CPC H04L 9/32 (2013.01) [H04L 9/14 (2013.01); H04L 9/30 (2013.01)] | 20 Claims |
1. A distributed secure communication system, comprising:
a third System Control Processor (SCP) subsystem;
a second SCP subsystem that is coupled to the third SCP subsystem via a network; and
a first SCP subsystem that is coupled to the second SCP subsystem and the third SCP subsystem via the network, wherein the first SCP subsystem is configured to:
identify the second SCP subsystem and, in response, perform a signed communication secure communication channel establishment procedure with the second SCP subsystem that includes:
signing a first SCP authentication communication with a first private key to provide a first signed SCP authentication communication;
transmitting the first signed SCP authentication communication to the second SCP subsystem;
receiving a second signed SCP authentication communication from the second SCP subsystem and, in response, authenticating the second signed SCP authentication communication using a second public key associated with the second SCP subsystem; and
establishing, in response to authenticating the second signed SCP authentication communication, a first secure communication channel with the second SCP subsystem; and
receive, from the second SCP subsystem via the first secure communication channel, an attestation of an authentication of the third SCP subsystem that established a second secure communication channel between the SCP subsystem and the third SCP subsystem and, in response, establish a third secure communication channel with the third SCP subsystem without performing the signed communication secure communication channel establishment procedure with the third SCP subsystem.
|