WO2002008875A3 - Unified trust model providing secure identification, authentication and validation of physical products and entities, and processing, storage, and exchange of information - Google Patents

Unified trust model providing secure identification, authentication and validation of physical products and entities, and processing, storage, and exchange of information Download PDF

Info

Publication number
WO2002008875A3
WO2002008875A3 PCT/US2001/023398 US0123398W WO0208875A3 WO 2002008875 A3 WO2002008875 A3 WO 2002008875A3 US 0123398 W US0123398 W US 0123398W WO 0208875 A3 WO0208875 A3 WO 0208875A3
Authority
WO
WIPO (PCT)
Prior art keywords
keys
teis
output values
values
input seed
Prior art date
Application number
PCT/US2001/023398
Other languages
French (fr)
Other versions
WO2002008875A2 (en
Inventor
Allen Salomon
Roland Trinka
Original Assignee
Authentisure Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Authentisure Inc filed Critical Authentisure Inc
Priority to AU2001277170A priority Critical patent/AU2001277170A1/en
Publication of WO2002008875A2 publication Critical patent/WO2002008875A2/en
Publication of WO2002008875A3 publication Critical patent/WO2002008875A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Input From Keyboards Or The Like (AREA)
  • Storage Device Security (AREA)

Abstract

A security infrastructure is described that enables a high secure, dynamic, robust, and extensible security infrastructure. The security infrastructure uses integrated circuits (TEIs) that generate a unique set of output values in response to receiving a given set of 'input seed values'. The particular output values generated by a TEI in response to input seed values cannot, for all practical purposes, be predicted. 'Trusted Objects' (TOs) are data structures that are encrypted using keys generated from the unique set of output values generated by one or mroe TEIs in response to input seed values applied to those TEIs. The keys are formed using a key generation process that computes keys from the TEI output values. Thus, the keys may be regenerated by later applying the same input seed values to the TEIs, and applying the resultant output values to the key generation process to reproduce the original keys.
PCT/US2001/023398 2000-07-25 2001-07-25 Unified trust model providing secure identification, authentication and validation of physical products and entities, and processing, storage, and exchange of information WO2002008875A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001277170A AU2001277170A1 (en) 2000-07-25 2001-07-25 Unified trust model providing secure identification, authentication and validation of physical products and entities, and processing, storage, and exchange of information

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US22122100P 2000-07-25 2000-07-25
US60/221,221 2000-07-25

Publications (2)

Publication Number Publication Date
WO2002008875A2 WO2002008875A2 (en) 2002-01-31
WO2002008875A3 true WO2002008875A3 (en) 2003-05-30

Family

ID=22826889

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/023398 WO2002008875A2 (en) 2000-07-25 2001-07-25 Unified trust model providing secure identification, authentication and validation of physical products and entities, and processing, storage, and exchange of information

Country Status (2)

Country Link
AU (1) AU2001277170A1 (en)
WO (1) WO2002008875A2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2008306327B2 (en) 2007-10-04 2014-05-15 Roche Innovation Center Copenhagen A/S Micromirs

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0537925A1 (en) * 1991-10-15 1993-04-21 News Datacom Ltd. File-secure computer system
US5818738A (en) * 1987-10-30 1998-10-06 Gao Gesellschaft Fur Automation Und Organisation Mgh Method for testing the authenticity of a data carrier having an integrated circuit
US5963646A (en) * 1997-03-10 1999-10-05 The Pacid Group Secure deterministic encryption key generator system and method
DE19843424A1 (en) * 1998-09-22 2000-03-23 Fraunhofer Ges Forschung Smart card device for delivering output data in response to input data and providing proof of authenticity uses operating data to influence algorithm used to generate output data
US6047068A (en) * 1995-09-19 2000-04-04 Schlumberger Industries Method for determining an encryption key associated with an integrated circuit

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5818738A (en) * 1987-10-30 1998-10-06 Gao Gesellschaft Fur Automation Und Organisation Mgh Method for testing the authenticity of a data carrier having an integrated circuit
EP0537925A1 (en) * 1991-10-15 1993-04-21 News Datacom Ltd. File-secure computer system
US6047068A (en) * 1995-09-19 2000-04-04 Schlumberger Industries Method for determining an encryption key associated with an integrated circuit
US5963646A (en) * 1997-03-10 1999-10-05 The Pacid Group Secure deterministic encryption key generator system and method
DE19843424A1 (en) * 1998-09-22 2000-03-23 Fraunhofer Ges Forschung Smart card device for delivering output data in response to input data and providing proof of authenticity uses operating data to influence algorithm used to generate output data

Also Published As

Publication number Publication date
WO2002008875A2 (en) 2002-01-31
AU2001277170A1 (en) 2002-02-05

Similar Documents

Publication Publication Date Title
Bird et al. The kryptoknight family of light-weight protocols for authentication and key distribution
WO2002039237A3 (en) Method and system for web-based cross-domain single-sign-on authentication
MY128376A (en) Authentication of date transmitted in a digital transmission system
WO1999016031A3 (en) Method and apparatus for asymmetric key management in a cryptographic system
WO2003021541A3 (en) System and method of authenticating an article
NO20005894L (en) Robust, efficient, distributed generation of RSA keys
WO2004010271A3 (en) System and method for the transmission, storage and retrieval of authenticated documents
WO2002073378A3 (en) Receiving device for securely storing a content item, and playback device
CA2174260A1 (en) Key agreement and transport protocol
WO2001078298A8 (en) Information processing system and method
WO1998045980A3 (en) Secure deterministic encryption key generator system and method
AU2001262803A1 (en) Certification method using variable encryption key system based on encryption key of certification medium and inherent information of computer hardware, and certification medium for storing the same and indicating effective term and authorization thereof
HUP0400771A2 (en) Method for enabling pki functions in a smart card
WO2002013444A3 (en) Trusted authentication digital signature (tads) system
MY125905A (en) Electronic access control system and method
HK1037415A1 (en) Method for authenicating a chip card in a message transmission network.
WO2002073377A3 (en) Authorisation method for a user of a limited access system having an authorisation centre
WO2002101490A3 (en) Cryptographic trust zones in digital rights management
WO2003025722A3 (en) Virus detection system
AU5817600A (en) Methods and arrangements for secure linking of entity authentication and ciphering key generation
KR20070032765A (en) An Information Processing Method and Recording Media
EP0936776A3 (en) A network system using a threshold secret sharing method
CA2373787A1 (en) Self authentication ciphertext chaining
TW357526B (en) Improved generation of encryption key
CA2323844A1 (en) An electronic security key for enabling electronic coin acceptors and the like

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP