公开(公告)号：US20190074981A1

公开(公告)日：2019-03-07

申请号：US16118579

申请日：2018-08-31

申请人： Trustonic Limited

发明人： Chris LORESKAR ,  Alec Milne EDGINGTON ,  John DENT ,  Jan-Erik Gustav EKBERG

IPC分类号： H04L9/32 ,  H04L9/30 ,  H04L9/14 ,  H04L9/08

摘要： A method of post-manufacture generation of the device certificate 20 for verifying an electronic device 2 according to a public key infrastructure is provided. The method comprises obtaining, at a certificate generating apparatus 40, a first key 42 associated with the device 2. A second key 22 for the electronic device is derived from the first key 42. The device certificate 20 for the PKI is generated with the second key acting as the public key 22 associated with the device certificate 20. In a corresponding way a private key 24 for the PKI can be generated by the electronic device 2 based on a shared first key 42. This approach enables the manufacturing cost for manufacturing an electronic device to be reduced whilst still enabling use of a PKI for attesting to properties of the device 2.

公开(公告)号：US20180114220A1

公开(公告)日：2018-04-26

申请号：US15785651

申请日：2017-10-17

申请人： TRUSTONIC LIMITED

发明人： Jan-Erik Gustav EKBERG

IPC分类号： G06Q20/38 ,  H04L29/06 ,  G06Q20/40

CPC分类号： G06Q20/3829 ,  G06F21/44 ,  G06F21/57 ,  G06F21/6281 ,  G06F21/73 ,  G06Q20/4014 ,  G06Q2220/00 ,  H04L9/007 ,  H04L9/0869 ,  H04L9/3247 ,  H04L9/3265 ,  H04L63/061 ,  H04L63/0807 ,  H04L2209/38

摘要： A method for establishing a new cryptographic identity for an electronic device comprises providing in the electronic device at least one device key for encryption or decryption of data or commands or for proving the identity of the electronic device according to the new cryptographic identity; and uploading, to a public ledger for tracking a chain of cryptographic identities established for said electronic device, information indicative of an identity of a stakeholder establishing the new cryptographic identity and an order in which the new cryptographic identity was established with respect to other cryptographic identities in said chain.

公开(公告)号：US20170116438A1

公开(公告)日：2017-04-27

申请号：US15259315

申请日：2016-09-08

申请人： TRUSTONIC LIMITED

发明人： Jan-Erik Gustav EKBERG ,  Donald Kenneth FELTON

IPC分类号： G06F21/71 ,  G06F21/14 ,  G06F21/53

CPC分类号： G06F21/71 ,  G06F21/14 ,  G06F21/53 ,  G06F21/606 ,  G06F2221/033 ,  G06F2221/0704 ,  G06F2221/2149 ,  H04L63/0435 ,  H04L63/0876

摘要： A device has an installed cryptographic program that performs cryptographic operations in dependence upon a received diversification value. The diversification value is generated by an obfuscated personalisation program installed in the device and is dependent upon a personalisation input to the personalisation program. The personalisation input is characteristic of the particular execution environment provided by the device, and may take the form of a proper subset selected from among variables characterising the device, such as hardware properties, static software configuration and results from processing dynamic variables to check that they have expected properties. The diversification value generated by the personalisation program is returned (in encrypted form) to a server which also has a copy of the cryptographic program. Thus, the server and the device may communicate using a secure channel provided by the combination of the cryptographic program and the diversification value. The personalisation program installed may be obfuscated by code flattening, reordering and variable fragmentation.