There is a need for a simple and effective method to perform remote registration or activation in a secure manner for a connected device after it has been deployed in the field. For example, in a shared secret data system, the system has to initialize the shared secret in some manner. Moreover, derivatives of the shared secret may need to be created or utilized with the context of environments in which these connected devices are deployed and utilized.
While certain methodologies have been employed to share secrets between endpoints in the past, these methodologies have a whole host of disadvantages. One of the main disadvantages of almost all of these methodologies is the complexity of implementation. In addition to the complexity involved many of the methodologies employ the repeated use of asymmetric keys and exposure of the encrypted results. As such, the discovery of the private key of the asymmetric key pair is made more likely. Moreover, the use of asymmetric cryptography means that, by the very nature of asymmetric cryptography, at least one half of the key pair utilized (e.g., the public key) is not bound to a particular device or pair of devices.
What is desired then, are improved systems and methods that allow the ability to perform remote registration or sharing of secret data in a secure manner for a connected device after it has been deployed in the field including the creation and sharing of secret data between endpoints.