Abstract: Embodiments of systems and methods disclosed herein include an embedded secret provisioning system that is based on a shared-derivative mechanism. Embodiments of this mechanism use a trusted third-party topology, but only a single instance of a public-private key exchange is required for initialization. Embodiments of the system and methods are secure and any of the derived secret keys are completely renewable in untrusted environments without any reliance on asymmetric cryptography. The derived secrets exhibit zero knowledge attributes and the associated zero knowledge proofs are open and available for review. Embodiments of systems and methods can be implemented in a wide range of previously-deployed devices as well as integrated into a variety of new designs using minimal roots-of-trust.

Abstract: Embodiments of systems and methods disclosed herein include an embedded secret provisioning system that is based on a shared-derivative mechanism. Embodiments of this mechanism use a trusted third-party topology, but only a single instance of a public-private key exchange is required for initialization. Embodiments of the system and methods are secure and any of the derived secret keys are completely renewable in untrusted environments without any reliance on asymmetric cryptography. The derived secrets exhibit zero knowledge attributes and the associated zero knowledge proofs are open and available for review. Embodiments of systems and methods can be implemented in a wide range of previously-deployed devices as well as integrated into a variety of new designs using minimal roots-of-trust.

Abstract: Embodiments of systems and methods disclosed herein include an embedded secret provisioning system that is based on a shared-derivative mechanism. Embodiments of this mechanism use a trusted third-party topology, but only a single instance of a public-private key exchange is required for initialization. Embodiments of the system and methods are secure and any of the derived secret keys are completely renewable in untrusted environments without any reliance on asymmetric cryptography. The derived secrets exhibit zero knowledge attributes and the associated zero knowledge proofs are open and available for review. Embodiments of systems and methods can be implemented in a wide range of previously-deployed devices as well as integrated into a variety of new designs using minimal roots-of-trust.

Abstract: Embodiments of systems and methods disclosed herein provide simple and effective methods for secure processes to share selected data with other processes and other memory locations, either secure or not, in a safe and secure manner. More specifically, in certain embodiments, systems and methods are disclosed that enable a secure data cache system to use one or more virtual machines to securely generate encryption keys based on information from multiple independent sources. In some embodiments, systems and methods are disclosed that provide protection from replay attacks by selectively changing the generated encryption keys.