Browse Prior Art Database

A Method for establishing Endorsement Credentials for dynamically generated Endorsement Keys in a Trusted Computing Platform

IP.com Disclosure Number: IPCOM000202475D
Publication Date: 2010-Dec-16
Document File: 3 page(s) / 37K

Publishing Venue

The IP.com Prior Art Database

Abstract

A Method for establishing Endorsement Credentials for dynamically generated Endorsement Keys in a Trusted Computing Platform is disclosed.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 56% of the total text.

Page 01 of 3

A Method for establishing Endorsement Credentials for dynamically generated Endorsement Keys in a Trusted Computing Platform

Disclosed is a method for establishing Endorsement Credentials for dynamically generated Endorsement Keys in a Trusted Computing Platform.

Trusted Computing Platforms are generally single image systems, which contain a Trusted Platform Module (TPM).

time the system is manufactured, an Endorsement Key is generated by (or inserted into) the TPM device.

this Endorsement Key (EK) is an Endorsement Credential. This is a digital certificate that is used by third parties to verify that the EK belongs to a genuine TPM. There are also two additional credentials (Platform and Conformance) that are created and associated with the EK (purely for convenience). In large scale partitionable servers, where each partition may optionally be enabled to have a TPM, there is a need to have a unique Endorsement Credential per partition.

The system could be shipped with sufficient EK's and Credentials for all possible partitions. Since space on the TPM is limited and the EK's must be contained within the TPM, or protected by that specific TPM, a solution that uses less space is preferred.

Credential for dynamically generated EKs may be generated for the case where the evaluation of the EK is performed by a trusted third party at the time the EK is used. The system at manufacturer has either generated or injected into it via a secure mechanism, a Platform Signing...