The PID and PPS are made up of ASCII codes of some combination of characters – capital alphabet characters (A–Z), and numbers (0–9).
• The PID is an eight character entry of the form: XXXX-XXXC (where "C" is the CRC of the preceding characters) and is sent in the open.
• The PPS is a thirty-two character quantity of the form:
XXXC-XXXC-XXXC-XXXC-XXXC-XXXC-XXXC-XXXC (where "C" is the CRC of the preceding characters) and is a secret shared between the Intel AMT device and the SCA.
When the PID and PPS are entered via the MEBx sub menu/USB key, the firmware checks for checksum characters embedded in the values. The last character of the PID is expected to be a checksum of the previous seven characters, and the fourth character in each group of four characters in the PPS is expected to be a checksum of the previous three characters. This check is made to reduce the possibility of operator error when entering these values.
The checksum calculation is the sum of the characters modulo 0x24 + 0x30 if the result is 0x0 to 0x9 or + 0x37 if the result is 0xA to 0x23.
This is an example of a PID-PPS pair:
• PID: 0000-037M
• PPS: NKLD-G5DC-RRNQ-E9YZ-ZIJL-7LFL-VJED-69XJ
Using the PID from the example:
• 0x30+0x30+0x30+0x30+0x30+0x33+0x37 = 0x15A.
• 0x15A modulo 0x24 = 0x16. This is greater than 0x9, so add 0x37 to get 0x4D, which is an ASCII M.
Using the first group of the PPS from the example:
• 0x4E+0x4B+0x4C = 0xE5.
• 0xE5 modulo 0x24 = 0xD. Adding 0x37 yields 0x44, which is an ASCII D.
Use a more robust random number generator than the one used in the example.
Copyright © 2006-2022, Intel Corporation. All rights reserved.