We propose minimalist new hardware additions to a micro- processor chip that protect cryptographic keys in portable computing devices which are used in the eld but owned by a central authority. Our authority-mode architecture has trust rooted in two critical secrets: a Device Root Key and a Storage Root Hash, initialized in the device by the trusted authority. Our architecture protects trusted software, bound to the device, which can use the root secrets to protect other sensitive information for many dierent usage scenarios. We describe a detailed usage scenario for crisis response, where rst responders are given transient access to third-party sen- sitive information which can be securely accessed during a crisis and reliably revoked after the crisis is over. We leverage the Concealed Execution Mode of our ear- lier user-mode SP (Secret-Protecting) architecture to pro- tect trusted code and its execution . We call our new ar- chitecture authority-mode SP since it shares the same archi- tectural lineage and the goal of minimalist hardware roots of trust. However, we completely change the key management hardware and software to enable new remote trust mecha- nisms that user-mode SP cannot support. In our new archi- tecture, trust is built on top of the shared root key which binds together the secrets, policy and trusted software on the device. As a result, the authority-mode SP architecture can be used to provide signicant new functionality including transient access to secrets with reliable revocation mecha- nisms, controlled transitive support for policy-controlled se- crets belonging to dierent organizations, and remote attes- tation and secure communications with the authority.