Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
Announcements
The Intel sign-in experience has changed to support enhanced security controls. If you sign in, click here for more information.
2706 Discussions

Identity Protection Technology - technical specification?

idata
Employee
‎03-14-2011 07:41 AM
1,330 Views

Hi,

I have read this interesting blog post by Bruno

/community/openportit/vproexpert/blog/2011/03/08/identity-protection-built-into-the-chip http://communities.intel.com/community/openportit/vproexpert/blog/2011/03/08/identity-protection-built-into-the-chip and several announcements from the INTEL newsroom about the Identity Protection Technology coming out now with the second generation of core i3/5/7 chips.

Until now I haven't found any exact technical specifications. It is said that IPT uses the same algorithms as for hardware tokens and also supports challenge response protocols.

My major question is however how does a website like ebay or paypal knows the secret with which this "hardware-token-on-a-chip" is initialized with. Is there some kind of central service providing this information for website owners?

Could someone please give a little more insight about that topic?

I appreciate any comments and information related to that topic.

Thanks for your help.

Regards,

Simon

0 Kudos

Link Copied

7 Replies
idata
Employee
‎03-21-2011 02:00 AM
291 Views

What happens if users share a PC? Is this possible or would they authenticate based on the same token seed?

0 Kudos
Copy link
Bruno_Domignues
Employee
‎04-15-2011 09:24 AM
291 Views
In response to idata

Hi,

Yes, you can share the PC, IPT was design to support multiples seeds, thus you use it with different provides and also with different users.

Best Regards!

--Bruno Domingues

In response to idata
0 Kudos
Copy link
Bruno_Domignues
Employee
‎04-15-2011 09:04 AM
291 Views

Hi,

Basically, the provisioning process is composed of 4 steps;

1. Client initialize the provisioning process using the selected ISV (i.e. actually, Symantec or VASCO);

2. Server receive the request and randomly generate OTP seed, encrypted with a pre-shared key (ISV server must contact an Intel Server to do it);

3. Client receive and ACK the OTP seed;

4. Server confirm the provisioning;

We can have variations of this model, but basically is the overall process of provisioning.

Best Regards!

-- Bruno

0 Kudos
Copy link
idata
Employee
‎04-25-2011 01:51 AM
291 Views

what kind of hardware, motherboard, cpu and setting needed in order Intel IPT to be function?

thanks,.

0 Kudos
Copy link
Bruno_Domignues
Employee
‎04-25-2011 07:29 AM
291 Views
In response to idata

I would recommend you read my blog post about this subject "/community/openportit/vproexpert/blog/2011/04/21/build-your-own-pc-with-identity-protection-technology-ipt-capable Build your own PC with Identity Protection Technology (IPT) capable"

Best Regards!

-- Bruno Domingues

In response to idata
0 Kudos
Copy link
idata
Employee
‎04-25-2011 08:37 PM
291 Views
In response to Bruno_Domignues

hardware..dq67ep and intel core i5 2400..

 

can successfully log into paypal account, after that click on VIP Access's 'I've Signed In"..error message showed that 'the security key is not available'

In response to Bruno_Domignues
0 Kudos
Copy link
idata
Employee
‎04-26-2011 01:49 AM
291 Views
In response to Bruno_Domignues

i've DQ67EP and i5 2400 3.1Ghz

installed VIP Access and Intel IPT.

login into paypal account and after clicked on VIP Access's "I've Signed In" , showed "the security key currently not available".

any thing i did wrong?

In response to Bruno_Domignues
0 Kudos
Copy link
Reply

For more complete information about compiler optimizations, see our Optimization Notice.