Abstract
This disclosure describes a scheme to strengthen on-device trust anchors using key rotation and multiple sources. The trust anchors enable device-to-device authentication where software relies on the trust anchor. The described scheme includes rotating public keys over time. A device receives a list of trusted public keys from multiple sources, with the final trust anchor being the intersection of the copies of the list received from the different sources. This approach offers benefits such as enhanced security if individual sources are compromised and continued functionality for older devices. The described techniques can be implemented by operating system providers and/or device manufacturers, and as part of a multi-device identity broker service.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Krahn, Darren, "Strengthening On-Device Trust Anchors with Rotation and Multiple Sources", Technical Disclosure Commons, (October 31, 2025)
https://www.tdcommons.org/dpubs_series/8814