Computer systems are increasingly targets of a wide variety of security threats. Many computer architectures integrate a device having security sub-module or a separate stand alone secure processor to provide hardware support for applications. This security sub-module or secure processor often becomes the security foundation of the entire system. In these systems, it is desirable for the device to possess a device-unique root key. Often, the device-specific root key is an asymmetric key having a private key portion and a public key portion.
The public portion of the device-unique root key can be certified by a certificate authority (CA) through a certificate. A certificate binds the public portion of the device-unique root key using a digital signature of a trusted party (the CA) to an entity such as an individual or corporation. Typically, the digital signature is a hash of at least the device public key encrypted with the private key of the CA. By presenting the certificate of the device root key, a system integrating the device is able to establish a high level of trust to its peers or to a network hierarchy. Directly or indirectly, a device root key can be used to establish the authenticity of the system, to attest system status information, or to secure two-way communication.
Generating a device root key and issuing a certificate for the device root key to the system incorporating the device presents huge challenges to the device manufacturing process, both logistically and technically. The generation of RSA root keys is extremely time consuming and therefore not feasible for high volume production. Additionally, if keys are instead injected into the device, assurance in security evaluations requires secure communications between the equipment injecting the keys and the devices.
What is therefore needed are systems and methods for securely generating device root keys in the field and issuing device root key certificates.
The present invention will be described with reference to the accompanying drawings. The drawing in which an element first appears is typically indicated by the leftmost digit(s) in the corresponding reference number.