A method, system, and program product for remotely attesting to a state of computing system is provided. Specifically, the present invention allows a remote system to establish trust in the properties of the computer system. The properties to be trusted are expanded from the usual system software layers and related configuration files to novel types of data such as static data specific to the computer system, dynamic data determined at system startup, or dynamic data created as the computer system runs applications.

This disclosure relates to systems and methods for enabling the use of secret digital or electronic information without exposing the sensitive information to unsecured applications. In certain embodiments, the methods may include invoking, by a client application executing in an open processing domain, a secure abstraction layer configured to interface with secret data protected by a secure processing domain. Secure operations may be securely performed on the secret data by the secure abstraction layer in the secure processing domain based on an invocation from a client application running in the open processing domain.

Techniques are described herein that are capable of provisioning a trusted execution environment (TEE) based on (e.g., based at least in part on) a chain of trust that includes a platform on which the TEE executes. Any suitable number of TEEs may be provisioned. For instance, a chain of trust may be established from each TEE to the platform on which an operating system that launched the TEE runs. Any two or more TEEs may be launched by operating system(s) running on the same platform or by different operating systems running on respective platforms. Once the chain of trust is established for a TEE, the TEE can be provisioned with information, including but not limited to policies, secret keys, secret data, and/or secret code. Accordingly, the TEE can be customized with the information without other parties, such as a cloud provider, being able to know or manipulate the information.

A trusted execution environment obtains an attestation request. The attestation request includes at least an attestation key. Based on obtaining the attestation request, one or more integrity measurements are computed, and the computing uses at least the attestation key. The one or more integrity measurements are provided to an entity, and the one or more integrity measurements are to be used to verify that a secure guest has been started using a selected secure guest image and selected secure guest metadata.

Environment type validation can provide a tamper-resistant validation of the computing environment within which the environment type validation is being performed. Such information can then be utilized to perform policy management, which can include omitting verifications in order to facilitate the sharing of policy, such as application licenses, from a host computing environment into a container virtual computing environment. The environment type validation can perform multiple checks, including verification of the encryption infrastructure of the computing environment, verification of code integrity mechanisms of that computing environment, checks for the presence of functionality evidencing a hypervisor, checks for the presence or absence of predetermined system drivers, or other like operating system components or functionality, checks for the activation or deactivation of resource management stacks, and checks for the presence or absence of predetermined values in firmware.

An information handling system may include at least one processor and an information handling resource. The information handling system may be configured to enable memory-mapped input/output (MMIO) communication between a program executing on the at least one processor and the information handling resource via a sealed memory region based on a cryptographic trust relationship existing between the program and the information handling resource.

Examples disclosed herein include are computing device hardware components, computing devices, systems, machine-readable mediums, and interconnect protocols that provide for code object measurement of a peripheral device and a method for accessing the measurements to verify integrity across a computing interconnect (e.g., Peripheral Component Interconnect ExpressPCIe). For example, a cryptographic processor of a PCIe endpoint (such as a peripheral) may take a measurement (e.g., computing a hash value) of a code object on the device prior to executing the code object. This measurement may be placed in a register that is accessible to another component, such as a host operating system across a PCIe bus for interrogation. The host operating system may utilize an interconnect protocol, such as a PCIe protocol to access the measurement. These measurements may be consumed by a Trusted Platform Manager or other components of a host system that may verify the measurements.

The invention relates to distributed ledger technologies such as consensus-based blockchains. A blockchain transaction may include digital resources that are encumbered by a locking script that encodes a set of conditions that must be fulfilled before the encumbered resources may be used (e.g., transferring ownership/control of encumbered resources). A worker (e.g., a computer system) performs one or more computations to generate a proof, which is encoded as part of an unlocking script. A verification algorithm may utilize the proof, a verification key, and additional data such as a cryptographic material associated with the worker (e.g., a digital signature) to verify that digital assets of the transaction should be transferred. As a result of the validation of this transaction, any third party is able to check the contract was executed corrected rather than re-executing the contract, thus saving computational power.

A Hardware Security Module (HSM) (900), and method thereof, suitable for use in securely servicing cryptographic requests from multiple tenant applications to preserve end-to-end privacy is provided. A Link Encryption and Key Diversification interoperability (43) between two processors provides cryptographic and logical isolation between multiple tenant applications on the HSM (900) that use and share more than one PCIe Physical Function (30) over more than one Virtual Function (VF) (21) to one or more Crypto Units (CU) (61) for satisfying a request (46) of an HSM cryptographic services. An Output Feedback (OFB) block with CRC support is further provided with encryption and decryption. The HSM as configured is more resistant to side channel attacks.

Techniques are presented for using a processing resource to control access to a resource. Steps comprise generating an elliptic curve digital signature algorithm signature comprising a first signature component, r, and a second signature component, w, the generation step comprising: forming, by a node, a signing group with other nodes; obtaining, by the node, based on a secure random number: a) a multiplicative inverse of the secure random number; and b) the first signature component, r, wherein the first signature component is determined based on the secure random number and an elliptic curve generator point; determining, by the node, a partial signature; receiving partial signatures from other nodes of the signing group; generating the second component; and using the signature to control access to the and/or transfer of a resource over a computer-implemented network.