| CPC H04L 9/3247 (2013.01) [G06V 10/44 (2022.01); G06V 10/764 (2022.01); H04L 9/0825 (2013.01); H04L 9/3221 (2013.01)] | 17 Claims |
|
1. A device comprising:
at least one image sensor associated with a hardware device identifier;
a hardware security module coupled to the at least one image sensor by at least one data bus, the hardware security module comprising a secure enclave that includes:
a first controller;
a memory management unit coupled to a secure memory within the secure enclave of the hardware security module, wherein the first controller communicates with the secure memory using the memory management unit; and
a digital signature engine;
wherein the hardware security module, using the memory management unit, stores to the secure memory a trusted image data bundle received from the at least one image sensor via the at least one data bus, wherein the trusted image data bundle includes image data captured by the at least one image sensor and the hardware device identifier;
wherein the first controller is configured to generate within the secure memory an attestation package comprising at least a representation of the image data and a representation of the hardware device identifier;
wherein the digital signature engine is configured to apply a cryptographic signature to the attestation package using a signature key, wherein the signature key is associated with a video session comprising a video image sequence of the image data and when the video session is started, a zero-knowledge proof is created showing that the signature key is signed by a key in a published database of authentic hardware keys, without revealing identifying information associated with the device; and
wherein the hardware security module is configured to output a set of attested media data based on the attestation package.
|