公开(公告)号：US11630903B1

公开(公告)日：2023-04-18

申请号：US17081276

申请日：2020-10-27

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F21/60 ,  G06F21/62 ,  G09C1/00 ,  H04L9/32 ,  H04L9/08 ,  H04L9/30 ,  G06F21/71 ,  G06F21/32

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

公开(公告)号：US10536271B1

公开(公告)日：2020-01-14

申请号：US15435229

申请日：2017-02-16

Applicant: Apple Inc.

Inventor： Thomas P. Mensch ,  Conrad Sauerwald ,  Jerrold V. Hauck ,  Timothy R. Paaske ,  Zhimin Chen ,  Andrew R. Whalley

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32 ,  G06F21/70 ,  G06F21/73 ,  G06F21/57

Abstract: Systems and methods are disclosed for generating one or more hardware reference keys (HRK) on a computing device, and for attesting to the validity of the hardware reference keys. An initial hardware reference key can be a silicon attestation key (SIK) generated during manufacture of a computing system, such as a system-on-a-chip. The SIK can comprise an asymmetric key pair based at least in part on an identifier of the processing system type and a unique identifier of the processing system. The SIK can be signed by the computing system and stored thereon. The SIK can be used to generate further HRKs on the computing device that can attest to the processing system type of the computing device and an operating system version that was running when the HRK was generated. The computing device can generate an HRK attestation (HRKA) for each HRK generated on the computing system.

公开(公告)号：US09661495B2

公开(公告)日：2017-05-23

申请号：US14474716

申请日：2014-09-02

Applicant: Apple Inc.

Inventor： Tyler Hawkins ,  Christopher Wilson ,  Conrad Sauerwald ,  Gregory Novick ,  Neil G. Crane ,  Rudolph Van Der Merwe ,  Samuel Noble ,  Paul William Chinn

IPC: H04W4/00 ,  H04W8/26 ,  G06K7/14 ,  H04W12/04 ,  H04W8/18 ,  H04W8/00

CPC classification number: H04W8/265 ,  G06K7/1447 ,  H04W4/80 ,  H04W8/005 ,  H04W8/18 ,  H04W12/04

Abstract: A method of activating a first device is disclosed. The method includes: the first device pairing with a second device; receiving a connection request from a second device; connecting to the second device; opening a communication channel to the second device; transmitting an activation package to the second device; receiving an activation payload from the second device; and performing an activation using information from the activation payload.

公开(公告)号：US20150350247A1

公开(公告)日：2015-12-03

申请号：US14477564

申请日：2014-09-04

Applicant: Apple Inc.

Inventor： Mitchell D. Adler ,  Michael L.H. Brouwer ,  Conrad Sauerwald

IPC: H04L29/06 ,  H04L12/58

CPC classification number: H04L63/166 ,  H04L51/04 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/18

Abstract: A method and apparatus of a device that enables a user to participate in a secure instant messaging session by starting with a low security connection before switching to a high security connection is described. The device concurrently establishes a low security connection and a high security connection with a remote participant of the secure instant messaging session. The device sends a first message to the remote participant through the low security connection while the high security connection is being established. The device further determines whether the high security connection is established. If the high security connection is established, the device can send a second message to the remote participant through the high security connection. If the high security connection is not yet established, the device can send the second message to the remote participant through the low security connection.

Abstract translation: 描述了一种设备的方法和装置，其使得用户能够在切换到高安全性连接之前以低安全性连接开始参与安全即时消息收发会话。 该设备同时建立与安全即时消息传递会话的远程参与者的低安全性连接和高安全性连接。 当建立高安全性连接时，设备通过低安全性连接向远程参与者发送第一条消息。 设备进一步确定高安全性连接是否建立。 如果建立了高安全性连接，则设备可以通过高安全性连接向远程参与者发送第二条消息。 如果高安全性连接尚未建立，则设备可以通过低安全性连接将第二条消息发送给远程参与者。

公开(公告)号：US20150010148A1

公开(公告)日：2015-01-08

申请号：US14493458

申请日：2014-09-23

Applicant: Apple Inc.

Inventor： R. Stephen Polzin ,  Fabrice L. Gautier ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Michael L. H. Brouwer

IPC: H04L9/08

CPC classification number: H04L9/0861 ,  G06F21/72 ,  G09C1/00 ,  H04L9/0822 ,  H04L9/0897 ,  H04L2209/24

Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.

Abstract translation: SOC实现安全飞地处理器（SEP）。 SEP可以包括处理器和一个或多个安全外设。 SEP可以与SOC的其余部分隔离（例如SOC中的一个或多个中央处理单元（CPU），或SOC中的应用处理器（AP））。 对SEP的访问可以由硬件严格控制。 例如，描述了CPU / AP仅能访问SEP中的邮箱位置的机制。 CPU / AP可以向邮箱写入消息，SEP可以读取并响应。 在一些实施例中，SEP可以包括以下一个或多个：使用包装密钥的安全密钥管理，引导和/或电源管理的SEP控制以及存储器中的单独的信任区域。

公开(公告)号：US08873747B2

公开(公告)日：2014-10-28

申请号：US13626476

申请日：2012-09-25

Applicant: Apple Inc.

Inventor： R. Stephen Polzin ,  Fabrice L. Gautier ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Michael L. H. Brouwer

IPC: H04L29/06 ,  H04L9/08 ,  G06F21/72

CPC classification number: H04L9/0861 ,  G06F21/72 ,  G09C1/00 ,  H04L9/0822 ,  H04L9/0897 ,  H04L2209/24

Abstract: An SOC implements a security enclave processor (SEP). The SEP may include a processor and one or more security peripherals. The SEP may be isolated from the rest of the SOC (e.g. one or more central processing units (CPUs) in the SOC, or application processors (APs) in the SOC). Access to the SEP may be strictly controlled by hardware. For example, a mechanism in which the CPUs/APs can only access a mailbox location in the SEP is described. The CPU/AP may write a message to the mailbox, which the SEP may read and respond to. The SEP may include one or more of the following in some embodiments: secure key management using wrapping keys, SEP control of boot and/or power management, and separate trust zones in memory.

Abstract translation: SOC实现安全飞地处理器（SEP）。 SEP可以包括处理器和一个或多个安全外设。 SEP可以与SOC的其余部分隔离（例如SOC中的一个或多个中央处理单元（CPU），或SOC中的应用处理器（AP））。 对SEP的访问可以由硬件严格控制。 例如，描述了CPU / AP仅能访问SEP中的邮箱位置的机制。 CPU / AP可以向邮箱写入消息，SEP可以读取并响应。 在一些实施例中，SEP可以包括以下一个或多个：使用包装密钥的安全密钥管理，引导和/或电源管理的SEP控制以及存储器中的单独的信任区域。

公开(公告)号：US20230385427A1

公开(公告)日：2023-11-30

申请号：US18301860

申请日：2023-04-17

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F21/60 ,  G06F21/71 ,  H04L9/30 ,  H04L9/08 ,  G09C1/00 ,  H04L9/32 ,  G06F21/62

CPC classification number: G06F21/602 ,  G06F21/71 ,  H04L9/30 ,  H04L9/0877 ,  G09C1/00 ,  H04L9/3231 ,  H04L9/0866 ,  G06F21/6218 ,  G06F21/32

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.

公开(公告)号：US10586260B2

公开(公告)日：2020-03-10

申请号：US13668109

申请日：2012-11-02

Applicant: Apple Inc.

Inventor： Thomas Matthieu Alsina ,  Scott T. Boyd ,  Michael Kuohao Chu ,  Augustin J. Farrugia ,  Gianpaolo Fasoli ,  Patrice O. Gautier ,  Sean B. Kelly ,  Payam Mirrashidi ,  Pedraum Pardehpoosh ,  Conrad Sauerwald ,  Kenneth W. Scott ,  Rajit Shinh ,  Braden Jacob Thomas ,  Andrew R. Whalley

IPC: G06Q30/06

Abstract: In one embodiment, a unique (or quasi unique) identifier can be received by an application store, or other on-line store, and the store can create a signed receipt that includes data desired from the unique identifier. This signed receipt is then transmitted to a device that is running the application obtained from the on-line store and the device can verify the receipt by deriving the unique (or quasi-unique) identifier from the signed receipt and comparing the derived identifier with the device identifier stored on the device, or the vendor identifier assigned to the application vendor.

公开(公告)号：US09900767B2

公开(公告)日：2018-02-20

申请号：US15599088

申请日：2017-05-18

Applicant: Apple Inc.

Inventor： Tyler Hawkins ,  Christopher Wilson ,  Conrad Sauerwald ,  Gregory Novick ,  Neil G. Crane ,  Rudolph Van Der Merwe ,  Samuel Noble ,  Paul William Chinn

IPC: H04W8/26 ,  H04W4/00 ,  G06K7/14 ,  H04W12/04 ,  H04W8/18 ,  H04W8/00

CPC classification number: H04W8/265 ,  G06K7/1447 ,  H04W4/80 ,  H04W8/005 ,  H04W8/18 ,  H04W12/04

Abstract: A method of establishing communications with a first device is disclosed. The method includes: the first device presenting connection information to a second device; receiving a response from a second device; establishing an association with the second device; transmitting, in response to a determination that the first device and the second device are connected for data, first data to the second device, the first data comprising addressing information for a server; receiving second data from the second device, the second data comprising second information for establishing communications with the first device; and configuring the first device to receive third data from a location remote to the first device using the second information from the second data.

公开(公告)号：US09892267B1

公开(公告)日：2018-02-13

申请号：US15372697

申请日：2016-12-08

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Mitchell D. Adler ,  Conrad Sauerwald ,  Fabrice L. Gautier ,  Shu-Yi Yu

IPC: G06F11/30 ,  G06F21/60 ,  G06F21/62

CPC classification number: G06F21/602 ,  G06F21/32 ,  G06F21/6218 ,  G06F21/71 ,  G09C1/00 ,  H04L9/0866 ,  H04L9/0877 ,  H04L9/30 ,  H04L9/3231 ,  H04L2209/125

Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.