公开(公告)号：US20240078343A1

公开(公告)日：2024-03-07

申请号：US18463744

申请日：2023-09-08

Applicant: Apple Inc.

Inventor： Hervé Sibert ,  Eric D. Friedman ,  Erik C. Neuenschwander ,  Jerrold V. Hauck ,  Thomas P. Mensch ,  Julien F. Freudiger ,  Alan W. Yu

IPC: G06F21/64 ,  H04L9/14 ,  H04L9/32

CPC classification number: G06F21/64 ,  H04L9/14 ,  H04L9/3236 ,  H04L9/3263 ,  H04L9/3271

Abstract: Techniques are disclosed relating to application verification. In various embodiments, a computing device includes a secure circuit configured to maintain a plurality of cryptographic keys of the computing device. In such an embodiment, the computing device receives, from an application, a request for an attestation usable to confirm an integrity of the application, instructs the secure circuit to use one of the plurality of cryptographic keys to supply the attestation for the application, and provides the attestation to a remote computing system in communication with the application. In some embodiments, the secure circuit is configured to verify received metadata pertaining to the identity of the application and use the cryptographic key to generate the attestation indicative of the identity of the application.

公开(公告)号：US20200159966A1

公开(公告)日：2020-05-21

申请号：US16683233

申请日：2019-11-13

Applicant: Apple Inc.

Inventor： Hervé Sibert ,  Eric D. Friedman ,  Erik C. Neuenschwander ,  Jerrold V. Hauck ,  Thomas P. Mensch ,  Julien F. Freudiger ,  Alan W. Yu

IPC: G06F21/64 ,  H04L9/14 ,  H04L9/32

Abstract: Techniques are disclosed relating to application verification. In various embodiments, a computing device includes a secure circuit configured to maintain a plurality of cryptographic keys of the computing device. In such an embodiment, the computing device receives, from an application, a request for an attestation usable to confirm an integrity of the application, instructs the secure circuit to use one of the plurality of cryptographic keys to supply the attestation for the application, and provides the attestation to a remote computing system in communication with the application. In some embodiments, the secure circuit is configured to verify received metadata pertaining to the identity of the application and use the cryptographic key to generate the attestation indicative of the identity of the application.

公开(公告)号：US11790119B2

公开(公告)日：2023-10-17

申请号：US16683233

申请日：2019-11-13

Applicant: Apple Inc.

Inventor： Hervé Sibert ,  Eric D. Friedman ,  Erik C. Neuenschwander ,  Jerrold V. Hauck ,  Thomas P. Mensch ,  Julien F. Freudiger ,  Alan W. Yu

IPC: G06F21/64 ,  H04L9/14 ,  H04L9/32

CPC classification number: G06F21/64 ,  H04L9/14 ,  H04L9/3236 ,  H04L9/3263 ,  H04L9/3271

Abstract: Techniques are disclosed relating to application verification. In various embodiments, a computing device includes a secure circuit configured to maintain a plurality of cryptographic keys of the computing device. In such an embodiment, the computing device receives, from an application, a request for an attestation usable to confirm an integrity of the application, instructs the secure circuit to use one of the plurality of cryptographic keys to supply the attestation for the application, and provides the attestation to a remote computing system in communication with the application. In some embodiments, the secure circuit is configured to verify received metadata pertaining to the identity of the application and use the cryptographic key to generate the attestation indicative of the identity of the application.

公开(公告)号：US20180352042A1

公开(公告)日：2018-12-06

申请号：US15721541

申请日：2017-09-29

Applicant: Apple Inc.

Inventor： Erik C. Neuenschwander ,  Hamid M. Osman ,  Solomon Reda ,  Dmytro V. Bilov ,  James C. Wilson ,  Eric Daniel Friedman ,  Thomas P. Mensch ,  Alan W. Yu

IPC: H04L29/08 ,  H04L9/30 ,  G06Q20/38 ,  H04L9/32

Abstract: Some embodiments provide a method of providing information to a third-party service. From the third-party service, the method receives a request for information regarding a particular device that is transacting with the third-party service. The request includes data encrypted by the particular device that is inaccessible to the third-party service. The method accesses the encrypted data to determine a unique identifier of the particular device. The method uses the unique identifier to determine the requested information. The method provides the requested information to the third-party service without providing an identity of the device to the third-party service.