Cryptographic key distribution

US 10,554,392 B2
Filed: 04/20/2017
Issued: 02/04/2020
Est. Priority Date: 12/03/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

storing, in a first hardware security module, a fleet key that is replicated across a fleet of hardware security modules, and a domain key that is replicated across a subset of hardware security modules in the fleet of hardware security modules;

receiving encrypted cryptographic material, the encrypted cryptographic material encrypted with the domain key and then the fleet key;

decrypting a first portion of the encrypted cryptographic material with at least the fleet key and the domain key;

distributing updated cryptographic material that is cryptographically protected with the fleet key to the fleet of hardware security modules, the first hardware security module being able to access the updated cryptographic material as a result of being able to access the domain key and at least one other hardware security module not being able to access the updated cryptographic material as a result of not being able to access the domain key and storing the update cryptographic material; and

distributing the updated cryptographic material that is cryptographically protected with the fleet key to a second hardware security module outside the fleet of hardware security modules, where the second hardware security module maintains the updated cryptographic material as a backup for the fleet of hardware security modules, the second hardware security module unable to access the updated cryptographic material in plaintext form as a result of the second hardware security module lacking access to the domain key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An HSM management hub coordinates the distribution and synchronization of cryptographic material across a fleet of connected hardware security modules (“HSMs”). Cryptographic material is exchanged between HSMs in the fleet in a cryptographically protected format. In some examples, the cryptographic material is encrypted using a common fleet key maintained by the HSMs in the fleet. In other examples, the cryptographic material is protected using asymmetric cryptographic keys that are associated with the members of the HSM fleet. The HSM management hub may be used to divide the HSM fleet into subdomains by providing domain keys to subsets of HSMs within the HSM fleet. Cryptographic information that is encrypted with particular domain keys can be distributed across the entire HSM fleet, and restricted to use by authorized HSMs that are in possession of the particular domain keys.

Citations

20 Claims

1. A computer-implemented method comprising:
- storing, in a first hardware security module, a fleet key that is replicated across a fleet of hardware security modules, and a domain key that is replicated across a subset of hardware security modules in the fleet of hardware security modules;
  
  receiving encrypted cryptographic material, the encrypted cryptographic material encrypted with the domain key and then the fleet key;
  
  decrypting a first portion of the encrypted cryptographic material with at least the fleet key and the domain key;
  
  distributing updated cryptographic material that is cryptographically protected with the fleet key to the fleet of hardware security modules, the first hardware security module being able to access the updated cryptographic material as a result of being able to access the domain key and at least one other hardware security module not being able to access the updated cryptographic material as a result of not being able to access the domain key and storing the update cryptographic material; and
  
  distributing the updated cryptographic material that is cryptographically protected with the fleet key to a second hardware security module outside the fleet of hardware security modules, where the second hardware security module maintains the updated cryptographic material as a backup for the fleet of hardware security modules, the second hardware security module unable to access the updated cryptographic material in plaintext form as a result of the second hardware security module lacking access to the domain key.
- View Dependent Claims (2, 3, 4)
- - 2. The computer-implemented method of claim 1, wherein:
    - the first hardware security module belongs to the subset of hardware security modules; and
      
      the updated cryptographic material is encrypted with at least the domain key.
  - 3. The computer-implemented method of claim 1 further comprising:
    - distributing the updated cryptographic material to a third hardware security module that is not in the subset of hardware security modules, and that does not have a copy of the domain key; and
      
      causing the third hardware security module to store the updated cryptographic material in encrypted form.
  - 4. The computer-implemented method of claim 1 further comprising:
    - the first hardware security module is an internal hardware security module hosted by a host computer system; and
      
      distributing the updated cryptographic material to the first hardware security module is accomplished at least by relaying the updated cryptographic material through a driver running on the host computer system.

5. A system, comprising:
- one or more processors; and
  
  memory storing computer-executable instructions that, if executed, cause the system to;
  
  synchronize cryptographic material between hardware security modules that are arranged in a fleet of hardware security modules at least by;
  
  retaining a fleet key that is replicated across the fleet of hardware security modules, and a first domain key that is replicated across a subset of hardware security modules in the fleet of hardware security modules;
  
  receiving the cryptographic material in an encrypted format, the cryptographic material encrypted with the fleet key, a first portion of the cryptographic material encrypted with the first domain key;
  
  decrypting the cryptographic material with the fleet key and the first domain key;
  
  distributing updated cryptographic material in a form that is cryptographically protected with the fleet key to the fleet of hardware security modules, the updated cryptographic material being accessible to a first hardware security module in the fleet of hardware security modules with access to the fleet key and inaccessible to at least one other hardware security module in the fleet of hardware security modules without access to the fleet key, the at least one other hardware security module maintaining the updated cryptographic material as a backup;
  
  distributing the updated cryptographic material to at least one hardware security module outside the fleet of hardware security modules; and
  
  using a second hardware security module in the fleet of hardware security modules to backup an encrypted version of the updated cryptographic material to be stored on the second hardware security module, the encrypted version of the updated cryptographic material encrypted with the first domain key in a way that prevents the second hardware security module from being able to access the cryptographic material in a plaintext form as a result of the second hardware security module not being able to access the first domain key.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The system of claim 5, wherein distributing the updated cryptographic material is accomplished at least in part by providing the updated cryptographic material to a hardware security module management hub that is in communication with the fleet of hardware security modules.
  - 7. The system of claim 5, wherein distributing the updated cryptographic material is accomplished at least in part by sending, via a peer-to-peer networking protocol, the updated cryptographic material to the first hardware security module within the fleet of hardware security modules.
  - 8. The system of claim 5, wherein the system further merges the cryptographic material with existing cryptographic material stored on the first hardware security module.
  - 9. The system of claim 5, wherein the fleet key is a public-private key pair and the updated cryptographic material is protected in part by encrypting the updated cryptographic material with a public key of the public-private key pair.
  - 10. The system of claim 5, wherein the fleet key is a symmetric cryptographic key and the updated cryptographic material is protected in part by encrypting the updated cryptographic material with the fleet key.
  - 11. The system of claim 5, wherein the system further synchronizes cryptographic material across the fleet of hardware security modules at least by:
    - digitally signing the updated cryptographic material using a cryptographic key associated with the first hardware security module; and
      
      verifying a digital signature on the cryptographic material as a condition of accessing the cryptographic material.
  - 12. The system of claim 5, wherein the system further synchronizes cryptographic material across the fleet of hardware security modules at least by:
    - generating an updated cryptographic key as a replacement for an original cryptographic key;
      
      cryptographically protecting the updated cryptographic key with the original cryptographic key and the fleet key; and
      
      causing the updated cryptographic key to be distributed across the fleet of hardware security modules.

13. A non-transitory computer-readable storage medium storing thereon executable instructions that, as a result of being executed by one or more processors of a hardware security module, cause the hardware security module to at least:
- retain a fleet key that is replicated across a fleet of hardware security modules, and a domain key that is replicated across a set of hardware security modules in the fleet of hardware security modules;
  
  receive cryptographic material in an encrypted format, the cryptographic material encrypted with the fleet key, a first portion of the cryptographic material encrypted with the domain key, the cryptographic material provided to the hardware security module by a hardware security module management hub that is in communication with the fleet of hardware security modules and based at least in part on the hardware security module retaining the domain key;
  
  decrypt the cryptographic material in the encrypted format with the fleet key and then decrypt the first portion of the cryptographic material in the encrypted format with the domain key to produce a cryptographic key;
  
  perform a cryptographic operation using the cryptographic key;
  
  receive updated cryptographic material from the hardware security module management hub, the updated cryptographic material being an update to the cryptographic material and the hardware security module management hub also providing the updated cryptographic material to at least one other hardware security module outside of the fleet of hardware security modules; and
  
  provide the updated cryptographic material to the fleet of hardware security modules, a first hardware security module of the fleet of hardware security modules able to obtain the updated cryptographic material in plaintext form and a second hardware security module of the fleet of hardware security modules lacking access to the domain key, the updated cryptographic material in a form that is cryptographically protected with the fleet key and the domain key thereby preventing the second hardware security module from obtaining the updated cryptographic material in plaintext form.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the hardware security module to:
    - generate a new cryptographic key;
      
      encrypt the new cryptographic key with the domain key and the fleet key to produce encrypted updated information; and
      
      cause the encrypted updated information to be distributed to the set of hardware security modules in the fleet of hardware security modules.
  - 15. The non-transitory computer-readable storage medium of claim 13, wherein the set of hardware security modules is selected from the fleet of hardware security modules based at least in part on fleet-configuration information maintained in a fleet information store.
  - 16. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the hardware security module to:
    - receive, from a domain-lead hardware security module in the set of hardware security modules, an encrypted updated domain key that is encrypted with at least the fleet key;
      
      decrypt the encrypted updated domain key with the fleet key to obtain an updated domain key; and
      
      cause encrypted information to be distributed to the set of hardware security modules, the encrypted information encrypted using the updated domain key.
  - 17. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the hardware security module to:
    - receive, from a domain-lead hardware security module in the set of hardware security modules, an encrypted updated domain key that is encrypted with at least the domain key;
      
      decrypt the encrypted updated domain key with the domain key to obtain an updated domain key; and
      
      receive encrypted information from a source hardware security module in the set of hardware security modules, the encrypted information encrypted using the updated domain key.
  - 18. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the hardware security module to:
    - receive, from a requesting computer system, a request for updated cryptographic information;
      
      determine whether updated cryptographic material is available;
      
      encrypt the updated cryptographic material with the fleet key to produce encrypted cryptographic material; and
      
      provide the encrypted cryptographic material to the requester.
  - 19. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the hardware security module to:
    - determine that cryptographic information stored on the hardware security module has changed; and
      
      provide, to the hardware security module management hub, a notification that the hardware security module includes updated cryptographic information.
  - 20. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the hardware security module to:
    - receive, from the hardware security module management hub, an encrypted fleet management key;
      
      validate the encrypted fleet management key using a public key associated with a fleet administrator;
      
      decrypt the encrypted fleet management key with a hardware security module manufacturer'"'"'s key to produce a fleet key; and
      
      join the fleet by at least storing the fleet key on the hardware security module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Rubin, Gregory Alan, Grubin, Benjamin Philip
Primary Examiner(s)
Tolentino, Roderick

Application Number

US15/492,270
Publication Number

US 20170222802A1
Time in Patent Office

1,020 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0877   using additional device, e....

H04L 9/0891   Revocation or update of sec...

H04L 9/0897   involving additional device...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

Cryptographic key distribution

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic key distribution

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links