System and method to support varying maximum cryptographic strength for common data security architecture (CDSA) applications
US6715077B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Mar 22, 2000 |
| Grant date | Mar 30, 2004 |
| Priority date | — |
| Expiry date | Mar 22, 2020 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/0428
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
An Improved CDSA system (CDSA-I) includes a standard CDSA framework coupled via an Application Program Interface to an application requiring cryptographic support. During manufacture, a cryptographic control privilege is incorporated into the application, as part of an exemption mechanism, which exemption may or may not be enforced by the CDSA framework. For maximum cryptographic strength, an application must be signed by a private key controlled by the CDSA framework vendor. Inside the CDSA framework, the corresponding public key is used to verify at runtime those applications that were appropriately signed. The CDSA framework is coupled via a Service Provider Interface (SPI) to a plurality of pluggable modules for performing cryptographic operations, storing signed digital certificates for applications, and trust policies relating to cryptographic strengths. The framework is initialized to provide the cryptographic support for the application. The application requests a a crypto context representing the algorithm ID, key and key length from the CDSA framework at runtime to be used in subsequent API calls to the CDSA framework. The application requests a privilege status and the C…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.