BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a method and system for configuring/registering a
cryptographic device in the field of cryptography. More particularly, the present invention
relates to a circuit and method for configuring and registering a cryptographic device.
2. Description of Art Related to the Invention
Currently, many individuals are using personal computers to
store and to transmit sensitive information (e.g., confidential,
proprietary, etc.) in a digital format. For example, credit card account
information occasionally may be transmitted over the Internet to
purchase good(s) and/or service(s). Likewise, bank account numbers
and bank account balances are transmitted using on-line banking. Due
to the sensitive nature of this information, measures have been taken
to protect the "integrity" of the information outside the physical
confines of the computer; namely, to guarantee that the information
has not been altered without authorization. However, such measures
fail to protect information within the computer.
As described in U.S. Patent No. 5,539,828 assigned to Intel
Corporation, Assignee of the present application, information may be
protected within a computer by utilizing cryptographic hardware. The
cryptographic hardware includes an integrated circuit (IC) package
containing processing logic and dedicated, non-volatile (NV) memory
in the IC package (referred to as "device NV memory"). Typically, the
cryptographic hardware undergoes an exhaustive configuration phase
at a manufacturing facility in which the device NV memory is
configured to contain unique cryptographic information necessary for
secure functionality of the cryptographic device such as, for example, a
public/private key pair and a digital certificate.
This type of architecture will realize a few disadvantages as
cryptographic techniques become more advanced. One disadvantage is
that larger, more costly packages will be required because larger
amounts of device NV memory will be necessary in order to store
greater amounts of cryptographic information. Hence, it would be cost
efficient to substantially mitigate the amount of NV memory placed in
the cryptographic device in favor of NV memory located elsewhere in
the system which is referred to as "system NV memory" herein.
Examples of system NV memory include hard disk, NV memory
placed on a motherboard or daughter card, etc.
Currently, system NV memory can not be used. The reason is
that a reliable, cost-effective technique has not been developed for
ensuring that system NV memory, configured and programmed with
cryptographic information unique to a certain cryptographic hardware,
will be implemented within an electronic system having that
cryptographic hardware.
SUMMARY OF THE INVENTION
According to the present invention there is provided a method for configuring a
cryptographic device, comprising:
loading a device serial number into a non-volatile memory of the cryptographic
device;
generating a key within the cryptographic device;
loading the key into the non-volatile memory of the cryptographic device;
generating a public key and a private key within the cryptographic device;
encrypting the private key with the key within the cryptographic device; and
sending both the public key and encrypted private key to a database for^torage,
without storage of the public key and the private key internally within the cryptographic
device.
The present invention also provides a system for configuring/registering a
cryptographic device, comprising:
a chipset;
a non-volatile memory element coupled to the chipset;
a cryptographic device coupled to the chipset, the cryptographic device being
provided with processing logic having a small amount of device non-volatile memory, the
device non-volatile memory containing a device serial number and a symmetric key; and
a transceiver to download a public key of the system and a corresponding private key
encrypted with the symmetric key into the device non-volatile memory during registration,
the public key and the private key having been originally generated internally within the
cryptographic device during a prior configuration stage for exclusive storage outside the
cryptographic device prior to registration.
With respect to one embodiment of the configuration scheme, a device serial number
is loaded into a non-volatile memory of the cryptographic device. Internal to the
cryptographic device, a key is generated and loaded into the non-volatile memory of the
cryptographic device.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
The features and advantages of the present invention will
become apparent from the following detailed description of the present
invention in which:
Figure 1 is an illustrative block diagram of an electronic system
including a multi-chip module employed as a bridge element.
Figure 2 is a block diagram of a preferred embodiment of the
multi-chip module optimally shown as the bridge element of Figure 1.
Figure 3 is an illustrative embodiment of the processing
subsystem of Figure 1 including the cryptographic device.
Figure 4 is an illustrative embodiment of a substrate of Figure 3.
Figure 5 is an illustrative flowchart of the configuration scheme
performed by the cryptographic device of Figure 2.
Figure 6 is an illustrative flowchart of the registration scheme
performed by the cryptographic device of Figure 2.
DESCRIPTION OF THE PREFERRED EMBODIMENT
The present invention relates to a system and technique for
configuring a cryptographic device to utilize non-resident, non-volatile
(NV) memory and for registering the cryptographic device from a
remote location. In the following description, some terminology is
used in general to describe certain features of the present invention.
For example, an "electronic system" is generally defined as any
hardware product having information processing functionality such as,
for example, a computer, a facsimile machine and a printer.
"Information" is generally defined as one or more bits of data, address,
and/or control information.
In addition, the following terminology is used to identify
various types of cryptographic information. A "key" which is an
encoding and/or decoding parameter used by conventional
cryptographic functions such as a symmetric key cryptographic function
(e.g., a Data Encryption Standard "DES" based function) or a public-key
cryptographic function (e.g., a Rivest, Shamir and Adleman (R$A)
based function). A "digital certificate" is generally c?t;ned as any
information (e.g., a public key) used for user authentication. The
information is encrypted with a private key (FRKCA) of a certification
authority,, namely any person or entity in a position of trust to
guarantee or sponsor the digital certificate such as ? bank,
governmental entity, trade association, original equipment
manufacturer, and the like.
Referring to Figure 1, an illustrative embodiment of an
electronic system 100 employing the present invention is shown. In
this embodiment, the electronic system 100 comprises a chipset 110
interconnecting a number of subsystems. Examples of these subsystems
may include, but are not limited or restricted to a processing subsystem
120,. a memory subsystem 130, and an input/output (I/O) subsystem
140. Collectively, these subsystems 120, 130 and 140 control the
functionality of electronic subsystem iOO.
More specifically, as an illustrative embodiment, processing
subsystem 120 includes at least one central processing unit (CPU) 121.
CPU 121 is connec'ed to chipset 110 via a host bus 122. The memor;,
subsystem 130 usually includes one or more banks of volatile memory
(not shown) such as any type of dynamic random access memory
(DRAM), and/or static random access memory (SRAM). It is
contemplated, however, that system NTV memory may be used in
memory subsystem 130 in lieu of or m addition to volatile memory.
Furthermore, I/O subsystem 140 includes "n" peripheral
device(s) 141l-141n ("n" is a positive whole number) which are coupled
to an I/O bus 142. Examples of a peripheral device include a mass
storage device 141 ] (e.g., a hard dtsk drive, a digital rape drive, a floppy
disk drive, and a digital versatile disk "DVD" player).
To provide cryptographic functionality, a cryptographic device
150 may be connected to chipset 110 through a dedicated bus 160. Of
course, as alternative system embodiments, cryptographic device 150
may be placed in communication with another bus in computer 100
such as host bus 121 or another processor-based bus tike a backside bus
(not shown), or perhaps I/O bus 142.
Referring to Figures 2, an illustrative embodiment of
cryptographic device 150 of Figure 1 is shown. Cryptographic device 150
includes an integrated circuit (IC) device 200 contained within a
package 205 which protects IC device 200 from damage and harmful
contaminants. IC device 200 comprises a processing unit 210 integrated
with a small amount of device NV memory 215. Optionally, a random
number generator 220 may be implemented within package 205 as a
separate device connected to processing unit 210 through an internal
bus 225 (as shown) or integrated within processing unit 210. Random
number generator 220 is used to produce one of more keys when
cryptographic device 150 is operating in a configuration mode.
Although the embodiment of the cryptographic device 150
shown in Figure 2. may be implemented as a co-processor, it is
contemplated that a variety of different embodiments could be selected.
For example, cryptographic device 150 may be implemented within a
disk controller, on a ''smart" card (a form fraction shaped like a credit
card but having a micro-controller), or within a cartridge-like processor
package including CPU 121 as described below in Figures 3-4. Other
alternative embodiments may include incorporating the functionality
of the cryptographic device into a chipset or within CPU 121.
Referring to Figure 3, a perspective view of an alternative system
embodiment; implementing cryptographic device 150 within a
processing subsystem 120, is shown. IC components (including
cryptographic device 150) are placed on a processor substrate 300 formed
from any type of material upon which IC components (not shown) can
be attached through well-known techniques (e.g., solder connection,
etc.). The processor substrate 300 is substantially covered by a
rectangular-shaped package 310 in order to protect the IC components
from damage or harmful contaminants. Processor substrate 300
includes a connector 320, preferably adapted to establish a mechanical
and electrical connection with a motherboard for example. As shown,
connector 320 may include a standard male edge connector (as shown)
or perhaps a female edge connector.
As shown in Figure 4, the IC components of processor substrate
300 include, but are not limited or restricted to CPU 121.. memory 330
and cryptographic device 150. For communications with CPU 121,
cryptographic device 150 may be placed on (i) a backside bus which is
usually connected with memory 330, (ii) a front-side bus which is
usually connected with externa] connector 320, or (iii) a dedicated
internal bus. Of course, placement of this cryptographic device 150 is
arbitrary so long as latency and other requisite conditions are
maintained. Although not shown, discrete components (e.g.,
capacitors, oscillators, resistors, inductors, etc.) are attached to processor
substrate 300 in a selected manner to, among other things, maximize
routability and decrease length of communication lines between these
IC components.
Referring now to Figure 5, a preferred embodiment of a
configuration scheme utilized by the cryptographic device is shown. At
manufacture, the cryptographic device undergoes a configuration phase
in order to load only a limited amount of cryptographic information
into its integrated device NV memory. One embodiment for the
configuration chase involves the use of a certification system including
(i) a programming mechanism having a device carrier sized to
accommodate the cryptographic device, and (ii) a database (e.g., a server,
personal computer, mainframe, etc.) which receives cryptographic
information from the programming mechanism. To a^oid obscuring
the present invention, only the function operations of the
programming mechanism will be described.
When turned-on, the programming mechanism initially
supplies power and provides predetermined control information into
appropriate ieads of the cryptographic device via the device carrier.
' This control information places the cryptographic device into a
configuration mode (Step 400). After being placed in the configuration
mode, the cryptographic device initially receives a unique device serial
number (DSER) from the programming mechanism (Step 405).
Normally sized with a sufficient number of bits to avoid duplication
(e.g., 32 or 64 bits), DSER is stored in the integrated device N"V memory
of the cryptographic device and is provided to the database (Step 410).
DSER is used by the database as an index for a table of pointers. Each
pointer is responsible for addressing one or more locations in memory
which contain cryptographic information uniquely associated with the
cryptographic device identified by its DSER.
Additionally, by supplying power to the cryptographic device, the
random number generator is powered to produce random numbers
used in generating a unique symmetric key (SK) and a public/private
key pair (Step 415). The public key (PUK) is exported to the database
without undergoing any modification (Step 420). However, the private
key (PRK) is encrypted using an encryption algorithm (e.g., DES pre-
loaded in memory oi the cryptographic device), and thereafter, exported
to the database (Step 425). More specifically, PRK is encrypted with SK
(producing ES^(PRK)) before being exported to the database. As a result,
the cryptographic device contains a minimal amount of cryptographic
information, namely SK and DSER, while an indexed location of
database includes the majority of the cryptographic information.
Optionally, as represented by dashed lines, it is contemplated that
a digital certificate associated with PUK and DSER may be loaded into
the database at a later time, potentially even after the cryptographic
device has been sent to an original equipment manufacturer (OEM) for
placement in the electronic system (Step 430). The digital certificate
includes at least PUK encrypted with a private key of the manufacturer
in this embodiment, which could be used for subsequent
authentication ot the cryptographic device. It is contemplated,
however, that DSER may be included in the digital certificate.
After the cryptographic device has been installed into the
electronic system having sufficient system NV memory,
communications may be established to the database oi the
manufacturer for registration purposes. This registration scheme does
not require a secure communication channel because PRK has been
encrypted. Registration may be performed by any downstream
customer, including an OEM before shipment of the electronic system.
tc the end user, or the end user. For the later case, the electronic system
may be loaded with system software having a registration subroutine.
During initialization of the electronic system by system software, the
registration subroutine would assist in establishing communications
with the database in order to retrieve and download cryptographic
information unique to the electronic system. This registration scheme
may be transparent to the end user or may require active participation
by the end user in agreeing to certain terms and conditions (e.g.,
releasing the manufacturer from liability, etc).
Referring now to Figure 6, an illustrative embodiment of the
registration scheme between me database of the manufacturer and the
downstream customer (OEM, end user, etc.) is shown. First, a
communication channel has to be established between the database and
the electronic system implemented with the cryptographic device (Step
600). This may be accomplished over the Internet, through a dedicated
phor.e hne or over anv other communication link. Next, the electronic
system transmits a message, including DSER obtained from its
cryptographic device, to the database over the communication channel
(Step 605). The database receives the message and utilizes DSER as an
index in searching for cryptographic information associated with the
cryptographic device identified by DSEK (Step 610). This cryptographic
information (PUK, Esk(PRK), anc* digital certificate] is transmitted over
the communication channel to the electronic system and loaded into
system NV memory of the electronic system (Steps 615-620). Thus, the
crvptographic device now is fully functional to support public-key
cryptography because it has access to its PUK and PRK because ES]<(PRK)
can be decrypted with SK already integrated in its device NV memory.
While certain exemplary embodiments have been described and
shown m the accompanying drawings, it is to be understood that such
embodiments are merely illustrative of and not restrictive on the broad
invention, and that this invention not be limited to the specific
constructions and arrangements shown and described, since various
other modifications may occur to those ordinarily skilled in the art.
WE CLAIM:
1. A method for configuring a cryptographic device, comprising:
loading a device serial number into a non-volatile memory of the cryptographic
device;
generating a key within the cryptographic device;
loading the key into the non-volatile memory of the cryptographic device;
generating a public key and a private key within the cryptographic device;
encrypting the private key with the key within the cryptographic device; and
sending both the public key and encrypted private key to a database for storage,
without storage of the public key and the private key internally within the cryptographic
device.
2. A method as claimed in claim 1, wherein any further loading of information within
the non-volatile memory of cryptographic device is discontinued after the device serial
number and the key have been loaded.
3. A method as claimed in claim 1, wherein the device serial number is loaded into a
database remotely located from the cryptographic device.
4. A method as claimed in claim 3, wherein the device serial number is used as an index
to obtain one or more pointers from a table of pointers, each of the one or more pointers
being responsible for addressing a location in memory of the database containing either the
public key or the encrypted private key.
5. A method as claimed in claim 1, wherein there are carried out the steps of:
providing a public key to a certification authority;
receiving a digital certificate, being the public key encrypted with a private key of the
certification authority; and
sending the digital certificate to the database to accompany the public key and the
encrypted private key.
6. A method as claimed in claim 4, wherein the device serial number is unique and
distinct from device serial numbers for other cryptographic devices.
7. A method as claimed in claim 5, wherein the device serial number is unique and used
as an index to retrieve the public key, the encrypted private key and the digital certificate.
8. A method as claimed in claim 1, wherein the key is a symmetric key, unique and
distinct from other symmetric keys associated with the other cryptographic devices.
9. A method as claimed in claim 1, wherein the non-volatile memory is integrated within
processing logic of the cryptographic device.
10. A method for registering a cryptographic device, comprising:
establishing a communication channel between a database and an electronic system
implemented with the cryptographic device, the cryptographic device comprising an internal
non-volatile memory storing a key and a device serial number;
transmitting a message to the database, the message having the device serial number
contained in the cryptographic device; and
receiving a public key and a private key encrypted with the key associated with the
cryptographic device by retrieval of the public key and encrypted private key using the device
serial number, the public key and the private key having been originally generated internally
within the cryptographic device, but now stored within the database in lieu of the
cryptographic device itself.
11. A method as claimed in claim 10, wherein the public key and the private key
encrypted with the key are loaded into a non-volatile memory element of the electronic
system physically removed from the cryptographic device.
12. A method as claimed in claim 10, wherein prior to establishing the communication
channel, the public key and the encrypted private key are pre-loaded into the database by the
cryptographic device.
13. A method as claimed in claim 10, wherein the key is a symmetric key.
14. A method as claimed in claim 10, wherein prior to receiving the public key and the
private key, there are carried out the steps of:
receiving the message having the device serial number by the database;
using the device serial number as a lookup index; and
transmitting the public key and the private key encrypted with the key to the
electronic system.
15. A method as claimed in claim 10, wherein a digital certificate being the public key
encrypted with a private key of a certification authority is received.
16. A system for configuring/registering a cryptographic device, comprising:
a chipset;
a non-volatile memory element coupled to the chipset;
a cryptographic device coupled to the chipset, the cryptographic device being
provided with processing logic having a small amount of device non-volatile memory, the
device non-volatile memory containing a device serial number and a symmetric key; and
a transceiver to download a public key of the system and a corresponding private key
encrypted with the symmetric key into the device non-volatile memory during registration,
the public key and the private key having been originally generated internally within the
cryptographic device during a prior configuration stage for exclusive storage outside the
cryptographic device prior to registration.
17. A system as claimed in claim 16, wherein the non-volatile memory element has at
least a public key associated with the cryptographic device and a private key associated with
the cryptographic device, the private key being encrypted with the symmetric key.
18. A system as claimed in claim 17, wherein the device serial number is adapted to be
transmitted by the^ryptographic device to a remotely-located database to retrieve the public
key and the encrypted private key for storing into the non-volatile memory element.
19. A processing subsystem adapted to support a public key cryptographic function,
comprising:
a substrate;
a processor coupled to the substrate;
a cryptographic device coupled to the substrate, the cryptographic device comprising:
a processing unit,
a non-volatile memory integrated into the processing unit, the non-volatile memory
having a key and device serial number; without any public/private key pairs, and
a random number generator; and
a bus interconnecting the processor and the cryptographic device.
20. A processing subsystem as claimed in claim 19, wherein the random number
generator of the cryptographic device is integrated within the processing unit.
21. A processing subsystem as claimed in claim 19, wherein the bus is a backside bus.
22. A processing subsystem as claimed in claim 19, which is provided with a plastic
cartridge generally enclosing the substrate with exception to a connector located on an edgojp
of the substrate.
23. A method for configuring a cryptographic device, substantially as herein described
with particular reference to the accompanying drawings.
24. A system for configuring/registering a cryptographic device, substantially as herein
described.

There is disclosed a method for configuring a cryptographic device,
comprising loading a device serial number (DSER) into a non-volatile memory
(215) of the cryptographic device; generating a key (SK) within the
cryptographic device; loading the key (SK) into the non-volatile memory of the
cryptographic device; generating a public key and a private key within the
cryptographic device; encrypting the private key with the key (SK) within the
cryptographic device; and sending both the public key and encrypted private
key to a database for storage, without storage of the public key and the
private key internally within the cryptographic device.