PROVIDING CRYPTOGRAPHIC KEY BASED ON USER INPUT DATA

US 20060153369A1
Filed: 08/08/2005
Published: 07/13/2006
Est. Priority Date: 01/07/2005
Status: Abandoned Application

First Claim

Patent Images

1. An invention comprising a method of providing an ephemeral cryptographic key, the method comprising the steps of:

(a) receiving into a computer system input data from a user;

(b) generating within the computer system a cryptographic key as a deterministic function of said received data of said step (a);

(c) following said step (b) of generating the cryptographic key, clearing from the computer system said received data of said step (a) so that said received data is no longer available for generating the cryptographic key; and

(d) clearing from the computer system said generated cryptographic key upon expiration of a predetermined period of time.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic key is provided based on user input data (UID) by: receiving into a computer system the UID; generating within the computer system the cryptographic key as a deterministic function of the UID; and clearing from the computer system the UID following the generation of the cryptographic key. The UID is not exported from the computer system. The cryptographic key may be a public key or private key. If the cryptographic key is a public key, then the cryptographic key is exported from the computer system. If the cryptographic key is a private key, then the cryptographic key is not exported from the computer system, and is cleared from the computer system within a single day of the generation of the cryptographic key.

Citations

28 Claims

1. An invention comprising a method of providing an ephemeral cryptographic key, the method comprising the steps of:
- (a) receiving into a computer system input data from a user;
  
  (b) generating within the computer system a cryptographic key as a deterministic function of said received data of said step (a);
  
  (c) following said step (b) of generating the cryptographic key, clearing from the computer system said received data of said step (a) so that said received data is no longer available for generating the cryptographic key; and
  
  (d) clearing from the computer system said generated cryptographic key upon expiration of a predetermined period of time.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The invention of claim 1, wherein neither said received data of step (a) nor said generated cryptographic key of step (b) is exported from the computer system.
  - 3. The invention of claim 1, wherein, following said step (c) of clearing said received data from the computer system, the input data received from the user in said step (a) must be received again within the computer system in order to regenerate the cryptographic key within the computer system using the deterministic function of said step (b).
  - 4. The invention of claim 1, wherein said generated cryptographic key of said step (b) comprises a private key of a public-private key pair.
  - 5. The invention of claim 1, wherein said step (d) of clearing from the computer system said generated cryptographic key comprises overwriting said generated cryptographic key in a computer-readable medium of the computer system.
  - 6. The invention of claim 1, wherein the deterministic function of said step (b) outputs a large integer value.
  - 7. The invention of claim 1, wherein the deterministic function of said step (b) comprises hashing said received data.
  - 8. The invention of claim 1, wherein said step (c) of clearing from the computer system said received data occurs upon performance of said step (b) of generating the cryptographic key.
  - 9. The invention of claim 1, wherein said step (c) of clearing from the computer system said received data occurs immediately upon performance of said step (b) of generating the cryptographic key.
  - 10. The invention of claim 1, wherein said received data of said step (a) is not exported from the computer system.
  - 11. The invention of claim 1, further comprising the computer system.
  - 12. The invention of claim 1, wherein the input data from the user represents a passphrase.
  - 13. The invention of claim 1, wherein the input data from the user represents a password.
  - 14. The invention of claim 1, wherein the input data from the user represents a PIN.
  - 15. The invention of claim 1, wherein the input data from the user represents a biometric.
  - 16. The invention of claim 15, wherein the biometric comprises at least one of facial characteristics, hand geometry, a fingerprint, a thumbprint, ocular characteristics of the retina, ocular characteristics are characteristics of the iris, a vascular pattern, a DNA pattern, a vocal behavior, signature dynamics, and keystroke dynamics.
  - 17. The invention of claim 1, wherein said step (c) of clearing from the computer system said received data comprises overwriting said received data in a computer-readable medium of the computer system.
  - 18. The invention of claim 1, further comprising a computer-readable medium having computer-executable instructions for performing the method.

19. An invention comprising a method of providing a cryptographic key, the method comprising the steps of:
- (a) receiving into a computer system input data from a user;
  
  (b) generating within the computer system a cryptographic key as a deterministic function of said received data of said step (a);
  
  (c) following said step (b) of generating the cryptographic key, clearing from the computer system said received data of said step (a) so that said received data is no longer available for generating the cryptographic key; and
  
  (d) exporting said generated cryptographic key from the computer system.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 20. The invention of claim 19, wherein said generated cryptographic key comprises a public key of an asymmetric public-private key pair.
  - 21. The invention of claim 19, wherein, following said step (c) of clearing said received data from the computer system, the input data received from the user in said step (a) must be received again within the computer system in order to regenerate the cryptographic key within the computer system using the deterministic function of said step (b).
  - 22. The invention of claim 19, wherein said step (c) of clearing said received data is performed prior to performing said step (d) of exporting said generated cryptographic key.
  - 23. The invention of claim 19, wherein said step (c) of clearing said received data is performed after performing said step (d) of exporting said generated cryptographic key.
  - 24. The invention of claim 19, wherein said step (c) of clearing from the computer system said received data occurs upon performance of said step (b) of generating the cryptographic key.
  - 25. The invention of claim 19, wherein said step (c) of clearing from the computer system said received data occurs immediately upon performance of said step (b) of generating the cryptographic key.
  - 26. The invention of claim 19, wherein said received data of said step (a) is not exported from the computer system.
  - 27. The invention of claim 19, further comprising the computer system.
  - 28. The invention of claim 19, further comprising a computer-readable medium having computer-executable instructions for performing the method.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Beeson, Curtis Linn

Application Number

US11/161,562
Publication Number

US 20060153369A1
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 2209/56 Financial cryptography, e.g...

H04L 9/3066 involving algebraic varieti...

PROVIDING CRYPTOGRAPHIC KEY BASED ON USER INPUT DATA

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

PROVIDING CRYPTOGRAPHIC KEY BASED ON USER INPUT DATA

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links