CA2371137A1 - Secure distribution and protection of encryption key information - Google Patents

Secure distribution and protection of encryption key information Download PDF

Info

Publication number
CA2371137A1
CA2371137A1 CA002371137A CA2371137A CA2371137A1 CA 2371137 A1 CA2371137 A1 CA 2371137A1 CA 002371137 A CA002371137 A CA 002371137A CA 2371137 A CA2371137 A CA 2371137A CA 2371137 A1 CA2371137 A1 CA 2371137A1
Authority
CA
Canada
Prior art keywords
protecting circuit
key
certificate
cert
encryption key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CA002371137A
Other languages
French (fr)
Other versions
CA2371137C (en
Inventor
Jan Olof Nordenstam
Allan Hansson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Telefonaktiebolaget LM Ericsson AB
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of CA2371137A1 publication Critical patent/CA2371137A1/en
Application granted granted Critical
Publication of CA2371137C publication Critical patent/CA2371137C/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Abstract

The invention relates to secure distribution of a private key (K) from a distributing unit (1) to a receiving unit (2), and is based on providing each of the distributing unit and the receiving unit which a protecting circuit holding an original private key unique for the protecting circuit. The protecting circuit (20) of the receiving unit (2) is associated with a certificate (CERT 2) holding information on the type of the protecting circuit. The protecting circuit (10) of the distributing unit requests this certificate to verify the authenticity by using a public key, of a certificate authority, stored in the protecting circuit (10). Next, the protecting circuit (10) determines, based on the type information of the certificate, whether the protecting circuit (20) of the receiving unit represents a type of circuit that is acceptable for protecting the private key (K) to be distributed. If the protecting circuit is found to be acceptable, the private key is encrypted and transmitted thereto. The received key is decrypted and stored in the protecting circuit of the receiving unit. In this manner, the private key is protected during transfer and may be distributed to and securely protected in one or more receiving units.

Claims (22)

1. A key distributing system comprising a distributing unit (1) and a receiving unit (2) interconnected by a communication link (3), said distributing unit (1) having encryption key information (K) to be distributed to said receiving unit (2), wherein:
said distributing unit (1) includes a first protecting circuit (10) holding a public key of a trusted certificate authority;
said receiving unit (2) includes a second protecting circuit (20) holding an original private key (PRIVATE KEY 2) unique for said second protecting circuit, said second protecting circuit being associated with a certificate (CERT 2) that includes information on the type of said second protecting circuit (20);
said first protecting circuit (10) includes:
- means for requesting the certificate (CERT 2) of said second protecting circuit;
- means (13) for determining, by means of the public key of said certificate authority, whether the requested certificate (CERT 2) is authentic;
- means (13) for determining based on the type information of said certificate (CERT 2) whether said second protecting circuit (20) represents one of a number of predetermined types of circuits that are acceptable for protecting said encryption key information (K), provided said certificate (CERT
2) is determined to be authentic;
- means (12) for encrypting said encryption key information (K) provided said second protecting circuit is determined to be acceptable; and - means (15) for transmitting said encrypted encryption key information (K) to said second protecting circuit (20) via said communication link (3); and said second protecting circuit (20) includes:
- means (22) for decrypting said encrypted encryption key information (K); and - means (21) for storing said encryption key information (K).

2. A key distribution system according to claim 1, wherein said encrypting means (12) encrypts said encryption key information (K) by the public key comprised in the requested certificate (CERT 2) of said second protecting circuit (20), and said decrypting means (22) decrypts said encrypted encryption key information (K) by the private key (PRIVATE KEY 2) of said second protecting circuit (20).
3. A key distribution system according to claim 1, wherein said first protecting circuit (10) holds an original private key (PRIVATE KEY 1) unique for said first protecting circuit, and is associated with a certificate (CERT
1) that includes a public key of said first protecting circuit (10);
said second protecting circuit (20) comprises means for requesting the certificate (CERT 1) of said first protecting circuit (10) and further holds a public key of a trusted certificate authority for verifying that the requested certificate (CERT 1) is authentic;
said encrypting means (12) two-way encrypts said encryption key information (K) by the public key comprised in the requested certificate (CERT
2) of said second protecting circuit (20) and the private key (PRIVATE KEY 1) of said first protecting circuit (10); and said decrypting means (22) two-way decrypts said encrypted encryption key information (K) by the public key comprised in the requested certificate (CERT 1) of said first protecting circuit (10) and the private key (PRIVATE
KEY
2) of said second protecting circuit (20).
4. A key distribution system according to claim 1, wherein said encryption key information (K) comprises a private key or a representation thereof.
5. A key distribution system according to claim 4, wherein a certificate (C) associated with said private key is transferred from said distributing unit (1) to said receiving unit (2).
6. A key distribution system according to claim 1, wherein each one of said acceptable types of circuits handles said encryption key according to a number of predetermined rules.
7. A key distribution system according to claim 1, wherein an acceptable type of circuit holds said encryption key information (K) within the protecting circuit.
8. A key distribution system according to claim 7, wherein an acceptable type of circuit further deletes the encryption key information (K) stored therein if it receives a delete request from the unit that distributed the encryption key information.
9. A key distribution system according to claim 1, wherein said encryption key information (K) comprises a symmetric key, and said first protecting circuit (10) includes:
- means (12) for encrypting a private key by said symmetric key; and - means (15) for transmitting said symmetrically encrypted private key to said second protecting circuit (20); and said second protecting circuit (20) includes:
- means (22) for decrypting said symmetrically encrypted private key by said symmetric key; and - means (21) for storing said private key.
10. A key distribution system according to claim 3, wherein said second protecting circuit (20) further comprises:
means (21) for storing the certificate (CERT 1) of said first protecting circuit (10) provided the certificate is verified as authentic; and means for deleting the encryption key information (K) stored therein in response to a delete request signed by the private key (PRIVATE KEY 1) of the first protecting circuit (10), said delete request being authenticated by means of the public key comprised in the stored certificate (CERT 1).
11. A key distribution system according to claim 1, wherein said first protecting circuit (10) has an engine (12) for asymmetric cryptography and a persistent memory (11) for storing the encryption key information (K) to be distributed, the public key of said trusted certificate authority, as well as an original private key (PRIVATE KEY 1) unique for said first protecting circuit (10).
12. A key distribution system according to claim 1, wherein said second protecting circuit (20) has an engine (22) for asymmetric cryptography and a persistent memory (21) for storing the private key (PRIVATE KEY 2) of said second protecting circuit, the received encryption key information (K), as well as a public key of a trusted certificate authority.
13. A key distribution system according to claim 1, wherein the requested certificate (CERT 2) of said second protecting circuit (20) is stored in said key distributing unit (1).
14. A key distribution system according to claim 1, wherein the certificate (CERT 2) of said second protecting circuit (20) has information on the identify of the second protecting circuit, and said key distributing unit (1) stores the identity of said second protecting circuit (20).
15. A method for protected distribution of encryption key information (K) from a key distributing unit (1) to a key receiving unit (2) via a communication link (3), comprising the steps of:
providing said distributing unit (1) with a first protecting circuit (10) holding a public key of a trusted certificate authority;
providing said receiving unit (2) with a second protecting circuit (20) holding an original private key (PRIVATE KEY 2) unique for said second protecting circuit;

associating said second protecting circuit (20) of said receiving unit (2) with a certificate (CERT 2) having information on the type of said second protecting circuit (20);

said first protecting circuit (10) requesting the certificate (CERT 2) of said second protecting circuit (20), and determining, by using the public key of said certificate authority, whether the requested certificate (CERT 2) is authentic, and determining, based on the type information of said certificate (CERT 2), whether said second protecting circuit (20) represents a type of circuit that is acceptable for protecting said encryption key information (K);
provided said requested certificate (CERT 2) is determined to be authentic and said second protecting circuit (20) is determined to be acceptable:
encrypting said encryption key information (K) in said first protecting circuit (10);
transmitting said encrypted encryption key information (K) from said first protecting circuit (10) to said second protecting circuit (20) via said communication link (3);
decrypting said encrypted encryption key information (K) in said second protecting circuit (20); and storing said encryption key information (K) in said second protecting circuit (20).
16. A method according to claim 15, wherein said encryption key information (K) is encrypted by the public key comprised in the requested certificate (CERT
2) of said second protecting circuit (20), and said encrypted encryption key information (K) is decrypted by the private key (PRIVATE KEY 2) of said second protecting circuit (20).
17. A method according to claim 15, wherein said first protecting circuit ( 10) holds an original private key (PRIVATE KEY 1) unique for said first protecting circuit, and is associated with a certificate (CERT 1) that includes a public key of said first protecting circuit;

said second protecting circuit (20) requests the certificate (CERT 1) of said first protecting circuit (10), and further holds a public key of a trusted certificate authority for verifying that the requested certificate (CERT 1) is authentic;
said encryption key information (K) is two-way encrypted by the public key comprised in the certificate (CERT 2) of said second protecting circuit (20) and the private key (PRIVATE KEY 1) of said first protecting circuit (10); and said encrypted encryption key information (K) is two-way decrypted by the public key comprised in the certificate (CERT 1) of said first protecting circuit (10) and the private key (PRIVATE KEY 2) of said second protecting circuit (20).
18. A method according to claim 15, wherein said encryption key information (K) comprises a private key or a representation thereof.
19. A method according to claim 15, wherein an acceptable type of circuit handles said encryption key according to a number of predetermined rules.
20. A method according to claim 15, wherein an acceptable type of circuit holds said encryption key information (K) within the protecting circuit.
21. A method according to claim 17, wherein said second protecting circuit stores the certificate (CERT 1) of said first protecting circuit (10) provided the certificate is verified as authentic, and deletes the encryption key information (K) stored therein in response to a delete request signed by the private key (PRIVATE KEY 1) of said first protecting circuit (10), said delete request being authenticated by means of the public key comprised in the stored certificate (CERT 1).
22. A method according to claim 15, wherein said encryption key information (K) comprises a symmetric encryption key, which is subsequently used for securely distributing a private asymmetric encryption key from said first protecting circuit (10) to said second protecting circuit (20).
CA2371137A 1999-05-07 2000-03-20 Secure distribution and protection of encryption key information Expired - Lifetime CA2371137C (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
SE9901671A SE514105C2 (en) 1999-05-07 1999-05-07 Secure distribution and protection of encryption key information
SE9901671-9 1999-05-07
PCT/SE2000/000537 WO2000069113A1 (en) 1999-05-07 2000-03-20 Secure distribution and protection of encryption key information

Publications (2)

Publication Number Publication Date
CA2371137A1 true CA2371137A1 (en) 2000-11-16
CA2371137C CA2371137C (en) 2010-05-18

Family

ID=20415516

Family Applications (1)

Application Number Title Priority Date Filing Date
CA2371137A Expired - Lifetime CA2371137C (en) 1999-05-07 2000-03-20 Secure distribution and protection of encryption key information

Country Status (9)

Country Link
US (1) US6711263B1 (en)
EP (1) EP1198922B1 (en)
JP (1) JP4638990B2 (en)
AU (1) AU4156000A (en)
BR (1) BR0010364A (en)
CA (1) CA2371137C (en)
DE (1) DE60023705T2 (en)
SE (1) SE514105C2 (en)
WO (1) WO2000069113A1 (en)

Families Citing this family (91)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4359974B2 (en) * 1999-09-29 2009-11-11 富士ゼロックス株式会社 Access authority delegation method
KR20010096814A (en) * 2000-04-14 2001-11-08 홍기융 Digital Signature Certificate Based Security Kernel Method for File System Protection
FI109253B (en) * 2000-08-22 2002-06-14 Smarttrust Systems Oy Verified identity chain
CA2324772A1 (en) * 2000-10-30 2002-04-30 Ivi Checkmate Corp. Security arrangement for exchange of encrypted information
CN1270469C (en) * 2000-11-28 2006-08-16 纳格拉影像股份有限公司 Transaction certification
WO2002065694A1 (en) * 2001-02-12 2002-08-22 Accelerated Encryption Processing Limited A key management system and method
EP1249964A3 (en) * 2001-04-12 2004-01-07 Matsushita Electric Industrial Co., Ltd. Reception terminal, key management apparatus, and key updating method for public key cryptosystem
US7376234B1 (en) * 2001-05-14 2008-05-20 Hand Held Products, Inc. Portable keying device and method
JP4913954B2 (en) * 2001-05-24 2012-04-11 キヤノン株式会社 Wireless communication system, communication device, and wireless communication method
US20020186845A1 (en) * 2001-06-11 2002-12-12 Santanu Dutta Method and apparatus for remotely disabling and enabling access to secure transaction functions of a mobile terminal
US6944300B2 (en) * 2001-06-22 2005-09-13 International Business Machines Corporaton Method for migrating a base chip key from one computer system to another
US6983364B2 (en) * 2001-06-29 2006-01-03 Hewlett-Packard Development Company, Lp. System and method for restoring a secured terminal to default status
CN103178963A (en) * 2001-07-16 2013-06-26 捷讯研究有限公司 System and method for supporting multiple certificate authorities on a mobile communication device
US7320033B2 (en) * 2001-07-27 2008-01-15 Intel Corporation Dynamic local drive and printer sharing
US7200747B2 (en) * 2001-10-31 2007-04-03 Hewlett-Packard Development Company, L.P. System for ensuring data privacy and user differentiation in a distributed file system
US20030087601A1 (en) * 2001-11-05 2003-05-08 Aladdin Knowledge Systems Ltd. Method and system for functionally connecting a personal device to a host computer
US7051932B2 (en) * 2001-12-26 2006-05-30 Vivotech, Inc. Adaptor for magnetic stripe card reader
US20040159700A1 (en) * 2001-12-26 2004-08-19 Vivotech, Inc. Method and apparatus for secure import of information into data aggregation program hosted by personal trusted device
US7127428B2 (en) 2002-05-13 2006-10-24 Thomson Licensing Dynamic business relationship establishment in a public wireless LAN environment
US6954793B2 (en) 2002-05-13 2005-10-11 Thomson Licensing S.A. Pre-paid data card authentication in a public wireless LAN access system
US6725044B2 (en) 2002-08-15 2004-04-20 Thomson Licensing S.A. Technique seamless handoff of a mobile terminal user from a wireless telephony network to a wireless LAN
US7330448B2 (en) 2002-08-21 2008-02-12 Thomson Licensing Technique for managing quality of services levels when interworking a wireless local area network with a wireless telephony network
US7494055B2 (en) * 2002-09-17 2009-02-24 Vivotech, Inc. Collaborative negotiation techniques for mobile personal trusted device financial transactions
DE10255081A1 (en) * 2002-11-20 2004-06-17 Fetin Canoglu Arrangement for secure data transmission has electronic arithmetic unit, read-only memory in which private key for asymmetrical encoding is placed, additional memory units for address information
US7370212B2 (en) 2003-02-25 2008-05-06 Microsoft Corporation Issuing a publisher use license off-line in a digital rights management (DRM) system
CA2724292C (en) 2003-05-30 2014-09-30 Privaris, Inc. An in-circuit security system and methods for controlling access to and use of sensitive data
US7376834B2 (en) * 2003-07-18 2008-05-20 Palo Alto Research Center Incorporated System and method for securely controlling communications
US20050070248A1 (en) * 2003-09-29 2005-03-31 Neeraj Gaur Method and system for maintaining media objects when switching mobile devices
US7802085B2 (en) 2004-02-18 2010-09-21 Intel Corporation Apparatus and method for distributing private keys to an entity with minimal secret, unique information
US8296573B2 (en) * 2004-04-06 2012-10-23 International Business Machines Corporation System and method for remote self-enrollment in biometric databases
US8015393B2 (en) * 2004-04-12 2011-09-06 Canon Kabushiki Kaisha Data processing device, encryption communication method, key generation method, and computer program
US20060242406A1 (en) 2005-04-22 2006-10-26 Microsoft Corporation Protected computing environment
US7697691B2 (en) * 2004-07-14 2010-04-13 Intel Corporation Method of delivering Direct Proof private keys to devices using an on-line service
US8156339B2 (en) * 2004-07-21 2012-04-10 Sanyo Electric Co., Ltd. Method for transmission/reception of contents usage right information in encrypted form, and device thereof
US20060046692A1 (en) * 2004-08-26 2006-03-02 Jelinek Lenka M Techniques for establishing secure electronic communication between parties using wireless mobile devices
US7596690B2 (en) 2004-09-09 2009-09-29 International Business Machines Corporation Peer-to-peer communications
US7433473B2 (en) * 2004-09-10 2008-10-07 Nagracard S.A. Data transmission method between a broadcasting center and a multimedia unit
US7818574B2 (en) * 2004-09-10 2010-10-19 International Business Machines Corporation System and method for providing dynamically authorized access to functionality present on an integrated circuit chip
US8160244B2 (en) * 2004-10-01 2012-04-17 Broadcom Corporation Stateless hardware security module
US20060072748A1 (en) * 2004-10-01 2006-04-06 Mark Buer CMOS-based stateless hardware security module
US7493487B2 (en) * 2004-10-15 2009-02-17 Microsoft Corporation Portable computing environment
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US8176564B2 (en) * 2004-11-15 2012-05-08 Microsoft Corporation Special PC mode entered upon detection of undesired state
US8464348B2 (en) * 2004-11-15 2013-06-11 Microsoft Corporation Isolated computing environment anchored into CPU and motherboard
US8336085B2 (en) * 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
US20060106920A1 (en) * 2004-11-15 2006-05-18 Microsoft Corporation Method and apparatus for dynamically activating/deactivating an operating system
US8924728B2 (en) * 2004-11-30 2014-12-30 Intel Corporation Apparatus and method for establishing a secure session with a device without exposing privacy-sensitive information
KR100636228B1 (en) * 2005-02-07 2006-10-19 삼성전자주식회사 Method for key-managing using hierarchical node topology and method for registering/deregistering a user using the same
US20060205449A1 (en) * 2005-03-08 2006-09-14 Broadcom Corporation Mechanism for improved interoperability when content protection is used with an audio stream
US20060203106A1 (en) * 2005-03-14 2006-09-14 Lawrence Joseph P Methods and apparatus for retrieving data captured by a media device
US8438645B2 (en) * 2005-04-27 2013-05-07 Microsoft Corporation Secure clock with grace periods
US8725646B2 (en) 2005-04-15 2014-05-13 Microsoft Corporation Output protection levels
US9436804B2 (en) 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US20060265758A1 (en) 2005-05-20 2006-11-23 Microsoft Corporation Extensible media rights
US8095960B2 (en) * 2005-11-21 2012-01-10 Novell, Inc. Secure synchronization and sharing of secrets
US7894606B2 (en) * 2005-11-28 2011-02-22 Panasonic Electric Works Co., Ltd. Systems and methods for facilitating secure key distribution to an embedded device
US7499552B2 (en) 2006-01-11 2009-03-03 International Business Machines Corporation Cipher method and system for verifying a decryption of an encrypted user data key
US8014530B2 (en) 2006-03-22 2011-09-06 Intel Corporation Method and apparatus for authenticated, recoverable key distribution with no database secrets
US20070234033A1 (en) * 2006-03-28 2007-10-04 Bade Steven A Method for establishing secure distributed cryptographic objects
US8397083B1 (en) 2006-08-23 2013-03-12 Netapp, Inc. System and method for efficiently deleting a file from secure storage served by a storage system
DE102006044322A1 (en) 2006-09-18 2008-03-27 Bundesdruckerei Gmbh Document personalization method, cryptographic system, personalization system and document
US7992209B1 (en) 2007-07-19 2011-08-02 Owl Computing Technologies, Inc. Bilateral communication using multiple one-way data links
US20090085761A1 (en) * 2007-09-28 2009-04-02 Broadcom Corporation System and Method for Identifying Attempts to Tamper with a Terminal Using Geographic Position Data
US20100045425A1 (en) * 2008-08-21 2010-02-25 Chivallier M Laurent data transmission of sensors
US9031876B2 (en) * 2009-06-19 2015-05-12 Hewlett-Packard Development Company, L.P. Managing keys for encrypted shared documents
EP2337299A1 (en) * 2009-12-18 2011-06-22 Alcatel Lucent A method, a first user equipment, a second user equipment, a computer program and a computer program product
EP2556596B1 (en) 2010-04-05 2018-05-23 Mastercard International Incorporated Systems, methods, and computer readable media for performing multiple transactions through a single near field communication (nfc) tap
US9525548B2 (en) 2010-10-21 2016-12-20 Microsoft Technology Licensing, Llc Provisioning techniques
US8799087B2 (en) 2010-10-27 2014-08-05 Mastercard International Incorporated Systems, methods, and computer readable media for utilizing one or more preferred application lists in a wireless device reader
US8805434B2 (en) 2010-11-23 2014-08-12 Microsoft Corporation Access techniques using a mobile communication device
US20120143769A1 (en) * 2010-12-02 2012-06-07 Microsoft Corporation Commerce card
US9509686B2 (en) 2010-12-03 2016-11-29 Microsoft Technology Licensing, Llc Secure element authentication
US9026805B2 (en) 2010-12-30 2015-05-05 Microsoft Technology Licensing, Llc Key management using trusted platform modules
US8724812B2 (en) * 2010-12-31 2014-05-13 Motorola Solutions, Inc. Methods for establishing a secure point-to-point call on a trunked network
FI20115945A0 (en) * 2011-09-28 2011-09-28 Onsun Oy payment
JP5922419B2 (en) * 2012-01-31 2016-05-24 株式会社東海理化電機製作所 Wireless communication system
US9008316B2 (en) * 2012-03-29 2015-04-14 Microsoft Technology Licensing, Llc Role-based distributed key management
US9094205B2 (en) * 2012-08-31 2015-07-28 Freescale Semiconductor, Inc. Secure provisioning in an untrusted environment
US9100189B2 (en) 2012-08-31 2015-08-04 Freescale Semiconductor, Inc. Secure provisioning in an untrusted environment
US9100174B2 (en) 2012-08-31 2015-08-04 Freescale Semiconductor, Inc. Secure provisioning in an untrusted environment
US9129536B2 (en) 2012-08-31 2015-09-08 Freescale Semiconductor, Inc. Circuit for secure provisioning in an untrusted environment
US9270468B2 (en) * 2013-05-29 2016-02-23 GM Global Technology Operations LLC Methods to improve secure flash programming
US9235714B1 (en) 2013-11-12 2016-01-12 Amazon Technologies, Inc. Preventing persistent storage of cryptographic information using signaling
US9231923B1 (en) 2013-11-12 2016-01-05 Amazon Technologies, Inc. Secure data destruction in a distributed environment using key protection mechanisms
US10223538B1 (en) 2013-11-12 2019-03-05 Amazon Technologies, Inc. Preventing persistent storage of cryptographic information
US9430658B2 (en) 2014-12-16 2016-08-30 Freescale Semiconductor, Inc. Systems and methods for secure provisioning of production electronic circuits
JP6641241B2 (en) 2016-07-04 2020-02-05 株式会社日立製作所 Information sharing system, computer, and information sharing method
US10680804B2 (en) * 2017-09-27 2020-06-09 Salesforce.Com, Inc. Distributed key caching for encrypted keys
US11496299B2 (en) * 2019-06-18 2022-11-08 Thales Dis Cpl Usa, Inc. Method and chip for authenticating to a device and corresponding authentication device and system
US20220382851A1 (en) * 2019-11-06 2022-12-01 Washington University Public key encryption using self powered timers

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02184882A (en) * 1989-01-11 1990-07-19 Hitachi Ltd Method for administrating public key of public key cipher
JP2869165B2 (en) * 1990-08-06 1999-03-10 株式会社エヌ・ティ・ティ・データ Method of transferring confidential data using IC card
GB9104909D0 (en) * 1991-03-08 1991-04-24 Int Computers Ltd Access control in a distributed computer system
US5200999A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Public key cryptosystem key management based on control vectors
DE69311581T2 (en) * 1993-07-27 1997-12-11 Ibm METHOD AND SYSTEM FOR AUTHENTICATED SECURE KEY DISTRIBUTION IN A COMMUNICATION SYSTEM
CA2149744C (en) * 1993-11-08 1999-03-16 Erwin W. Bathrick Protected distribution protocol for keying and certificate material
US5481613A (en) * 1994-04-15 1996-01-02 Northern Telecom Limited Computer network cryptographic key distribution system
US5517567A (en) * 1994-08-23 1996-05-14 Daq Electronics Inc. Key distribution system
CA2683230C (en) * 1995-02-13 2013-08-27 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US5559889A (en) 1995-03-31 1996-09-24 International Business Machines Corporation System and methods for data encryption using public key cryptography
US5781723A (en) 1996-06-03 1998-07-14 Microsoft Corporation System and method for self-identifying a portable information device to a computing unit
JPH1056447A (en) * 1996-08-12 1998-02-24 Nippon Telegr & Teleph Corp <Ntt> Information ciphering provision method by asymmetrical network system
JPH1165443A (en) * 1997-08-14 1999-03-05 N T T Data:Kk Management element system for individual authentication information
JP2000069568A (en) * 1998-08-20 2000-03-03 Kodo Ido Tsushin Security Gijutsu Kenkyusho:Kk Method for revising cryptographic key in charging state

Also Published As

Publication number Publication date
JP2002544712A (en) 2002-12-24
JP4638990B2 (en) 2011-02-23
US6711263B1 (en) 2004-03-23
WO2000069113A1 (en) 2000-11-16
DE60023705T2 (en) 2006-07-20
AU4156000A (en) 2000-11-21
CA2371137C (en) 2010-05-18
DE60023705D1 (en) 2005-12-08
EP1198922B1 (en) 2005-11-02
SE514105C2 (en) 2001-01-08
SE9901671L (en) 2000-11-08
BR0010364A (en) 2002-02-13
EP1198922A1 (en) 2002-04-24
SE9901671D0 (en) 1999-05-07

Similar Documents

Publication Publication Date Title
CA2371137A1 (en) Secure distribution and protection of encryption key information
EP0755598B1 (en) Computer network cryptographic key distribution system
US7688975B2 (en) Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure
US8239676B2 (en) Secure proximity verification of a node on a network
KR102020898B1 (en) Session key establishment method based on trusted execution environment
CN101515319B (en) Cipher key processing method, cipher key cryptography service system and cipher key consultation method
CN101464932B (en) Cooperation method and system for hardware security units, and its application apparatus
KR100493291B1 (en) Copy protection method and system for digital media
CA2149744C (en) Protected distribution protocol for keying and certificate material
JPH06223041A (en) Rarge-area environment user certification system
CN101465732B (en) Method and terminal for ensuring digital certificate safety
JP4283699B2 (en) Content transfer control device, content distribution device, and content reception device
JP2003529253A (en) Method and apparatus for approving and revoking credentials in a multi-level content distribution system
CN112565294B (en) Identity authentication method based on block chain electronic signature
US11265154B2 (en) Network device and trusted third party device
KR20050065978A (en) Method for sending and receiving using encryption/decryption key
US8161565B1 (en) Key release systems, components and methods
JP3327368B2 (en) User password authentication method
CN113886781B (en) Multi-authentication encryption method, system, electronic device and medium based on block chain
KR101992325B1 (en) Session key establishment method based on elliptic curve cryptography using trusted execution environment
JP3137105B2 (en) User authentication and key sharing method
JP3931497B2 (en) Information transfer system
CN114616794A (en) Method and system for licensing and key delivery for sensors and receivers
WO2023043793A1 (en) System and method of creating symmetric keys using elliptic curve cryptography
CN115982776A (en) Data encryption protection method and system for block chain

Legal Events

Date Code Title Description
EEER Examination request
MKEX Expiry

Effective date: 20200320