System and method for protecting against dictionary attacks on password-protected TPM keys

US 20070014416A1
Filed: 07/15/2005
Published: 01/18/2007
Est. Priority Date: 07/15/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for providing for secure storage of a security key, comprising:

performing a one-way function on a user-provided password for at least a time period to generate a result;

using the result to generate a password-derived key;

encrypting the security key with the password-derived key to render an encrypted key; and

storing the encrypted key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer system that may include a trusted platform module (TPM) along with a processor hashes a user-supplied password for a predetermined time period that is selected to render infeasible a dictionary attack on the password. The results of the hash are used to render an AES key, which is used to encrypt an RSA key. The encrypted RSA key along with the total number of hash cycles that were used is stored and the RSA key is provided to the TPM as a security key. In the event that the RSA key in the TPM must be recovered, the encrypted stored version is decrypted with an AES key that is generated based on the user inputting the same password and hashing the password for the stored number of cycles.

61 Citations

View as Search Results

19 Claims

1. A method for providing for secure storage of a security key, comprising:
- performing a one-way function on a user-provided password for at least a time period to generate a result;
  
  using the result to generate a password-derived key;
  
  encrypting the security key with the password-derived key to render an encrypted key; and
  
  storing the encrypted key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the time period is a predetermined time period having a length sufficient to render a dictionary attack to discover the password infeasible.
  - 3. The method of claim 1, wherein the time period is at least sixty seconds.
  - 4. The method of claim 1, wherein the security key is an RSA key.
  - 5. The method of claim 4, wherein the password-derived key is a symmetric key.
  - 6. The method of claim 5, further comprising storing a total number “
    - M”
      
      of hash cycles that were executed in the performing act.
  - 7. The method of claim 6, comprising recovering the RSA key by providing the password, retrieving the number “
    - M”
      
      of hash cycles, hashing the password “
      
      M”
      
      times to produce the password-derived key, retrieving the encrypted key from memory and decrypting it using the password-derived key to render the RSA key.
  - 8. The method of claim 6, comprising using the RSA key in a TPM.

9. A computer system, comprising:
- at least one memory;
  
  at least one trusted platform module (TPM), the memory not being part of the TPM; and
  
  at least one processor executing method acts including;
  
  performing a one-way function on a user-supplied password for at least a predetermined time period of sufficient length to render infeasible a dictionary attack on the password;
  
  using information derived from the results of the performing act, encrypting at least one TPM key to render an encrypted key;
  
  storing the encrypted key in the memory; and
  
  providing the TPM key to the TPM.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The system of claim 9, wherein the one-way function is a hash, and the processor counts the total number “
    - M”
      
      of hash cycles that are used to hash the user-supplied password for the predetermined time period.
  - 11. The system of claim 9, wherein the information is AES information.
  - 12. The system of claim 9, wherein the TPM key is an RSA key.
  - 13. The system of claim 10, wherein to recover the TPM key from the encrypted key, the processor receives a test password and hashes it for “
    - M”
      
      hash cycles to generate a result, and then derives information from the result useful for decrypting the encrypted key to render the TPM key, provided the test password is the same as the user-supplied password.

14. A computer system, comprising:
- means for performing a one-way function on a user-supplied password for a predetermined time period to render a result of a total number of “
  
  M”
  
  function cycles;
  
  means for deriving a password-derived key from the result;
  
  means for encrypting a security key with the password-derived key to render an encrypted key; and
  
  means for storing the encrypted key and the number “
  
  M”
  
  of cycles.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, comprising means for retrieving the encrypted key and the number “
    - M”
      
      of cycles, for use thereof in recovering the security key.
  - 16. The system of claim 14, wherein the security key is an RSA key and the password-derived key is a symmetric key.
  - 17. The system of claim 14, wherein the predetermined time period has a length sufficient to render a dictionary attack to discover the password infeasible.
  - 18. The system of claim 14, wherein the security key is provided to a TPM.
  - 19. The system of claim 15, comprising:
    - means communicating with the means for retrieving for hashing a test password “
      
      M”
      
      times to generate a test result;
      
      means for processing the test result to render a test password-derived key;
      
      means communicating with the means for retrieving for decrypting the encrypted key using the test password-derived key, the means for decrypting producing the security key only if the test password matches the user-supplied password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Rivera, David, Challener, David, Hoff, James

Application Number

US11/183,116
Publication Number

US 20070014416A1
Time in Patent Office

Days
Field of Search
US Class Current

380/286
CPC Class Codes

H04L 2209/127   Trusted platform modules [TPM]

H04L 9/002   Countermeasures against att...

H04L 9/0822   using key encryption key

H04L 9/0863   involving passwords or one-...

H04L 9/0897   involving additional device...

System and method for protecting against dictionary attacks on password-protected TPM keys

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

61 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for protecting against dictionary attacks on password-protected TPM keys

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links