Method and apparatus for cryptographic key storage wherein key servers are authenticated by possession and secure distribution of stored keys
US8904180B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Oct 16, 2012 |
| Grant date | Dec 2, 2014 |
| Priority date | — |
| Expiry date | Oct 16, 2032 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L9/3228
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A key management system includes secured data stored on a first system secured by a control key stored securely on a key server. The secured data is secured against attacks such as unauthorized use, modification or access, where authorization to access the secured data is determined by knowledge of an access private key of an access key pair. When an authorized user is to access the secured data, the first system generates a request to the key server, signed with the access private key, wherein the request is for a decryption control key and the request includes a one-time public key of a key pair generated by the first system for the request. The first system can decrypt the decryption control key from the response, using a one-time private key. The first system can then decrypt the secured data with the decryption control key remaining secured in transport.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.