Method of preventing unauthorized distribution and use of electronic keys using a key seed

US 20040008846A1
Filed: 07/10/2002
Published: 01/15/2004
Est. Priority Date: 07/10/2002
Status: Active Grant

First Claim

Patent Images

1. A method of generating an electronic key used in an electronic transaction, said method comprising executing a one-way function on a host that derives said electronic key from a key seed saved in a non-volatile storage unit of said host and a unique host identification, said function being executed to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for generating an electronic key used in an electronic transaction can be created by executing a one-way function on a host that derives the electronic key from a key seed saved in a non-volatile storage unit of the host and a unique host identification that is resident on the host. The function is preferably executed each time an electronic transaction requiring the use of the electronic key is made.

101 Citations

View as Search Results

38 Claims

1. A method of generating an electronic key used in an electronic transaction, said method comprising executing a one-way function on a host that derives said electronic key from a key seed saved in a non-volatile storage unit of said host and a unique host identification, said function being executed to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - randomly generating said key seed on said host;
      
      generating said electronic key with said one-way function, said one-way function having said key seed and said unique host identification as inputs;
      
      deriving a public key from said electronic key;
      
      registering said public key with a certifying authority to produce a registered public key; and
      
      saving said key seed in said non-volatile storage unit of said host to produce a saved key seed.
  - 3. The method of claim 2, further comprising executing said one-way function with said saved key seed and said unique host identification as inputs to generate said electronic key used in said electronic transaction between said host and an electronic device that uses said registered public key in said electronic transaction.
  - 4. The method of claim 3, further comprising allowing a successful completion of said electronic transaction only if said electronic key correlates correctly with said public key.
  - 5. The method of claim 1, further comprising:
    - receiving said key seed from a key distribution center; and
      
      saving said key seed in said non-volatile storage unit of said host to produce a saved key seed.
  - 6. The method of claim 5, further comprising executing said one-way function with said saved key seed and said unique host identification as inputs to generate said electronic key used in said electronic transaction between said host and an electronic device that uses a symmetric session key in said electronic transaction.
  - 7. The method of claim 6, further comprising allowing a successful completion of said electronic transaction only if said electronic key matches said symmetric session key.
  - 8. The method of claim 1, further comprising not saving said electronic key in non-volatile memory of said host.
  - 9. The method of claim 1, further comprising deleting said electronic key from said host device following said transaction.

10. A system for generating an electronic key used in an electronic transaction, said system comprising:
- a host for making said electronic transaction, said host having a unique host identification;
  
  a non-volatile storage unit of said host for storing a key seed; and
  
  a one-way function, stored on said host, for deriving said electronic key from said key seed and said host identification, said host executing said one-way function to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 11. The system of claim 10, wherein said key seed comprises a private key seed.
  - 12. The system of claim 11, wherein said host randomly generates said private key seed.
  - 13. The system of claim 12, wherein said one-way function derives a private key from said private key seed and said host identification.
  - 14. The system of claim 13, wherein said host derives a public key from said private key.
  - 15. The system of claim 14, wherein a certifying authority registers said public key to produce a registered public key.
  - 16. The system of claim 15, wherein said certifying authority comprises a key distribution center.
  - 17. The system of claim 15, wherein said certifying authority saves said public key in a trusted database.
  - 18. The system of claim 15, wherein said certifying authority sends a digital certificate to said host attesting to the binding of said public key to said host.
  - 19. The system of claim 15, wherein said host saves said private key seed in said non-volatile storage unit.
  - 20. The system of claim 15, wherein said host executes said one-way function to generate said private key used in said electronic transaction between said host and an electronic device that uses said registered public key in said electronic transaction.
  - 21. The system of claim 20, wherein said electronic transaction is successfully completed successfully only if said private key correlates correctly with said public key.
  - 22. The system of claim 10, wherein said key seed comprises a symmetric session key seed.
  - 23. The system of claim 22, said system further comprising a key distribution center for sending said symmetric session key seed to said host, said host saving said symmetric session key seed in said non-volatile storage unit.
  - 24. The system of claim 23, wherein said host executes said one-way function to generate said symmetric session key used in said electronic transaction between said host and an electronic device, said electronic device also using a symmetric session key in said electronic transaction.
  - 25. The system of claim 24, wherein said electronic transaction is completed successfully only if said symmetric session key used by said host matches said symmetric session key used by said electronic device.
  - 26. The system of claim 10, wherein said non-volatile storage unit comprises a hard drive.
  - 27. The system of claim 10, wherein said host comprises a personal computer.
  - 28. The system of claim 10, wherein said host comprises a set-top box.
  - 29. The system of claim 10, wherein said electronic key is not saved in said non-volatile storage unit.

30. A system for securing an electronic transaction, said system comprising:
- means for generating an electronic key based on a first electronic input and an electronic identifier unique to a host participating in said electronic transaction; and
  
  means for using said electronic key for security in said electronic transaction
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38)
- - 31. The system of claim 30, wherein said means for generating further comprise means for executing a one-way function on said host that derives said electronic key from a key seed saved in a non-volatile storage unit of said host and a unique host identification, said function being executed to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.
  - 32. The system of claim 31, further comprising:
    - means for randomly generating said key seed on said host;
      
      means for generating said electronic key with said one-way function, said one-way function having said key seed and said unique host identification as inputs;
      
      means for deriving a public key from said electronic key;
      
      means for registering said public key with a certifying authority to produce a registered public key; and
      
      means for saving said key seed in said non-volatile storage unit of said host to produce a saved key seed.
  - 33. The system of claim 32, further comprising means for executing said one-way function with said saved key seed and said unique host identification as inputs to generate said electronic key used in said electronic transaction between said host and an electronic device that uses said registered public key in said electronic transaction.
  - 34. The system of claim 33, further comprising means for allowing a successful completion of said electronic transaction only if said electronic key correlates correctly with said public key.
  - 35. The system of claim 31, further comprising:
    - means for receiving said key seed from a key distribution center; and
      
      means for saving said key seed in said non-volatile storage unit of said host to produce a saved key seed.
  - 36. The system of claim 35, further comprising means for executing said one-way function with said saved key seed and said unique host identification as inputs to generate said electronic key used in said electronic transaction between said host and an electronic device that uses a symmetric session key in said electronic transaction.
  - 37. The system of claim 36, further comprising means for allowing a successful completion of said electronic transaction only if said electronic key matches said symmetric session key.
  - 38. The system of claim 31, further comprising means for using said electronic key in said electronic transaction without saving said electronic key in said non-volatile storage unit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
General Instrument Corporation (CommScope Holding Company, Inc.)
Inventors
Medvinsky, Alexander

Granted Patent

US 7,352,867 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/278
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/061   applying further key deriva...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/083   involving central third par...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/0897   involving additional device...

Method of preventing unauthorized distribution and use of electronic keys using a key seed

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

101 Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Method of preventing unauthorized distribution and use of electronic keys using a key seed

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

101 Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links