Abstract: A method for validating an electronic device 2 includes receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations. Each event attestation provides a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device. A validation result is determined that indicates whether the attestation information is valid. Providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.

Abstract: A device has an installed cryptographic program that performs cryptographic operations in dependence upon a received diversification value. The diversification value is generated by an obfuscated personalisation program installed in the device and is dependent upon a personalisation input to the personalisation program. The personalisation input is characteristic of the particular execution environment provided by the device, and may take the form of a proper subset selected from among variables characterising the device, such as hardware properties, static software configuration and results from processing dynamic variables to check that they have expected properties. The diversification value generated by the personalisation program is returned (in encrypted form) to a server which also has a copy of the cryptographic program. Thus, the server and the device may communicate using a secure channel provided by the combination of the cryptographic program and the diversification value.

Abstract: A method for validating an electronic device 2 comprises receiving attestation information provided by the electronic device 2 attesting that the electronic device 2 has received a plurality of event attestations, each event attestation providing a cryptographically authenticated attestation to the occurrence of a respective event during a lifecycle of the electronic device, and determining a validation result indicating whether the attestation information is valid. By providing separate cryptographically authenticated attestations for respective events in the lifecycle of the device, this can simplify manufacturing of the devices in a multistage manufacture process compared to an approach using a single device-specific attestation attesting that the entire process is trusted.

Abstract: A device has an installed cryptographic program that performs cryptographic operations in dependence upon a received diversification value. The diversification value is generated by an obfuscated personalisation program installed in the device and is dependent upon a personalisation input to the personalisation program. The personalisation input is characteristic of the particular execution environment provided by the device, and may take the form of a proper subset selected from among variables characterising the device, such as hardware properties, static software configuration and results from processing dynamic variables to check that they have expected properties. The diversification value generated by the personalisation program is returned (in encrypted form) to a server which also has a copy of the cryptographic program. Thus, the server and the device may communicate using a secure channel provided by the combination of the cryptographic program and the diversification value.