Traitement en cours

Veuillez attendre...

Paramétrages

Paramétrages

Aller à Demande

1. WO2001075563 - PRODUCTION D'UNE HIERARCHIE DE CLES, DESTINEE A UN USAGE DANS UN ENVIRONNEMENT D'EXECUTION ISOLEE

Note: Texte fondé sur des processus automatiques de reconnaissance optique de caractères. Seule la version PDF a une valeur juridique

[ EN ]

CLAIMS:

What is claimed is:

1. An apparatus comprising:

a key storage for storing an initial key; and

a cipher key creator in a protected platform creating a hierarchy of keys based upon the initial key, the protected platform having a processor configured in one of a normal execution mode and an isolated execution mode.

2. The apparatus of claim 1 wherein the initial key is unique for the platform.

3. The apparatus of claim 2 wherein the initial key is programmed into fuses of an Input/Output Control Hub (ICH).

4. The apparatus of claim 3 wherein the initial key is based on a random number.

5. The apparatus of claim 2 wherein the initial key is generated by the platform when the platform is first powered up.

6. The apparatus of claim 5 wherein the initial key is based upon a random number created by a random number generator of the platform.

7. The apparatus of claim 2 wherein the cipher key creator comprises a key generator for hashing an ID of loaded software code with a key of loading software code to create a loaded software code key.

8. The apparatus of claim 7 wherein the cipher key creator further comprises a key selector for selecting a smaller symmetric cipher key based upon the loaded software code key.

9. The apparatus of claim 8 wherein the key generator creates a processor nub key by hashing the initial key with a processor nub ID and the key selector selects a smaller processor nub cipher key based on the processor nub key.

10. The apparatus of claim 9 wherein the key generator creates an OS nub key by hashing the processor nub key with an OS nub ID and the key selector selects a smaller OS nub cipher key based on the OS nub key.

11. The apparatus of claim 10 wherein the key generator creates an applet key by hashing the OS nub key with an applet ID and the key selector selects an
applet cipher key based on the applet key.

12. A method comprising:

storing an initial key; and

creating a hierarchy of keys based upon the initial key in a protected platform, the protected platform having a processor configured in one of a normal execution mode and an isolated execution mode.

13. The method of claim 12 wherein the initial key is unique for the platform.

14. The method of claim 13 wherein storing the initial key comprises
programming the initial key into fuses of an Input/Output Control Hub (ICH).

15. The method of claim 14 wherein the initial key is based on a random number.

16. The method of claim 13 further comprising generating the initial key utilizing the platform when the platform is first powered up.

17. The method of claim 16 wherein generating the initial key comprises:
creating a random number with a random number generator of the platform;

generating the initial key based upon the random number; and

storing the initial key in the key storage.

18. The method of claim 13 further comprising hashing an ID of loaded software code with a key of loading software code to create a loaded software code key.

19. The method of claim 18 further comprising selecting a smaller symmetric cipher key based upon the loaded software code key.

20. The method of claim 19 further comprising:

creating a processor nub key by hashing the initial key with a processor nub ID; and

selecting a smaller processor nub cipher key based on the processor nub key.

21. The method of claim 20 further comprising:

creating an OS nub key by hashing the processor nub key with an OS nub ID; and

selecting a smaller OS nub cipher key based on the OS nub key.

22. The method of claim 21 further comprising creating an applet key by hashing the OS nub key with an applet ID; and

selecting an applet cipher key based on the applet key.

23. A computer program product comprising:

a machine readable medium having program code embedded therein, the computer program product comprising:

computer readable program code for storing an initial key; and

computer readable program code for creating a hierarchy of keys based upon the initial key in a protected platform, the protected platform having a processor configured in one of a normal execution mode and an isolated execution mode.

24. The computer program product of claim 23 wherein the initial key is unique for the platform.

25. The computer program product of claim 24 wherein the computer readable program code for storing an initial key comprises computer readable program code for programming the initial key into fuses of an Input/Output Control Hub (ICH).

26. The computer program product of claim 25 wherein the initial key is based on a random number.

27. The computer program product of claim 24 further comprising computer readable program code for generating the initial key utilizing the platform when the platform is first powered up.

28. The computer program product of claim 27 wherein the computer readable program code for generating the initial key comprises:

computer readable program code for creating a random number with a random number generator of the platform;

computer readable program code for generating the initial key based upon the random number; and

computer readable program code for storing the initial key in the key storage.

29. The computer program product of claim 24 further comprising computer readable program code for hashing an ID of loaded software code with a key of loading software code to create a loaded software code key.

30. The computer program product of claim 29 further comprising computer readable program code for selecting a smaller symmetric cipher key based upon the loaded software code key.

31. The computer program product of claim 30 further comprising:

computer readable program code for creating a processor nub key by hashing the initial key with a processor nub ID; and

computer readable program code for selecting a smaller processor nub cipher key based on the processor nub key.

32. The computer program product of claim 31 further comprising: computer readable program code for creating an OS nub key by hashing the processor nub key with an OS nub ID; and

computer readable program code for selecting a smaller OS nub cipher key based on the OS nub key.

33. The computer program product of claim 32 further comprising

computer readable program code for creating an applet key by hashing the OS nub key with an applet ID; and

computer readable program code for selecting an applet cipher key based on the applet key.

34. A protected platform comprising:

a chipset;

a memory coupled to the chipset having an isolated memory area;

a processor coupled to the chipset and the memory, the processor having a normal execution mode and an isolated execution mode, processor accessing the isolated memory area when the processor is in the isolated execution mode;

a key storage for storing an initial key; and

a cipher key creator creating a hierarchy of keys based upon the initial key.

35. The protected platform of claim 34 wherein the initial key is unique for the platform.

36. The protected platform of claim 35 wherein the initial key is programmed into fuses of an Input Output Control Hub (ICH).

37. The protected platform of claim 36 wherein the initial key is based on a random number.

38. The protected platform of claim 35 wherein the initial key is generated by the platform when the platform is first powered up.

39. The protected platform of claim 38 wherein the initial key is based upon a random number created by a random number generator of the platform.

40. The protected platform of claim 35 wherein the cipher key creator comprises a key generator for hashing an ID of loaded software code with a key of loading software code to create a loaded software code key.

41. The protected platform of claim 40 wherein the cipher key creator further comprises a key selector for selecting a smaller symmetric cipher key based upon the loaded software code key.

42. The protected platform of claim 41 wherein the key generator creates a processor nub key by hashing the initial key with a processor nub ID and the key selector selects a smaller processor nub cipher key based on the processor nub key.

43. The protected platform of claim 42 wherein the key generator creates an OS nub key by hashing the processor nub key with an OS nub ID and the key selector selects a smaller OS nub cipher key based on the OS nub key.

44. The protected platform of claim 43 wherein the key generator creates an applet key by hashing the OS nub key with an applet ID and the key selector selects an applet cipher key based on the applet key.