Escrow compatible key generation

US 20070140496A1
Filed: 12/15/2005
Published: 06/21/2007
Est. Priority Date: 12/15/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

using a current encryption key to encrypt or authenticate information;

creating a new encryption key as a predictable and retrospectively repeatable function of the current encryption key; and

encrypting or authenticating information using the new encryption key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of managing encryption keys creates a new encryption key as a predictable and retrospectively repeatable function of a current encryption key. Information is then encrypted or authenticated using the new encryption key. In one embodiment, the generation of a new encryption key is triggered as a function of the amount of information encrypted or authenticated using the current encryption key. In a further embodiment, the new encryption key is created by using the current encryption key to encrypt a pre-agreed block of information, which may be an appropriate-length representation of the current encryption key. In a further embodiment, the current encryption key and a time-independent method of creating a new encryption key is escrowed.

20 Citations

View as Search Results

20 Claims

1. A method comprising:
- using a current encryption key to encrypt or authenticate information;
  
  creating a new encryption key as a predictable and retrospectively repeatable function of the current encryption key; and
  
  encrypting or authenticating information using the new encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein transition to use of the new encryption key occurs as a function of the amount of information encrypted or authenticated, or both, using the current encryption key.
  - 3. The method of claim 1 wherein the new encryption key is used after a predetermined amount of time of using the current encryption key.
  - 4. The method of claim 1 wherein the new encryption key is used after a predetermined number of times of use of the current encryption key.
  - 5. The method of claim 1 wherein the new encryption key is created by using the current encryption key to encrypt a block of information predictable to the escrow system and other intended users of the key.
  - 6. The method of claim 5 wherein the block of information that is predictable to the escrow system and other intended users of the key is an appropriate-length representation of the current encryption key.
  - 7. The method of claim 1 and further comprising successively changing keys in a time-independent manner to create and use a succession of new encryption keys, with the new key becoming the current key.
  - 8. The method of claim 1 wherein the transition to use of a new encryption key is triggered as a function of the amount of information encrypted or authenticated, or both, using the current encryption key if no new key has been received from an escrowing key generator within an expected time.
  - 9. The method of claim 1 wherein the transition to use of a new encryption key is triggered as a function of the number of instances of encryption or authentication, or both, using the current encryption key if no new key has been received from an escrowing key generator within an expected time.

10. A system comprising:
- means for encrypting or authenticating information using a current encryption key;
  
  means for creating a new encryption key as a predictable and retrospectively repeatable function of the current encryption key; and
  
  means for transitioning from use of the current encryption key to use of the new encryption key as a function of the amount of information encrypted or authenticated using the current encryption key.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10 wherein the transition from use of the current encryption key to use of the new encryption key occurs after a predetermined amount of time.
  - 12. The system of claim 10 wherein the transition from use of the current encryption key to use of the new encryption key occurs after a predetermined number of times of use of the current encryption key.
  - 13. The system of claim 10 wherein the new encryption key is created by using the current encryption key to encrypt a pre-agreed block of information.
  - 14. The system of claim 13 wherein the pre-agreed block of information is an appropriate-length representation of the current encryption key.
  - 15. The system of claim 10 and further comprising means for notifying users of the change of encryption key.

16. A method comprising:
- escrowing a current encryption key and a predictable and retrospectively repeatable method of creating a new encryption key as a function of the current encryption key;
  
  using a current encryption key to encrypt or authenticate information;
  
  creating a new encryption key using the time-independent, or only coarsely time-dependent, method; and
  
  encrypting or authenticating information using the new encryption key.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16 and further comprising detecting that an encryption key has been changed.
  - 18. The method of claim 17 wherein detecting that an encryption key has been changed comprises unsuccessfully using a current encryption key to decrypt received information.
  - 19. The method of claim 16 and further comprising notifying other users of the current encryption key that the current encryption key has been changed.
  - 20. The method of claim 16 and further comprising providing the current encryption key and time-independent method of creating a new encryption key to multiple users.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Honeywell International Inc.
Inventors
Phinney, Thomas

Application Number

US11/303,045
Publication Number

US 20070140496A1
Time in Patent Office

Days
Field of Search
US Class Current

380/286
CPC Class Codes

H04L 9/0894 Escrow, recovery or storing...

Escrow compatible key generation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

20 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Escrow compatible key generation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others