Detection of invalid escrow keys

Assignee

• Microsoft Corporation · US

Inventors

• Venkataramann Renganathan · Sammamish, US
• Brian Carver · Kirkland, US
• Daniel B. Jump · Redmond, US
• David C. LeBlanc · Monroe, US
• Samuel Weiss · Cambridge, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L9/3263
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A secure hash, such as a Hash-based Message Authentication Code (“HMAC”), is generated using a piece of secret information (e.g., a secret key) and a piece of public information specific to each escrow key (e.g., a certificate hash or public key). Using the secret key ensures that escrow key validation data can only be generated by knowing the secret key, which prevents an attacker from generating the appropriate escrow key validation data. Using the certificate hash as the public data ties each escrow key validation data to a particular certificate, thereby preventing the attacker from simply copying the validation data from another escrow key. Any escrow key that is found to be invalid may be removed from the file container and a system audit log may be generated so that a company, individual, or other entity can be aware of the possible attempt at a security breach.