Abstract: A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The identity private key is stored in permanent, secure storage such that it can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature. The digital signature is generated by enciphering a derivation of the identity public key and the attribute data with the signature private key known only to the issuer. The authenticity of the descriptor data is verified by decrypting the signature with the signature public key using a known algorithm, and comparing the result to the derivation of the descriptor data. The identity of the object can be verified requesting the smart chip to perform an encryption/decryption operation using its identity private key, and performing the complement using the public key.

Abstract: A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object's identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a cellular telephone, in which a service provider verifies identity of the telephone and correct signature as a condition to providing service.

Abstract: A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object's identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a cellular telephone, in which a service provider verifies identity of the telephone and correct signature as a condition to providing service.

Abstract: A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object's identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a television receiver system which verifies identity of an embedded smart chip and entitlement to receive television service.

Abstract: A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The identity private key is stored in permanent, secure storage such that it can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature. The digital signature is generated by enciphering a derivation of the identity public key and the attribute data with the signature private key known only to the issuer. The authenticity of the descriptor data is verified by decrypting the signature with the signature public key using a known algorithm, and comparing the result to the derivation of the descriptor data. The identity of the object can be verified requesting the smart chip ro perform an encryption/decryption operation using its identity private key, and performing the complement using the public key.

Abstract: A method for providing secure access to console functions of a computer system and authentication of a console device is disclosed. The method comprises first initiating a first EKE sequence to generate a unique shared secret per device utilizing a default device identifier and associated default shared secret on a system-attached device from which a console operation is desired to be enabled. Then, a shared secret is generated from the first EKE sequence, and the generated shared secret is utilized in place of the default device shared secret in subsequent console authentication procedures for that device. Following, the shared secret is securely stored within a storage location of the system and on the system-attached device. The device's shared secret is subsequently replaced on each connection from that device.

Abstract: A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The identity private key is stored in permanent, secure storage such that it can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature. The digital signature is generated by enciphering a derivation of the identity public key and the attribute data with the signature private key known only to the issuer. The authenticity of the descriptor data is verified by decrypting the signature with the signature public key using a known algorithm, and comparing the result to the derivation of the descriptor data. The identity of the object can be verified requesting the smart chip ro perform an encryption/decryption operation using its identity private key, and performing the complement using the public key.

Abstract: A method for providing secure access to console functions of a computer system and authentication of a console device is disclosed. The method comprises first initiating a first EKE sequence to generate a unique shared secret per device utilizing a default device identifier and associated default shared secret on a system-attached device from which a console operation is desired to be enabled. Then, a shared secret is generated from the first EKE sequence, and the generated shared secret is utilized in place of the default device shared secret in subsequent console authentication procedures for that device. Following, the shared secret is securely stored within a storage location of the system and on the system-attached device. The device's shared secret is subsequently replaced on each connection from that device.