Method for securely creating, storing and using encryption keys in a computer system

Assignee

• COMPAQ Information Technologies Group, L.P. · US

Inventors

• Michael F. Angelo · Houston, US
• Peter Michels · Cypress, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F21/83
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A secure environment for entering and storing information necessary to conduct encryption processes. In a computer system according to the invention, session keys, passwords, and encryption algorithms are maintained in a secure memory space such as System Management Mode (SMM) memory. In one disclosed embodiment of the invention, a user password is entered via a secure keyboard channel. The password is maintained in a secure memory space that is not accessible during normal computer operation. In addition to the user password, optional node identification information is stored in secure memory. The node identification information is appended to the user password, and both are subsequently encrypted by an encryption algorithm and encryption keys that are also stored in secure memory. Following the encryption process, the encrypted password and node identification information are communicated directly from secure memory to network interface circuitry for communication over a network. In another disclosed embodiment of the invention, data entered in a secure manner is utilized as an encryption key (or to generate an encryption key) for securely encrypting packets of data prior to comm…