jul 1999 | EP |
0961193 | Dec 1999 | EP |
0965902 | Dec 1999 | EP |
1030237 | Aug 2000 | EP |
1055989 | Nov 2000 | EP |
1056014 | Nov 2000 | EP |
1067470 | Jan 2001 | EP |
1085396 | Mar 2001 | EP |
1146715 | Oct 2001 | EP |
1209563 | May 2002 | EP |
1271277 | Jan 2003 | EP |
1617587 | Jan 2006 | EP |
2620248 | Mar 1989 | FR |
2700430 | Jul 1994 | FR |
2714780 | Jul 1995 | FR |
2742618 | Jun 1997 | FR |
2752122 | Feb 1998 | FR |
2763452 | Nov 1998 | FR |
2830147 | Mar 2003 | FR |
2439160 | Dec 2007 | GB |
2000076139 | Mar 2000 | JP |
2006293472 | Oct 2006 | JP |
WO-9524696 | Sep 1995 | WO |
WO-9729567 | Aug 1997 | WO |
WO-9812620 | Mar 1998 | WO |
WO-9834365 | Aug 1998 | WO |
WO-9844402 | Oct 1998 | WO |
WO-9905600 | Feb 1999 | WO |
WO-9909482 | Feb 1999 | WO |
WO-9918511 | Apr 1999 | WO |
WO-9931842 | Jun 1999 | WO |
WO-9957863 | Nov 1999 | WO |
WO-9965579 | Dec 1999 | WO |
WO-0021238 | Apr 2000 | WO |
WO-0049764 | Aug 2000 | WO |
WO-0062232 | Oct 2000 | WO |
WO-0069206 | Nov 2000 | WO |
WO-0127723 | Apr 2001 | WO |
WO-0127821 | Apr 2001 | WO |
WO-0143476 | Jun 2001 | WO |
WO-0163954 | Aug 2001 | WO |
WO-0163994 | Aug 2001 | WO |
WO-0175565 | Oct 2001 | WO |
WO-0175595 | Oct 2001 | WO |
WO-0201794 | Jan 2002 | WO |
WO-0217555 | Feb 2002 | WO |
WO-0163953 | Jun 2002 | WO |
WO-0245453 | Jun 2002 | WO |
WO-02060121 | Aug 2002 | WO |
WO-02073928 | Sep 2002 | WO |
WO-0175564 | Oct 2002 | WO |
WO-02086684 | Oct 2002 | WO |
WO-03058412 | Jul 2003 | WO |
WO2005064881 | Dec 2003 | WO |
WO-2006019614 | Feb 2006 | WO |
WO-2006023151 | Mar 2006 | WO |
WO-2006025952 | Mar 2006 | WO |
Entry |
---|
Menezes et al., Handbook of Applied Cryptography, CRC Press, Oct. 1996, pp. 32-33. |
Notice of Allowance as received in U.S. Appl. No. 10/892,265 mailed May 13, 2010. |
Final Office Action as received in U.S. Appl. No. 10/892,265 mailed Apr. 17, 2008. |
Non-Final Office Action as received in U.S. Appl. No. 10/892,265 mailed Nov. 25, 2008. |
Non-Final Office Action as received in U.S. Appl. No. 10/892,265 mailed Sep. 12, 2007. |
Non-Final Office Action as received in U.S. Appl. No. 10/892,265 mailed Jun. 15, 2009. |
Non-Final Office Action as received in U.S. Appl. No. 10/892,265 mailed Jan. 22, 2010. |
Final Office Action as received in U.S. Appl. No. 10/782,572 mailed Jul. 9, 2008. |
Non-Final Office Action as received in U.S. Appl. No. 10/782,572 mailed Dec. 31, 2007. |
Non-Final Office Action as received in U.S. Appl. No. 10/782,572 mailed Dec. 23, 2008. |
Non-Final Office Action as received in U.S. Appl. No. 10/782,572 mailed Jul. 22, 2009. |
Notice of Allowance as received in U.S. Appl. No. 10/782,572 mailed May 17, 2010. |
Non-Final Office Action as received in U.S. Appl. No. 10/866,252 mailed Oct. 29, 2004. |
Final Office Action as received in U.S. Appl. No. 10/866,252 mailed May 5, 2005. |
Notice of Allowance as received in U.S. Appl. No. 10/866,252 mailed Sep. 11, 2008. |
Non-Final Office Action as received in U.S. Appl. No. 10/866,252 mailed Aug. 19, 2005. |
Final Office Action as received in U.S. Appl. No. 10/866,252 mailed Jan. 20, 2006. |
Non-Final Office Action as received in U.S. Appl. No. 10/866,252 mailed Apr. 5, 2007. |
Final Office Action as received in U.S. Appl. No. 10/866,252 mailed Jul. 16, 2007. |
Non-Final Office Action as received in U.S. Appl. No. 10/866,252 mailed Dec. 10, 2007. |
PCT, International Search Report and Written Opinion of the International Searching Authority, Application No. PCT/US2005/024486, mailed Sep. 18, 2006. |
Ateniese, Giuseppe, et al., “A Practical and Provably Secure Coalition-Resistant Group Signature Scheme”, Advances in Cryptology—CRYPT02000, vol. 1880 of Lecture Notes in Computer Science, Int'l; Assoc for Crypt Res, Spring-Verlag, Berlin, Germany, (2000), 16 pages. |
Berg, Cliff, “How Do I Create a Signed Applet?”, Dr. Dobb's Journal, (Aug. 1997), 6 pages. |
Brands, Stefan, “Restrictive Blinding of Secret-Key Certificates”, Springer-Verlag XP002201306, (1995), Chapter 3, 38 pages. |
Chang, T.-W., “Efficient Authentication Schemes Based on Group Certificate and Their Application on Mobile Communication Systems”, Thesis for Master of Science, Department of Electrical Engineering, National Cheng Kung University, Tainan, Taiwan, (Jun. 2003), 42 pages. |
Chien, Andrew A., et al., “Safe and Protected Execution for the Morph/AMRM Reconfigurable Processor”, 7th Annual IEEE Symposium, FCCM '99 Proceedings, XP010359180, ISBN 0-7695-0375-6, Los Alamitos, CA, (Apr. 21, 1999), 209-221. |
Compaq Computer Corporation, “Trusted Computing Platform Alliance (TCPA) Main Specification Version 1.1a”, XP002272822, (Jan. 25, 2001), 1-321. |
Coulouris, George, et al., “Distributed Systems, Concepts and Designs”, 2nd Edition (1994), 422-424. |
Crawford, John, “Architecture of the Intel 80386”, Proceedings of the IEEE International Conference on Computer Design: VLSI in Computers and Processors (ICCD '86), (Oct. 6, 1986), 155-160. |
Davida, George I., et al., “Defending Systems Against Viruses through Cryptographic Authentication”, Proceedings of the Symposium on Security and Privacy, IEEE Comp. Soc. Press, ISBN 0-8186-1939-2, (May 1989), pp. 312-318. |
Fabry, R.S., “Capability-Based Addressing”, Fabry, R.S., “Capability-Based Adressing,” Communications of the ACM, vol. 17, No. 7, (Jul. 1974), 403-412. |
Frieder, Gideon, “The Architecture and Operational Characteristics of the VMX Host Machine”, The Architecture and Operational Characteristics of the VMX Host Machine, IEEE, (1982), 9-16. |
Goldberg, Robert P., “Survey of Virtual Machine Research”, Computer Magazine, (Jun. 1974), 34-45. |
Gong, Li, et al., “Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2”, Proceedings of the USENIX Symposium on Internet Technologies and Systems, Monterey, CA, (Dec. 1997) 11 pages. |
Gum. P. H., “System/370 Extended Architecture: Facilities for Virtual Machines”, IBM J. Research Development, vol. 27, No. 6, (Nov. 1983), 530-544. |
Hall, Judith S., et al., “Virtualizing the VAX Architecture”, ACM SIGARCH Computer Architecture News, Proceedings of the 18th Annual International Symposium on Computer Architecture, vol. 19, Issue No. 3, (Apr. 1991), 10 pages. |
Hawthorne, W. M., “An Alternative to Public Key Encryption”, European Convention on Security and Detection, Found at: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=491615&isnumber=10615, (May 1995), 142-145. |
Heinrich, Joe, “MIPS R4000 Microprocessor User's Manual, Second Edition”, Chapter 4 “Memory Management”, (Jun. 11, 1993), 61-97. |
HP Mobile Security Overview, “HP Mobile Security Overview”, (Sep. 2002), 10 pages. |
IBM, “Information Display Technique for a Terminate Stay Resident Program IBM Technical Disclosure Bulletin”, TDB-ACC-No. NA9112156. vol. 34, Issue 7A, (Dec. 1, 1991), 156-158, 4 pages. |
IBM Corporation, “IBM ThinkPad T30 Notebooks”, IBM Product Specification, located at www-1.ibm.com/services/files/cisco—t30—spec—sheet—070202.pdf, last visited Jun. 23, 2004, (Jul. 2, 2002), 6 pages. |
Intel Corporation, “IA-32 Intel Architecture Software Developer's Manual”, vol. 3: System Programming Guide, Intel Corporation—2003, 13-1 through 13-24, 43 pages. |
Intel Corporation, “IA-64 System Abstraction Layer Specification”, Intel Product Specification, Order No. 245359-001, (Jan. 2000), 47 pages. |
Intel Corporation, “Intel 82802AB/82802AC Firmware Hub (FWH)”, Intel Product Datasheet, Document No. 290658-004, (Nov. 2000), 1-6, 17-28. 18 pages. |
Intel Corporation, “Intel IA-64 Architecture Software Developer's Manual”, vol. 2: IA-64 System Architecture, Order No. 245318-001. (Jan. 2000), i, ii, 5.1-5.3, 11.1-11.8, 11.23-11.26, 17 pages. |
Intel Corporation, “Intel386 DX Microprocessor 32-Bit CHMOS Microprocessor With Integrated Memory Management”, (1995), 5-56, 56 pages. |
Karger, Paul A., et al., “A VMM Security Kernel for the VAX Architecture”, Proceedings of the Symposium on Research in Security and Privacy, XP010020182, ISBN 0-8186-2060-9, Boxborough, MA, (May 7, 1990), 2-19, 18 pages. |
Kashiwagi, Kazuhiko, et al., “Design and Implementation of Dynamically Reconstructing System Software”, Software Engineering Conference, Proceedings 1996 Asia-Pacific Seoul, South Korea Dec. 4-7, 1996, Los Alamitos, CA USA, IEEE Computer Soc., US, ISBN 0-8186-7638-8, (1996), 10 pages. |
Lawton, Kevin, et al., “Running Multiple Operating Systems Concurrently on an IA32 PC Using Virtualization Techniques”, http://www.plex86.org/research/paper.txt, (Nov. 29, 1999), 1-31. |
Luke, Jahn, et al., “Replacement Strategy for Aging Avionics Computers”, IEEE AES Systems Magazine, XP002190614, (Mar. 1999). |
Menezes, Alfred J., et al., “Handbook of Applied Cryptography”, CRC Press Series on Discrete Mathematics and its Applications, Boca Raton, FL, XP002165287, ISBN 0849385237, (Oct. 1996), 403-405, 506-515, 570, 14 pages. |
Menezes, et al., “Hash Functions and Date Integrity”, PRC Press, LLC, (1997), Chapter 9, 63 pages. |
Motorola, “M68040 User's Manual”, (1993), 96 pages. |
Nanba, S., et al., “VM/4: ACOS-4 Virtual Machine Architecture”, VM/4: ACOS-4 Virtual Machine Architecture, IEEE, (1985), 171-178. |
Richt, Stefan, et al., “In-Circuit-Emulator Wird Echtzeittauglich”, Elektronic, Franzis Verlag GMBH, Munchen, DE, vol. 40, No. 16, XP000259620, (Aug. 6, 1991), 100-103. |
Robin, John S., et al., “Analysis of the Pentium's Ability to Support a Secure Virtual Machine Monitor”, Proceedings of the 9th USENIX Security Symposium, XP002247347, Denver, Colorado, (Aug. 14, 2000), 1-17, 18 pages. |
Rosenberg, Jonathan B., “How Debuggers Work (Algorithms, Data Structures, and Architecture”, Chapters 3 and 5 Hardware Debugger Facilities, Wiley Computer Publishing, United States, (1996), pp. 42-43, 95, 96 and 99, 27 pages. |
Rosenblum, M., “Virtual Platform: A Virtual Machine Monitor for Commodity PC”, Proceedings of the 11th Hotchips Conference, (Aug. 17, 1999), 185-196, 18 pages. |
RSA Security, “Hardware Authenticators”, www.rsasecurity.com/node.asp?id=1158, pp. 1-2. |
RSA Security, “RSA SecurID Authenticators”, www.rsasecurity.com/products/securid/datasheets/SID—DS—0103.pdf, pp. 1-2. |
RSA Security, “Software Authenticators”, www.srasecurity.com/node.asp?id=1313, pp. 1-2. |
Saez, Sergio, et al., “A Hardware Scheduler for Complex Real-Time Systems”, Proceedings of the IEEE International Symposium on Industrial Electronics, XP002190615, (Jul. 1999), 43-48, 6 pages. |
Schneier, Bruce, “Applied Cryptography”, Wiley and Sons, (1996), p. 173, 6 pages. |
Schneier, Bruce, “Applied Cryptography: Protocols, Algorithm, and Source Code in C”, Wiley, John & Sons, Inc., XP002939871; ISBN 0471117099, (Oct. 1995), 47-52. |
Schneier, Bruce, “Applied Cryptography: Protocols, Algorithm, and Source Code in C”, Wiley, John & Sons, Inc., XP002138607; ISBN 0471117099, (Oct. 1995), 56-65. |
Schneier, Bruce, “Applied Cryptography: Protocols, Algorithms, and Source Code C”, Wiley, John & Sons, Inc., XP0021111449; ISBN 0471117099, (Oct. 1995), 169-187. |
Sherwood, Timothy, et al., “Patchable Instruction ROM Architecture”, Department of Computer Science and Engineering, University of California, San Diego, La Jolla, CA, (Nov. 2001), 20 pages. |
Non-Final Office Action (dated Jun. 2, 2009), U.S. Appl. No. 11/387,203, filed Mar. 22, 2006, First Named Inventor: Ernest Brickell. |
Final Office Action (dated Dec. 7, 2009), U.S. Appl. No. 11/387,203, filed Mar. 22, 2006, First Named Inventor: Ernest Brickell. |
Non-Final Office Action (dated Mar. 29, 2010), U.S. Appl. No. 11/387,203, filed Mar. 22, 2006, First Named Inventor: Ernest Brickell. |
Final Office Action (dated Feb. 1, 2011), U.S. Appl. No. 11/387,203, filed Mar. 22, 2006, First Named Inventor: Ernest Brickell. |
U.S. Patent and Trademark Office Official Action for related U.S. Appl. No. 10/892,280 mailed Nov. 26, 2008. |
PCT, Preliminary Report on Patentability (Chapter 1 of the Patent Cooperation Treaty), Application No. PCT/US2005/024486 mailed Jan. 25, 2007. |
PCT, International Search Report and Written Opinion of the International Searching Authority, Application No. PCT/US2005/024374 mailed Sep. 18, 2006. |
PCT, Preliminary Report on Patentability (Chapter 1 of the Patent Cooperation Treaty), Application No. PCT/US2005/024374, mailed Jan. 25, 2007. |
PCT, International Search Report and Written Opinion of the International Searching Authority, Application No. PCT/US2005/024251, mailed Oct. 6, 2005. |
PCT, Preliminary Report on Patentability (Chapter 1 of the Patent Cooperation Treaty), Application No. PCT/US2005/024251, mailed May 5, 2011. |
PCT, International Search Report and Written Opinion of the International Searching Authority, Application No. PCT/US2005/024253, mailed Sep. 18, 2006. |
PCT, Preliminary Report on Patentability (Chapter 1 of the Patent Cooperation Treaty), Application No. PCT/US2005/024253, mailed Jan. 25, 2007. |
U.S. Patent and Trademark Office, Office Action dated Jun. 15, 2009, with Reply to Office Action filed on Sep. 15, 2009, in related U.S. Appl. No. 10/892,265. |
International Application No. PCT/US2005/024253, International Search Report. |
Non-Final Office Action (dated Jul. 21, 2010), U.S. Appl. No. 11/387,203, filed Mar. 22, 2006, First Named Inventor: Ernest Brickell. |
Notice of Allowance (dated Apr. 29, 2011), U.S. Appl. No. 11/387,203, filed Mar. 22, 2006, First Named Inventor: Ernest Brickell. |
Final Office Action (dated Dec. 23, 2009), U.S. Appl. No. 10/999,576, filed Nov. 30, 2001 First Named Inventor: Ernest Brickell. |
Non-Office Action (dated Jan. 24, 2008), U.S. Appl. No. 10/999,576, filed Nov. 30, 2001 First Named Inventor: Ernest Brickell. |
Non-Final Office Action (dated Jul. 24, 2008), U.S. Appl. No. 10/999,576, filed Nov. 30, 2001 First Named Inventor: Ernest Brickell. |
Final Office Action (dated Jan. 6, 2009), U.S. Appl. No. 10/999,576, filed Nov. 30, 2001 First Named Inventor: Ernest Brickell. |
Non-Final Office Action (dated Jun. 9, 2009), U.S. Appl. No. 10/999,576, filed Nov. 30, 2001 First Named Inventor: Ernest Brickell. |
Non-Final Office Action (dated Jul. 23, 2007), U.S. Appl. No. 10/892,256, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Final Office Action (dated Apr. 1, 2008), U.S. Appl. No. 10/892,256, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Non-Final Office Action (dated Sep. 29, 2008), U.S. Appl. No. 10/892,256, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Final Office Action (dated Mar. 24, 2009), U.S. Appl. No. 10/892,256, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Notice of Allowance (dated Dec. 7, 2009), U.S. Appl. No. 10/892,256, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Non-Final Office Action (dated Jul. 9, 2009), U.S. Appl. No. 10/892,280, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Non-Final Office Action (dated Sep. 12, 2007), U.S. Appl. No. 10/892,280, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Final Office Action (dated May 14, 2008), U.S. Appl. No. 10/892,280, filed Jul. 14, 2004 First Named Inventor: James A. Sutton II. |
Number | Date | Country | |
---|---|---|---|
20100183154 A1 | Jul 2010 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 10782572 | Feb 2004 | US |
Child | 12750128 | US |