Storing of data in a device

US 20050223218A1
Filed: 03/17/2005
Published: 10/06/2005
Est. Priority Date: 03/19/2004
Status: Active Grant

First Claim

Patent Images

1. A method for storing data in the memory of an electronic device comprising encrypting the data to be stored with an encryption key (Ks);

providing the electronic device with an identification card equipped with a cryptographic algorithm;

generating at least one seed value in the electronic device;

transmitting said at least one seed value to the identification card;

performing said cryptographic algorithm in the identification card with said seed value as an input;

forming at least one derived value in the cryptographic algorithm;

transmitting said at least one derived value to the electronic device; and

using said at least one derived value for producing said encryption key in said electronic device.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method for storing data in the memory (1.2) of an electronic device (1), wherein the data to be stored is encrypted with an encryption key (Ks). The electronic device (1) is provided with an identification card (2) equipped with a cryptographic algorithm and an individual identifier (ID). In the electronic device (1), at least one seed value (RAND1, RAND2, RAND3) is generated, and the at least one seed value is transmitted to the identification card (2). The cryptographic algorithm is performed on the identification card (2), with the seed value (RAND1, RAND2, RAND3) being used as the input, wherein at least one derived value (Kc1, Kc2, Kc3) is produced in the algorithm. The at least one derived value (Kc1, Kc2, Kc3) is transmitted to the electronic device (1), wherein the at least one derived value (Kc1, Kc2, Kc3) is used in the formation of the encryption key (Ks). The invention also relates to an electronic device (1), module, and computer software product.

21 Citations

View as Search Results

21 Claims

1. A method for storing data in the memory of an electronic device comprising encrypting the data to be stored with an encryption key (Ks);
- providing the electronic device with an identification card equipped with a cryptographic algorithm;
  
  generating at least one seed value in the electronic device;
  
  transmitting said at least one seed value to the identification card;
  
  performing said cryptographic algorithm in the identification card with said seed value as an input;
  
  forming at least one derived value in the cryptographic algorithm;
  
  transmitting said at least one derived value to the electronic device; and
  
  using said at least one derived value for producing said encryption key in said electronic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, wherein the identification card is provided with an internal key, wherein said internal key is also used in the formation of said encryption key.
  - 3. The method according to claim 2, wherein in the formation of said encryption key, a unidirectional function is used, said at least one derived value and said internal key being used as the input.
  - 4. The method according to claim 2, wherein a device-specific identification is stored in the electronic device, wherein the device-specific identification of the electronic device is also used for the formation of said encryption key.
  - 5. The method according to claim 2, wherein for decrypting the data in a data group, a decryption key (Ks) is formed, for whose formation the data of the data group is searched for data about at least one seed value used in the encryption step, said at least one seed value is transmitted to the identification card, in which said cryptographic algorithm is performed, said seed value and said internal key being used as the input, wherein in the cryptographic algorithm, at least one of said at least one derived value is formed, and said at least one derived value is transmitted to the electronic device, wherein said at least one derived value is used for producing said decryption key.
  - 6. The method according to claim 5, wherein the electronic device is provided with two or more stored data groups, and each data group is provided with stored information about an individual identifier, wherein at the stage of decryption of the data, said data groups are searched for the data group whose individual identifier matches with the internal key stored on the identification card, and if the data group was found, the data of the found data group is decrypted.
  - 7. The method according to claim 1, wherein the identification card used is an identification card used for identifying mobile stations of a mobile communication system, wherein said cryptographic algorithm used is the algorithm used for identifying a mobile station.
  - 8. The method according to claim 1, wherein the identification card used is at least one of the following:
    - a SIM card, a USIM card, an R-UIM card, an electronic identification card, a bank card, a credit card.
  - 9. The method according to claim 1, wherein at least a part of the seed value is formed in a random or pseudo random way.

10. An electronic device comprising a memory and an identification card connection and provided with an identification card equipped with a cryptographic algorithm, wherein the electronic device comprises means for generating at least one seed value, means for transmitting said at least one seed value to the identification card equipped with means for performing said cryptographic algorithm, said seed value arranged to being used as an input, wherein in the cryptographic algorithm, at least one derived value is arranged to be formed, and the electronic device comprises means for receiving said at least one derived value and means for using said at least one derived value in the formation of said encryption key.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The electronic device according to claim 10, wherein the identification card is provided with an internal key, wherein said internal key is also arranged to be used in the formation of said encryption key.
  - 12. The electronic device according to claim 11, wherein in the formation of said encryption key, a unidirectional function is arranged to be used, said at least one derived value and said internal key being used as the input.
  - 13. The electronic device according to claim 11, wherein an equipment specific identification is stored in the electronic device, wherein the equipment specific identification of the electronic device is also arranged to be used in the formation of said encryption key (Ks).
  - 14. The electronic device according to claim 11, wherein it comprises means for forming a decryption key to be used in the decryption of data of a data group, means for searching the data of the data group for data about at least one seed value used at the encryption stage, means for transmitting said at least one seed value to the identification card in which said cryptographic algorithm is arranged to be performed, said seed value and said internal key being arranged to be used as the input, wherein at least one of said at least one derived value is arranged to be used in the algorithm, wherein the electronic device comprises means for receiving said at least one derived value from the identification card, wherein said at least one of said at least one derived value is arranged to be used in the formation of said decryption key.
  - 15. The electronic device according to claim 14, wherein two or more data groups are stored in the electronic device, and data about the internal key is stored in connection with each data group, wherein the electronic device comprises searching means for searching said data groups for the data group whose individual identifier matches with the internal key stored on the identification card, to decrypt the data of the data group.
  - 16. The electronic device according to claim 10, wherein the identification card is an identification card used for identifying mobile stations of a mobile communication system, wherein said cryptographic algorithm is the algorithm used for identifying a mobile station.
  - 17. The electronic device according to claim 10, wherein the identification card is one of the following:
    - a SIM card, a USIM card, an R-UIM card, an electronic identification card, bank card, a credit card.

18. A module to be used in connection with an electronic device, which electronic device comprises a memory and an identification card connection and is provided with an identification card equipped with a cryptographic algorithm, wherein the module comprises means for generating at least one seed value, means for transmitting said at least one seed value to the identification card equipped with means for performing said cryptographic algorithm, said seed value arranged to being used as the input, wherein in the cryptographic algorithm, at least one derived value is arranged to be formed, and the module comprises means for receiving said at least one derived value and means for using said at least one derived value in the formation of said encryption key.

19. A computer software product which comprises machine-executable program commands stored on a readable medium for execution by a processor, the machine-executable program commands:
- for storing data in the memory of an electronic device, and for encrypting the data to be stored with an encryption key, and which electronic device is provided with an identification card equipped with a cryptographic algorithm, wherein the computer software product comprises machine executable program commands;
  
  for generating at least one seed value, for searching the data of the data group for information about said at least one seed value used at the encryption stage, for transmitting said at least one seed value to the identification card in which said cryptographic algorithm is arranged to be used, said seed value being arranged to be used as the input, wherein at least one derived value is arranged to be formed in the algorithm, wherein the computer software product comprises machine-executable program commands;
  
  for receiving said at least one derived value from the identification card, and for using said at least one derived value in the formation of said decryption key.
- View Dependent Claims (20, 21)
- - 20. The computer software product according to claim 19, wherein for decrypting the data of the data group, the computer software product comprises machine executable program commands:
    - for searching the data of the data group for information about said at least one seed value used at the encryption stage, for transmitting said at least one seed value to the identification card, in which said cryptographic algorithm is used, said seed value being used as the input, wherein at least one derived value is formed in the algorithm, wherein the computer software product comprises machine-executable program commands;
      
      for receiving said at least one derived value from the identification card, and for using at least one of said at least one derived value in the formation of said decryption key, and for decrypting the data group with said decryption key.
  - 21. The computer software product according to claim 20, wherein the electronic device is provided with two or more stored data groups, and each data group is provided with stored information about an internal key, wherein the computer software product comprises machine executable program commands for searching said data groups for the data group whose individual identifier matches with the internal key stored on the identification card, and if the data group is found, the data of the found data group is decrypted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RPX Corporation
Original Assignee
Nokia Corporation
Inventors
Haverinen, Henry, Honkanen, Jukka-Pekka, Mikkonen, Jouni

Granted Patent

US 8,161,295 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 63/0428   wherein the data content is...

H04L 9/0869   involving random numbers or...

Storing of data in a device

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Storing of data in a device

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links