Protecting sensitive information using an untrusted device

Assignee

• International Business Machines Corporation · US

Inventors

• Qining Li · Beijing, CN
• Xi Wang · Shenyang, CN
• Yan Yan · Shanghai, CN
• Zhen Xiang Yang · Beijing, CN
• Shiwan Zhao · Beijing, CN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/083
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

The invention relates to information processing field, and discloses a method for protecting sensitive information, comprising: determining that the sensitive information is required by a server; transmitting first information to a trusted device connected to the untrusted device, where the first information enables the sensitive information to be transmitted from the trusted device to the server, wherein the sensitive information is input on the trusted device; receiving second information transmitted by the trusted device, the second information is generated based on the first information and includes the sensitive information encrypted with a first secret key, wherein the first secret key meets one of the following: the untrusted device does not know the first secret key; the untrusted device knows the first secret key but is unable to use the first secret key to decrypt the encrypted sensitive information; forwarding the second information to the server.