US 12,235,967 B1
Extending measured boot for secure link establishment
Ori Cohen, Atlit (IL); Barak Wasserstrom, Mitzpe Aviv (IL); and Andrew Robert Sinton, Jerusalem (IL)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on May 25, 2023, as Appl. No. 18/323,868.
Application 18/323,868 is a continuation of application No. 17/305,135, filed on Jun. 30, 2021, granted, now 11,709,941.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 29/06 (2006.01); G06F 21/57 (2013.01); H04L 9/30 (2006.01); H04L 9/32 (2006.01)
CPC G06F 21/575 (2013.01) [H04L 9/3073 (2013.01); H04L 9/3265 (2013.01); G06F 2221/034 (2013.01)] 20 Claims
OG exemplary drawing
 
1. An integrated circuit device comprising:
a processor; and
one or more memories storing code that, when executed by the processor, causes the integrated circuit device to act as a first device to perform operations including:
sending a first digital certificate of the first device (D1(cert-1)) to a second device, the D1(cert-1) generated by a boot process for the first device;
receiving a first digital certificate of the second device (D2(cert-1)) from the second device, the D2(cert-1) generated by a boot process for the second device;
generating a second digital certificate of the first device (D1(cert-2)) based on the received D2(cert-1);
receiving a second digital certificate of the second device (D2(cert-2)) from the second device that is generated by the second device based on the D1(cert-1);
verifying the D2(cert-2) based on the D2(cert-1); and
establishing a secure link with the second device using the D2(cert-2).