US 12,267,442 B2
Establishing trust between supervisors in a network device
Julien André Alexis Gomes, Vancouver (CA); and Baptiste Elie Franck Covolato, Vancouver (CA)
Assigned to Arista Networks, Inc., Santa Clara, CA (US)
Filed by Arista Networks, Inc., Santa Clara, CA (US)
Filed on Jul. 20, 2022, as Appl. No. 17/869,225.
Prior Publication US 2024/0031174 A1, Jan. 25, 2024
Int. Cl. H04L 29/00 (2006.01); H04L 9/08 (2006.01); H04L 9/32 (2006.01)
CPC H04L 9/3268 (2013.01) [H04L 9/0825 (2013.01); H04L 9/3247 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method for establishing trust between first and second supervisors in a network device, the method comprising:
generating, by the first supervisor, an internal certificate authority (CA) private key;
receiving, by the first supervisor, a public attestation identity key (AIK) from the second supervisor;
generating, by the first supervisor, a certificate using the public AIK and the internal CA private key;
receiving, by the first supervisor, first signed platform configuration register (PCR) values from the second supervisor;
storing, by the first supervisor, the received first signed PCR values; and
after storing the first signed PCR values:
sending, by the first supervisor, a PCR value request to the second supervisor;
receiving, by the first supervisor and in response to the PCR value request, second signed PCR values from the second supervisor; and
determining, by the first supervisor and based on comparing the stored first signed PCR values with the second signed PCR values, that trust is established between the first supervisor and the second supervisor.