Key management system and method
First Claim
Patent Images
1. A method of managing at least one cipher key, comprising the steps of:
- encrypting at least one cipher key;
storing the at least one encrypted cipher key in at least one data memory;
receiving at least one message associated with at least one session; and
identifying at least one stored cipher key associated with the at least one session.
5 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems are disclosed for providing secured data transmission and for managing cryptographic keys. One embodiment of the invention provides secure key management when separate devices are used for generating and utilizing the keys. One embodiment of the invention provides secure storage of keys stored in an unsecured database. One embodiment of the invention provides key security in conjunction with high speed decryption and encryption, without degrading the performance of the data network.
-
Citations
49 Claims
-
1. A method of managing at least one cipher key, comprising the steps of:
-
encrypting at least one cipher key;
storing the at least one encrypted cipher key in at least one data memory;
receiving at least one message associated with at least one session; and
identifying at least one stored cipher key associated with the at least one session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A security processing system, comprising:
-
at least one processor for encrypting at least one cipher key;
at least one data memory for storing the at least one encrypted cipher key; and
at least one encryption accelerator, adapted to receive at least one message, for decrypting the at least one stored cipher key and the at least one message. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A secured data transmission system, comprising:
-
at least one data channel;
at least one main security module for distributing encrypted cipher keys over at the least one data channel; and
at least one satellite security module for receiving encrypted cipher keys over the at least one data channel and for encrypting or decrypting data using the cipher keys. - View Dependent Claims (22, 23, 24, 25, 26, 27)
-
-
28. A secured data transmission system, comprising:
-
at least one data channel;
at least one main security module for sending for sending at least one key encryption key over a secure connection established over the at least one data channel and for sending encrypted private keys over at the least one data channel and; and
at least one satellite security module for receiving the at least one kek encryption key over the secure connection, for receiving the encrypted private keys over the at least one data channel and for encrypting or decrypting data using the cipher keys. - View Dependent Claims (29, 30, 31, 32)
-
-
33. A method for providing secured data transmission comprising the steps of:
-
obtaining a key encryption key;
establishing communication over a data channel between a main security module and a satellite security module;
establishing a secure channel over the data channel;
transmitting the key encryption key over the secure channel;
encrypting a private key using the key encryption key;
transmitting the encrypted private key over the data channel; and
decrypting the transmitted private key using the transmitted key encryption key.
-
-
34. A method of managing at least one cipher key, comprising the steps of:
-
encrypting at least one cipher key;
storing the at least one encrypted cipher key in at least one data memory;
receiving at least one data packet; and
identifying at least one stored cipher key associated with the at least one data packet. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
-
-
49. A method for managing cipher keys, comprising the steps of:
-
generating a private key;
generating at least one key encryption key;
encrypting the private key using the at least one key encryption key;
sending the at least one key encryption key over a secure channel;
sending the at least one encrypted private key over a secure channel;
storing the at least one encrypted private key that was sent over the secure channel;
decrypting the stored at least one encrypted private key using the at least one key encryption key;
generating at least one session key using the at least one decrypted private key;
encrypting the at least one session key using the at least one key encryption key;
storing the at least one encrypted session key; and
decrypting the stored at least one encrypted session key using the at least one key encryption key to provide a session key to encrypt or decrypt a data packet.
-
Specification