Abstract: A system is provided for distribution of device key sets over a network in a protected software environment (PSE). In the system, a client device includes a connection interface for receiving a crypto hardware (CH) token belonging to a user, untrusted software, a quoting enclave, and a PSE for generating a provisioning request for a device key set. An attestation proxy server (APS) receives the provisioning message using a first network connection, and transmits the provisioning message to an online provisioning server (OPS) using a second network connection. The OPS constructs a provisioning response and an encrypted device key set, and delivers the provisioning response to the untrusted software using the first and second network connections. The PSE decrypts the encrypted device key set to obtain the device key set, re-encrypts the device key set with a local chip-specific key, and stores the re-encrypted device key set.

Abstract: A method is provided for securely providing data for use in a consumer electronics device having a processor performing instructions defined in a software image. The method includes receiving the data encrypted according to a global key, further encrypting the data according to a device-unique hardware key, storing the further encrypted data in a secure memory of the consumer electronics device, providing the global key to a whitebox encoder for encoding according to a base key to generate a whitebox encoded global key, and transmitting the software image to the consumer electronics device for storage in an operating memory of the consumer electronics device, the software image having a whitebox decoder utility corresponding to the whitebox encoder and the whitebox encoded global key.

Abstract: A method and system are provided for updating an elliptic curve (EC) base point G, with the EC basepoint used in encryption and coding of video data. A candidate base point G is generated that includes additional data used for validation purposes and checked as a valid base point before transmission and use.

Abstract: A method for signing data such as software images is provided that uses modules executable by a generic client to sign hashes of the software images rather than the images themselves. The method avoids both the requirement for new or updated client software and the uploading of full software images to the signing system. This approach uses a generic client that requests and downloads processing modules from the signing system to perform the pre-processing operations in signing software images, as well as optionally for post-processing operations.

Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices, with the following characteristics. The system is secure in that it uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Further, application messages, license templates, licenses are digitally signed. The system is also flexible because it is configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template. The system is also scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations. The system is available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.

Abstract: A method is provided that permits user to submit a password to the private key that is to be used to decrypt files either at the time of user account setup or at the time of submitting the files. The password is stored securely in the system, permanently or temporarily, and is used later to decrypt the files right before the system is ready to process the files.

Abstract: A method is provided for providing a new master key to devices in a Thread network for an Internet of Things (IOT). To provide the new master key, Device Provisioning Key (DPK) is generated from a Network Seed Key (NSK) known to a Commissioner and Leader in a local network. The Commissioner provides the DPK as a unique per-device key to each device in the network to establish a secure session. The DPK is derived from the NSK as follows: DPK=OWF(NSK, ID), wherein OWF is a One Way Function, and ID is a unique device identifier for each device. The new master key can then be sent from the commissioner to the new devices to establish a secure session created using the DPK.

Abstract: A code signing system operating a web portal for user clients and a web service for automated machine clients. The web service can receive an operation request from a code signing module running on a remote machine client, the operation request including a request for a cryptographic operation and user credentials retrieved from a hardware cryptographic token connected to the machine client. The code signing system can perform the requested cryptographic operation and return a result to the machine client if the code signing system authenticates the machine client and the requested cryptographic operation is within a permissions set associated with the machine client.

Abstract: An improved code signing method is provided. The code signing method includes receiving a build notification at a package builder utility and retrieving one or more remotely stored code images and build logs identified in the build notification, invoking a code signing module with the package builder utility to request a digital signature from a remote code signing system, combining the requested digital signature with a code image or a manifest file comprising hashes of multiple code images, and storing the signed code image or signed manifest file at a code repository.

Abstract: A method is provided for redirecting signed code images. The method includes the steps of receiving a code image from an origin device at a proxy machine, invoking a code signing client at the proxy machine, receiving signing request information indicating a requested cryptographic operation, sending a code signing request to a code signing server, receiving a signed code image at the code signing client from the code signing server, storing the signed code image in a restricted memory, invoking a software repository client at the proxy machine, and sending the signed code image from the restricted memory location to a software repository.

Abstract: A method and system is provided that simplifies the key management by allowing personalization data protected for one chip model to be used to provision device with another chip model with different global hardware root keys. The solution minimizes the changes needed to be performed on the device during provisioning and remains secure.

Abstract: A method is provided for securely providing data for use in a consumer electronics device having a processor performing instructions defined in a software image. The method includes receiving the data encrypted according to a global key, further encrypting the data according to a device-unique hardware key, storing the further encrypted data in a secure memory of the consumer electronics device, providing the global key to a whitebox encoder for encoding according to a base key to generate a whitebox encoded global key, and transmitting the software image to the consumer electronics device for storage in an operating memory of the consumer electronics device, the software image having a whitebox decoder utility corresponding to the whitebox encoder and the whitebox encoded global key.

Abstract: A method and system is provided for embedding cryptographically modified versions of secret in digital certificates for use in authenticating devices and in providing services subject to conditional access conditions.

Abstract: A method of pushing data from a client to a key collector, comprising preparing one or more SOC keys and one or more SOC IDs at a client, pushing the one or more SOC keys and one or more SOC IDs from the client to one or more key collectors, receiving an acknowledgement at the client from the one or more key collectors in response to pushing the one or more SOC keys and one or more SOC IDs to the key collectors, and installing the one or more SOC keys and one or more SOC IDs on a system-on-chip.

Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices, with the following characteristics. The system is secure in that it uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Further, application messages, license templates, licenses are digitally signed. The system is also flexible because it is configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template. The system is also scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations. The system is available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.

Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.

Abstract: A method is provided for providing a new master key to devices in a Thread network for an Internet of Things (IOT). To provide the new master key, Device Provisioning Key (DPK) is generated from a Network Seed Key (NSK) known to a Commissioner and Leader in a local network. The Commissioner provides the DPK as a unique per-device key to each device in the network to establish a secure session. The DPK is derived from the NSK as follows: DPK=OWF(NSK, ID), wherein OWF is a One Way Function, and ID is a unique device identifier for each device. The new master key can then be sent from the commissioner to the new devices to establish a secure session created using the DPK.

Abstract: A method is provided for redirecting signed code images. The method includes the steps of receiving a code image from an origin device at a proxy machine, invoking a code signing client at the proxy machine, receiving signing request information indicating a requested cryptographic operation, sending a code signing request to a code signing server, receiving a signed code image at the code signing client from the code signing server, storing the signed code image in a restricted memory, invoking a software repository client at the proxy machine, and sending the signed code image from the restricted memory location to a software repository.

Abstract: A code signing system operating a web portal for user clients and a web service for automated machine clients. The web service can receive an operation request from a code signing module running on a remote machine client, the operation request including a request for a cryptographic operation and user credentials retrieved from a hardware cryptographic token connected to the machine client. The code signing system can perform the requested cryptographic operation and return a result to the machine client if the code signing system authenticates the machine client and the requested cryptographic operation is within a permissions set associated with the machine client.

Abstract: An improved code signing method is provided. The code signing method includes receiving a build notification at a package builder utility and retrieving one or more remotely stored code images and build logs identified in the build notification, invoking a code signing module with the package builder utility to request a digital signature from a remote code signing system, combining the requested digital signature with a code image or a manifest file comprising hashes of multiple code images, and storing the signed code image or signed manifest file at a code repository.