Field of the Invention
The present invention relates generally to authentication using secure devices with limited cryptography, and more particularly pertains to authentication using secure devices with limited cryptography which no longer have the capability to do public-key cryptography and generate random numbers.
The present invention relates to computational devices that are secure, in the sense that they carry out correct computation (which may include storage and controlled usage of secrets) despite attacks by skilled and potentially well-funded adversaries.
When deployed, these computational devices interact with various authorities. In many scenarios, it is necessary for an authority to verify that a communication from an allegedly untampered computational device is genuine, and/or a computational device to verify that a communication allegedly from a particular authority is genuine.
Many strong and flexible techniques exist for this task. However, failures and other problems may leave these devices too crippled to perform these tasks. Two such failure scenarios are:
The computational device's capability to perform public-key cryptography and random-number generation depends on software that is stored in rewritable media, and which may fail, leaving the device without these capabilities. PA1 Various zeroization scenarios may cause an otherwise untampered computational device to lose knowledge of its own certified private key, and/or the authority's public key. PA1 It avoids the risks and complexities of maintaining a large database of secrets at an authority's site. PA1 It avoids the weaknesses of derived-key approaches. PA1 It easily permits the authority who performs the authentication to differ from the installation authority who performs initialization. PA1 It continues to insulate untampered computational devices from being threatened by the successful compromise of any other computational device.