IMHO, the service provider is the last one that should ever be able to see the keys :-). It's them we want to keep sensitive data away from
Keys are injected into the HW with public-key encryption. This requires that the HW have keys that only the HW knows (it's secret key). This key is made by a weak PUF circuit, which is basically a circuit that measures silicon process variation. So the keys are born in the silicon fab, through the natural variability of the silicon fabrication process. I didn't invent this, it is an old idea. Intel SGX uses the same approach.
IMHO, the service provider is the last one that should ever be able to see the keys :-). It's them we want to keep sensitive data away from
Keys are injected into the HW with public-key encryption. This requires that the HW have keys that only the HW knows (it's secret key). This key is made by a weak PUF circuit, which is basically a circuit that measures silicon process variation. So the keys are born in the silicon fab, through the natural variability of the silicon fabrication process. I didn't invent this, it is an old idea. Intel SGX uses the same approach.