Method and system for protecting master secrets using smart key devices

US 20050154898A1
Filed: 01/08/2004
Published: 07/14/2005
Est. Priority Date: 01/08/2004
Status: Active Grant

First Claim

Patent Images

1. A data processing system comprising:

a removable hardware device including;

means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;

a first hardware interface for electrically engaging a system unit; and

means for authenticating a hardware security unit;

a system unit including;

a second hardware interface for electrically engaging the removable hardware device; and

a hardware security unit including;

means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;

means for authenticating the removable hardware device; and

means for enabling the system unit to invoke cryptographic functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit after the removable hardware device and the hardware security unit have been mutually authenticated.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data processing system accepts a removable hardware device, which becomes electrically engaged with a system unit within the data processing system, after which the removable hardware device and the hardware security unit mutually authenticate themselves. The removable hardware device stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the hardware security unit, and the hardware security unit stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the removable hardware device. In response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, the system unit is enabled to invoke cryptographic functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit.

98 Citations

View as Search Results

48 Claims

1. A data processing system comprising:
- a removable hardware device including;
  
  means for storing a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair;
  
  a first hardware interface for electrically engaging a system unit; and
  
  means for authenticating a hardware security unit;
  
  a system unit including;
  
  a second hardware interface for electrically engaging the removable hardware device; and
  
  a hardware security unit including;
  
  means for storing a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  means for authenticating the removable hardware device; and
  
  means for enabling the system unit to invoke cryptographic functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit after the removable hardware device and the hardware security unit have been mutually authenticated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The data processing system of claim 1 further comprising:
    - means for executing a software security unit on the system unit, wherein the software security unit contains a private key of a third asymmetric cryptographic key pair and a public key of a fourth asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the fourth asymmetric cryptographic key pair and a public key of the third asymmetric cryptographic key pair;
      
      means for performing a mutual authentication operation between the software security unit and the hardware security unit; and
      
      means for enabling the software security unit to invoke functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit in response to successfully performing the mutual authentication operation between the software security unit and the hardware security unit.
  - 3. The data processing system of claim 2 further comprising:
    - means for exchanging a session key between the software security unit and the hardware security unit during the mutual authentication operation between the software security unit and the hardware security unit.
  - 4. The data processing system of claim 3 further comprising:
    - means for employing the session key by the software security unit to encrypt subsequent requests to the hardware security unit in order to prove the software security unit'"'"'s identity.
  - 5. The data processing system of claim 2 further comprising:
    - means for returning a master secret from the hardware security unit to the software security unit in response to a request from the software security unit.
  - 6. The data processing system of claim 2 further comprising:
    - means for storing a master secret from the software security unit in the hardware security unit in response to a request from the software security unit.
  - 7. The data processing system of claim 2 further comprising:
    - means for generating a digital certificate for the software security unit by the hardware security unit in response to a request from the software security unit while the removable hardware device remains electrically engaged with the system unit.
  - 8. The data processing system of claim 2 further comprising:
    - means for digitally signing a data item from the software security unit by the hardware security unit in response to a request from the software security unit while the removable hardware device remains electrically engaged with the system unit.
  - 9. The data processing system of claim 1 wherein the hardware security unit does not have any interface for accessing private keys that are stored therein.
  - 10. The data processing system of claim 1 further comprising:
    - means for performing a cryptographic function by the hardware security unit for the software security unit in response to a request from the software security unit after successfully performing a mutual authentication operation between the software security unit and the hardware security unit without requiring the removable hardware device to be electrically engaged with the system unit.
  - 11. The data processing system of claim 10 wherein the cryptographic function is selected from a group comprising encryption, decryption, validating a digital signature, mutual authentication, or accessing stored master secrets.
  - 12. The data processing system of claim 1 further comprising:
    - means for allowing the removable hardware device to mutually authenticate with a plurality of hardware security units throughout the data processing system.
  - 13. The data processing system of claim 1 further comprising:
    - means for allowing a plurality of removable hardware devices to mutually authenticate with the hardware security unit.
  - 14. The data processing system of claim 1 further comprising:
    - means for embedding a digital certificate and a corresponding private key in a software module;
      
      means for digitally signing the software module by the hardware security unit; and
      
      means for validating the digital signature of the software module using the hardware security unit to prevent copying and usage of the embedded corresponding private key by other software modules.
  - 15. The data processing system of claim 1 further comprising:
    - means for embedding a digital certificate and a corresponding private key in a software module;
      
      means for encrypting by the hardware security unit the software module with the embedded digital certificate and corresponding private key; and
      
      means for decrypting by the hardware security unit the software module with the embedded digital certificate and corresponding private key before executing the software module.
  - 16. The data processing system of claim 15 further comprising:
    - means for requiring all software modules executable on the system unit so that the private and public keys are concealed.

17. A method for performing cryptographic functions, the method comprising:
- electrically engaging a removable hardware device with a system unit, wherein the system unit includes a hardware security unit, wherein the removable hardware device contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  performing a mutual authentication operation between the removable hardware device and the hardware security unit; and
  
  in response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit, enabling the system unit to invoke cryptographic functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 18. The method of claim 17 further comprising:
    - executing a software security unit on the system unit, wherein the software security unit contains a private key of a third asymmetric cryptographic key pair and a public key of a fourth asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the fourth asymmetric cryptographic key pair and a public key of the third asymmetric cryptographic key pair;
      
      performing a mutual authentication operation between the software security unit and the hardware security unit; and
      
      in response to successfully performing the mutual authentication operation between the software security unit and the hardware security unit, enabling the software security unit to invoke functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit.
  - 19. The method of claim 18 further comprising:
    - exchanging a session key between the software security unit and the hardware security unit during the mutual authentication operation between the software security unit and the hardware security unit.
  - 20. The method of claim 19 further comprising:
    - employing the session key by the software security unit to encrypt subsequent requests to the hardware security unit in order to prove the software security unit'"'"'s identity.
  - 21. The method of claim 18 further comprising:
    - returning a master secret from the hardware security unit to the software security unit in response to a request from the software security unit.
  - 22. The method of claim 18 further comprising:
    - in response to a request from the software security unit, storing a master secret from the software security unit in the hardware security unit.
  - 23. The method of claim 18 further comprising:
    - in response to a request from the software security unit, generating a digital certificate for the software security unit by the hardware security unit while the removable hardware device remains electrically engaged with the system unit.
  - 24. The method of claim 18 further comprising:
    - in response to a request from the software security unit, digitally signing a data item from the software security unit by the hardware security unit while the removable hardware device remains electrically engaged with the system unit.
  - 25. The method of claim 17 wherein the hardware security unit does not have any interface for accessing private keys that are stored therein.
  - 26. The method of claim 17 further comprising:
    - performing a cryptographic function by the hardware security unit for the software security unit in response to a request from the software security unit after successfully performing a mutual authentication operation between the software security unit and the hardware security unit without requiring the removable hardware device to be electrically engaged with the system unit.
  - 27. The method of claim 26 wherein the cryptographic function is selected from a group comprising encryption, decryption, validating a digital signature, mutual authentication, or accessing stored master secrets.
  - 28. The method of claim 17 further comprising:
    - allowing the removable hardware device to mutually authenticate with a plurality of hardware security units throughout the data processing system.
  - 29. The method of claim 17 further comprising:
    - allowing a plurality of removable hardware devices to mutually authenticate with the hardware security unit.
  - 30. The method of claim 17 further comprising:
    - embedding a digital certificate and a corresponding private key in a software module;
      
      digitally signing the software module by the hardware security unit; and
      
      validating the digital signature of the software module using the hardware security unit to prevent copying and usage of the embedded corresponding private key by other software modules.
  - 31. The method of claim 17 further comprising:
    - embedding a digital certificate and a corresponding private key in a software module;
      
      encrypting by the hardware security unit the software module with the embedded digital certificate and corresponding private key; and
      
      decrypting by the hardware security unit the software module with the embedded digital certificate and corresponding private key before executing the software module.
  - 32. The method of claim 31 further comprising:
    - requiring all software modules executable on the system unit so that the private and public keys are concealed.

33. A computer program product on a computer readable medium for use in a data processing system for performing cryptographic functions, the computer program product comprising:
- means for electrically engaging a removable hardware device with a system unit, wherein the system unit includes a hardware security unit, wherein the removable hardware device contains a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair;
  
  means for performing a mutual authentication operation between the removable hardware device and the hardware security unit; and
  
  means for enabling the system unit to invoke cryptographic functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit in response to successfully performing the mutual authentication operation between the removable hardware device and the hardware security unit.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48)
- - 34. The computer program product of claim 33 further comprising:
    - means for executing a software security unit on the system unit, wherein the software security unit contains a private key of a third asymmetric cryptographic key pair and a public key of a fourth asymmetric cryptographic key pair, and wherein the hardware security unit contains a private key of the fourth asymmetric cryptographic key pair and a public key of the third asymmetric cryptographic key pair;
      
      means for performing a mutual authentication operation between the software security unit and the hardware security unit; and
      
      means for enabling the software security unit to invoke functions on the hardware security unit while the removable hardware device remains electrically engaged with the system unit in response to successfully performing the mutual authentication operation between the software security unit and the hardware security unit.
  - 35. The computer program product of claim 34 further comprising:
    - means for exchanging a session key between the software security unit and the hardware security unit during the mutual authentication operation between the software security unit and the hardware security unit.
  - 36. The computer program product of claim 35 further comprising:
    - means for employing the session key by the software security unit to encrypt subsequent requests to the hardware security unit in order to prove the software security unit'"'"'s identity.
  - 37. The computer program product of claim 34 further comprising:
    - means for returning a master secret from the hardware security unit to the software security unit in response to a request from the software security unit.
  - 38. The computer program product of claim 34 further comprising:
    - means for storing a master secret from the software security unit in the hardware security unit in response to a request from the software security unit.
  - 39. The computer program product of claim 34 further comprising:
    - means for generating a digital certificate for the software security unit by the hardware security unit in response to a request from the software security unit while the removable hardware device remains electrically engaged with the system unit.
  - 40. The computer program product of claim 34 further comprising:
    - means for digitally signing a data item from the software security unit by the hardware security unit in response to a request from the software security unit while the removable hardware device remains electrically engaged with the system unit.
  - 41. The computer program product of claim 33 wherein the hardware security unit does not have any interface for accessing private keys that are stored therein.
  - 42. The computer program product of claim 33 further comprising:
    - means for performing a cryptographic function by the hardware security unit for the software security unit in response to a request from the software security unit after successfully performing a mutual authentication operation between the software security unit and the hardware security unit without requiring the removable hardware device to be electrically engaged with the system unit.
  - 43. The computer program product of claim 42 wherein the cryptographic function is selected from a group comprising encryption, decryption, validating a digital signature, mutual authentication, or accessing stored master secrets.
  - 44. The computer program product of claim 33 further comprising:
    - means for allowing the removable hardware device to mutually authenticate with a plurality of hardware security units throughout the data processing system.
  - 45. The computer program product of claim 33 further comprising:
    - means for allowing a plurality of removable hardware devices to mutually authenticate with the hardware security unit.
  - 46. The computer program product of claim 33 further comprising:
    - means for embedding a digital certificate and a corresponding private key in a software module;
      
      means for digitally signing the software module by the hardware security unit; and
      
      means for validating the digital signature of the software module using the hardware security unit to prevent copying and usage of the embedded corresponding private key by other software modules.
  - 47. The computer program product of claim 33 further comprising:
    - means for embedding a digital certificate and a corresponding private key in a software module;
      
      means for encrypting by the hardware security unit the software module with the embedded digital certificate and corresponding private key; and
      
      means for decrypting by the hardware security unit the software module with the embedded digital certificate and corresponding private key before executing the software module.
  - 48. The computer program product of claim 47 further comprising:
    - means for requiring all software modules executable on the system unit so that the private and public keys are concealed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
International Business Machines Corporation
Inventors
Chao, Ching-Yun

Granted Patent

US 7,849,326 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 21/602   Providing cryptographic fac...

G06F 2221/2153   Using hardware token as a s...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/3247   involving digital signatures

H04L 9/3265   using certificate chains, t...

H04L 9/3273   for mutual authentication n...

Method and system for protecting master secrets using smart key devices

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

98 Citations

48 Claims

Specification

Use Cases

Quick Links

Others

Method and system for protecting master secrets using smart key devices

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

98 Citations

48 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others