US 12,113,915 B2
Federal Information Processing Standard (FIPS) compliant Device Identifier Composition Engine (DICE) certificate chain architecture for embedded systems
Xiaoyu Ruan, Folsom, CA (US); Ned M. Smith, Beaverton, OR (US); and Matthew G. Pirretti, Chandler, AZ (US)
Assigned to Intel Corporation, Santa Clara, CA (US)
Filed by Intel Corporation, Santa Clara, CA (US)
Filed on Mar. 30, 2022, as Appl. No. 17/709,274.
Prior Publication US 2022/0321361 A1, Oct. 6, 2022
Int. Cl. H04L 9/32 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/3252 (2013.01) [H04L 9/0869 (2013.01)] 26 Claims
OG exemplary drawing
 
1. An apparatus comprising:
Deterministic Random Bit Generator (DRBG) logic circuitry to generate a random number for each layer of a Device Identifier Composition Engine (DICE), wherein the DRBG logic circuitry is a Federal Information Processing Standard (FIPS) approved DRBG logic circuitry; and
derivative logic circuitry to derive an Elliptic Curve Digital Signature Algorithm (ECDSA) private key for a layer of the DICE based at least in part on one or more operations of a FIPS-approved ECDSA key pair generation logic circuitry,
wherein at least one certificate chain on an embedded system is to be constructed to link a secure state and transition to a specific attestation key for the layer.