US 12,443,717 B2
Methods and processes to securely update secure elements
Kapil Sachdeva, Round Rock, TX (US); Sylvain Jacques Prevost, Austin, TX (US); and Philip Hill, Cardiff (GB)
Assigned to ASSA ABLOY AB, Stockholm (SE)
Appl. No. 17/756,835
Filed by ASSA ABLOY AB, Stockholm (SE)
PCT Filed Nov. 13, 2020, PCT No. PCT/EP2020/082136
§ 371(c)(1), (2) Date Jun. 3, 2022,
PCT Pub. No. WO2021/110389, PCT Pub. Date Jun. 10, 2021.
Claims priority of provisional application 62/944,588, filed on Dec. 6, 2019.
Prior Publication US 2022/0414224 A1, Dec. 29, 2022
Int. Cl. G06F 21/44 (2013.01); G06F 21/57 (2013.01); G06F 21/60 (2013.01)
CPC G06F 21/572 (2013.01) [G06F 21/44 (2013.01); G06F 21/602 (2013.01); G06F 2221/033 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A method for updating firmware on a secure element, the method comprising:
receiving, by a gateway device, from a remote source, a firmware file, the gateway device comprising a plurality of secure elements including a first secure element and a second secure element;
securely receiving, by a processing element implemented on the gateway device, an ephemeral session specific key material for the first secure element of the plurality of secure elements implemented on the gateway device, wherein the ephemeral session specific key material is generated in response to mutual authentication with the first secure element using a key associated with the first secure element;
dividing, by the gateway device, the firmware file into a plurality of data chunks;
causing, by the processing element, the second secure element to encrypt packets of the plurality of data chunks of the firmware file using the ephemeral session specific key material and to send the encrypted packets of the plurality of data chunks of the firmware file to the first secure element of the plurality of secure elements;
after the encrypted packets of the plurality of data chunks of the firmware file have been sent to the first secure element of the plurality of secure elements, securely receiving, by the processing element, a subsequent ephemeral session specific key material for the second secure element of the plurality of secure elements implemented on the gateway device, wherein the subsequent ephemeral session specific key material is generated in response to mutual authentication with the second secure element using another key associated with the second secure element; and
causing, by the processing element, the first secure element to subsequently encrypt packets of the plurality of data chunks of the firmware file using the subsequent ephemeral session specific key and to send the subsequently encrypted packets to the second secure element.