METHOD OF SECURE DATA EXCHANGE
First Claim
1. A method of secure data exchange between a master cryptographic unit and a slave cryptographic unit, comprising the steps of:
- sending either a reset message or a key validation message to request the master cryptographic unit to validate a key held by the slave cryptographic unit; and
forwarding a key exchange message, which includes a new key encrypted through the key held by the slave cryptographic unit, from the master cryptographic unit to the slave cryptographic unit.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of secure data exchange is applied to a system that includes a server and at least a client. After starting to first connect to the server, the client sends a reset message to the server using an initial key. Once receiving the message, the server verifies the received messages and also uses the initial key to decrypt them. If the verification of the messages is approved, the server generates a first key and sends a key exchange message, which includes the first key and is encrypted by the initial key to the client. Afterward, the client replaces the initial key with the first key in response to the received key exchange message, and meanwhile returns a key confirmation message. If the key confirmation message is approved, the server sends a downloading message to allow the client to retrieve corresponding information. After the information is successfully downloaded, the client sends a finish message to notify the server to await the coming of a next session.
-
Citations
14 Claims
-
1. A method of secure data exchange between a master cryptographic unit and a slave cryptographic unit, comprising the steps of:
-
sending either a reset message or a key validation message to request the master cryptographic unit to validate a key held by the slave cryptographic unit; and
forwarding a key exchange message, which includes a new key encrypted through the key held by the slave cryptographic unit, from the master cryptographic unit to the slave cryptographic unit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
responding to the key confirmation message with a downloading message to allow the slave cryptographic unit retrieving requested information; and
sending a finish message to the master cryptographic unit after the requested information is completely downloaded.
-
-
4. The method of secure data exchange of claim 1, wherein the reset message requests the master cryptographic unit to validate an initial key held by the slave cryptographic unit.
-
5. The method of secure data exchange of claim 4, wherein the initial key is either pre-configured by factories and permanently stored in the slave cryptographic unit or obtained from the master cryptographic unit through a manual login.
-
6. The method of secure data exchange of claim 1, further comprising a step of notifying the slave cryptographic unit that the key is invalid after the key validation message is sent.
-
7. The method of secure data exchange of claim 6, further comprising a step of sending the rest message to request the master cryptographic unit to validate an initial held by the slave cryptographic unit.
-
8. The method of secure data exchange of claim 3, further comprising the steps of:
-
sending another key validation message to request the master cryptographic unit to validate the new key held by the slave cryptographic unit; and
forwarding another key exchange message, which includes a renewed key encrypted through the new key held by the slave cryptographic unit.
-
-
9. The method of secure data exchange of claim 1, further comprising a step of notifying the slave cryptographic unit that the key is invalid after the resent message is sent.
-
10. The method of secure data exchange of claim 1, wherein the master cryptographic unit is a key distribution server.
-
11. The method of secure data exchange of claim 10, wherein the key distribution server is included in an automatic provisioning system.
-
12. The method of secure data exchange of claim 10, wherein the slave cryptographic unit is a client.
-
13. The method of secure data exchange of claim 10, wherein the reset message includes an initial key, a physical address of the slave cryptographic unit, timestamp data and hash data.
-
14. The method of secure data exchange of claim 10, wherein the key validation message includes the key, a physical address of the slave cryptographic unit, timestamp data and hash data.
Specification