US 11,757,656 B2
Efficient post-quantum anonymous attestation with signature-based join protocol and unlimited signatures
Manoj Sastry, Portland, OR (US); and Rafael Misoczki, Hillsboro, OR (US)
Assigned to INTEL CORPORATION, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Apr. 15, 2022, as Appl. No. 17/721,656.
Application 17/721,656 is a continuation of application No. 16/455,978, filed on Jun. 28, 2019, granted, now 11,362,835.
Prior Publication US 2022/0239498 A1, Jul. 28, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); H04L 9/06 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/3247 (2013.01) [H04L 9/0643 (2013.01); H04L 9/0822 (2013.01); H04L 9/0894 (2013.01); H04L 9/3236 (2013.01); H04L 9/0861 (2013.01)] 21 Claims
OG exemplary drawing
 
1. An apparatus, comprising a hardware processor to:
generate, in a group member device of a set of group member devices, a first set of cryptographic keys for attestation of the group member device in the set of group member devices and a set of leaf nodes in a sub-tree of a Merkle tree corresponding to the first set of cryptographic keys;
forward, from the group member device to a group manager, a request to join a group managed by the group manager;
receive, from the group manager, a challenge generated from a nonce;
sign the nonce using one of leaf nodes in the set of leaf nodes;
forward the set of leaf nodes from the group member device to the group manager;
receive, in the group member device, a subset of intermediate nodes in the Merkle tree, the intermediate nodes being common to all available authentications paths through the Merkel tree for signatures originating in the sub-tree; and
determine, in the group member device, a cryptographic key that defines an authentication path through the Merkle tree, the authentication path comprising one or more nodes from the set of leaf nodes and one or more nodes from the intermediate nodes received from the group manager.