- Preparation
- Let
N
andG
be the elliptic curve arguments. - Let key expansion function
f(role,i) = HKDF(seed, sha256(role)^i)
. - A trust schema that decides the roles/scopes binding to each device.
- Let
- Bootstrapping
- DEVICE generates a master ECC key
(a,A)
. - DEVICE proves its identity to CA and sends
A
to CA. - CA generates an 128-bit AES key
seed
. - CA encrypts
seed
withA
and sends back to DEVICE. - DEVICE decrypts
seed
witha
. - DEVICE only needs to store
seed
anda
in its storage.
- DEVICE generates a master ECC key
- Private Key Derivation
- DEVICE infers the roles/scopes it has access to and the
i
set from the trust schema. - For each role/scope name
role
and time-related numberi
(<=128-bit), DEVICE computesf(role,i)
. - The corresponding private key is
b_{role,i} = (a+f(role,i))%N
.
- DEVICE infers the roles/scopes it has access to and the
- Public Key Derivation
- CA infers the roles/scopes DEVICE has access to and the
i
set from the trust schema. - For each role/scope name
role
and time-related numberi
(<=128-bit), CA computesf(role,i)
. - The corresponding public key is
B_{role,i} = A+f(role,i)*G
.
- CA infers the roles/scopes DEVICE has access to and the
High level description of CertCoalesce.
To install the package
python3 setup.py install
Run demo.py
:
python3 examples/demo.py