Various technologies implement access control and/or user authentication protocols involving one or more secure devices (e.g., security chips, smartcards and/or the like). These devices are configured to execute certain cryptographic operations, including encryption, decryption and cryptographic key generation. Occasionally, data enabling the cryptographic functions needs to be upgraded and/or replaced in order to mitigate or correct vulnerabilities. Such data includes code, including firmware, and other cryptographic data, including public/private encryption keys. Certifying entities issue certificates verifying at least a portion of this data to user applications.
To illustrate one example, computing systems that incorporate a suitable secure device can create cryptographic keys and then, encrypt those keys such that only the secure device itself is capable of decrypting them. This process, which can be referred to as wrapping or binding a key, protects the key from unwanted disclosure. Each secure device maintains, in secure memory, one or more such cryptographic keys. However, if a security vulnerability exists on the secure device, the firmware most likely is defective and due for replacement. Updating the firmware resolves the vulnerability but often results in the generation of new cryptographic keys. Because these keys are generated in an uncontrolled environment where the crypto-processor remains vulnerable to misuse, certificates for these new keys cannot be issued outside of a controlled environment where the keys are secure from exposure. Without certification, distinguishing between a compromised device with old exploitable firmware and a device with new updated firmware that does not contain the exploit is rendered extremely difficult.