Search

EP-4738761-A2 - SECURE KEY EXCHANGE USING KEY-ASSOCIATED ATTRIBUTES

EP4738761A2EP 4738761 A2EP4738761 A2EP 4738761A2EP-4738761-A2

Abstract

A method for secure key exchange. The method comprises receiving a request to certify a key from a communication partner at an interface between an access and tamper resistant circuit block and exposed circuitry. Within the access and tamper resistant circuit block, a first random private key is generated. A corresponding public key of the first random private key is derived, and a cryptographic digest of the public key and attributes associated with the first random private key is generated. The generated cryptographic digest is signed using a second random private key that has been designated for signing by one or more associated attributes. The public key and the signature are then sent to the communication partner via the interface.

Inventors

  • CHHODAVDIA, AVDHESH
  • CHEN, LING TONY
  • DOMKE, FELIX STEFAN
  • RAHMI, Kambiz
  • FULLER, JAY SCOTT

Assignees

  • Microsoft Technology Licensing, LLC

Dates

Publication Date
20260506
Application Date
20210727

Claims (15)

  1. A system (100, 200) for operating a hardware enforced key register, comprising: an access and tamper resistant circuit block (101, 201), including: an interface (103, 203) to exposed circuitry (102, 202); a plurality of keys stored in the hardware enforced key register (130, 231), each key associated with a plurality of attributes; and processing circuitry configured to: receive (510) a request for a combined authorization key; based on the received request, retrieve (520) two or more keys and associated attributes for each retrieved key from the hardware enforced key register; using a mixing algorithm, combine (530) the two or more retrieved keys with attributes for the combined authorization key to generate the combined authorization key; and store (540) the combined authorization key and attributes for the combined authorization key in the hardware key register.
  2. The system of claim 1, wherein the attributes for each retrieved key encode and determine designated operations that can be performed on each respective retrieved key.
  3. The system of claim 1, wherein the mixing algorithm is a one-way function that does not aid in disclosing the retrieved keys to the exposed circuitry.
  4. The system of claim 1, wherein the mixing algorithm is applied to two retrieved keys to generate an intermediate authorization key, and wherein the mixing algorithm is applied to the intermediate authorization key and a third retrieved key to generate the combined authorization key.
  5. The system of claim 1, wherein at least one of the two or more retrieved keys is a subscription key.
  6. The system of claim 1, wherein the received request indicates multi-authorization from different entities associated with each key.
  7. The system of claim 1, wherein the associated attributes for each key provide permission to combine using the mixing algorithm.
  8. The system of claim 1, wherein the attributes for the combined authorization key are based at least in part on the attributes associated with one or more of the two or more retrieved keys.
  9. The system of claim 8, wherein the attributes for the combined authorization key further comprise an appended attribute which is specific to the combined authorization key.
  10. A method (500) for implementing a hardware enforced key register, comprising: receiving (510) a request for a combined authorization key; based on the received request, retrieving (520) two or more keys and associated attributes for each retrieved key from the hardware enforced key register; using a mixing algorithm, combining (530) the two or more retrieved keys with attributes for the combined authorization key to generate the combined authorization key; and storing (540) the combined authorization key and attributes for the combined authorization key in the hardware enforced key register.
  11. The method of claim 10, wherein the attributes for each retrieved key encode and determine designated operations that can be performed on each respective retrieved key.
  12. The method of claim 10, wherein the mixing algorithm is applied to two retrieved keys to generate an intermediate authorization key, and wherein the mixing algorithm is applied to the intermediate authorization key and a third retrieved key to generate the combined authorization key.
  13. The method of claim 10, wherein at least one of the two or more retrieved keys is a subscription key.
  14. The method of claim 10, wherein the received request indicates multi-authorization from different entities associated with each key.
  15. A computer-readable medium including instructions that, when executed by at least one processor, cause the at least one processor to perform a method for implementing a hardware enforced key register, the method comprising: receiving (510) a request for a combined authorization key; based on the received request, retrieving (520) two or more keys and associated attributes for each retrieved key from the hardware enforced key register; using a mixing algorithm, combining (530) the two or more retrieved keys with attributes for the combined authorization key to generate the combined authorization key; and storing (540) the combined authorization key and attributes for the combined authorization key in the hardware enforced key register.

Description

BACKGROUND Modern computing devices rely on secure means of exchanging information with other computing devices. In particular, users assume security for financial transactions, identity-based transactions, subscription services, etc. Each new mechanism for securing information provides a new opportunity for intentional security breaches. Often, these breaches are initiated using techniques that introduce malicious software that subverts one or more security measures taken by the device's makers. Measures for preventing such breaches are therefore increasingly important. SUMMARY This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Furthermore, the claimed subject matter is not limited to implementations that solve any or all disadvantages noted in any part of this disclosure. Examples are disclosed that relate to secure key management. One example comprises receiving a request to certify a key from a communication partner at an interface between an access and tamper resistant circuit block and exposed circuitry. Within the access and tamper resistant circuit block, a first random private key is generated. A corresponding public key of the first random private key is derived, and a cryptographic digest of the public key and attributes associated with the first random private key is generated. The generated cryptographic digest is signed using a second random private key that has been designated for signing by one or more associated attributes. The public key and the signature are then sent to the communication partner via the interface. Another example comprises receiving a request for a combined authorization key. Based on the received request, two or more keys are retrieved along with associated attributes for each retrieved key from the hardware enforced key register. Using a mixing algorithm, the two or more retrieved keys and their associated attributes are combined to generate the combined authorization key and associated attributes. The combined key and associated attributes are then stored in the hardware key register. In a further example, a system comprises an access and tamper resistant circuit block, including an interface to exposed circuitry, a plurality of keys stored in a hardware key register, each key associated with a plurality of attributes, and processing circuitry. The processing circuitry is configured to receive, at the interface, a request for authorization based on a first key of the plurality of keys. Based on the plurality of attributes associated with the first key, the processing circuitry determines whether the first key can be modded by a one-way function for use outside the access and tamper resistant circuit block. Based on determining that the first key can be modded by a one-way function for use outside the access and tamper resistant circuit block, the processing circuitry performs a mod function to generate a sharable output. The sharable output is then exported via the interface. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 schematically shows a cryptographic key management system comprising key attributes.FIGS. 2-3 schematically show example operations that may be securely performed by a cryptographic key management system comprising key attributes.FIG. 4 shows an example method for secure key exchange.FIG. 5 shows an example method for generating a cryptographic key based on two or more existing cryptographic keys.FIG. 6 shows an example method for securely sharing cryptographic keys.FIG. 7 schematically shows basic operational parameters that may be influenced by key attributes associated with cryptographic keys.FIG. 8 shows an example method for initializing and reinitializing platform configuration registers.FIG. 9 shows a block diagram of an example computing system. DETAILED DESCRIPTION Cryptography is increasingly used to protect digital assets and communications. As such, vulnerabilities in modem computing systems are at risk to malicious attacks. The rapidly growing sophistication of cyber-attacks requires equally, if not more sophisticated means of storing, processing, and managing cryptographic keys. Even a single compromised key could lead to a considerable data breach with consequences for both users and service providers. Cryptographic keys are now embedded into nearly all digital systems and applications. These keys, including symmetric keys, private keys, and hash keys, are protected by sophisticated management systems to prevent data breaches. Keys that are reused, used incorrectly, overused, stored improperly, or otherwise exposed to non-secure environments pose a risk to device and application security. However, while cryptographic keys may be stored in a secure environment, event