Method and apparatus for managing cryptographic keys

US 20080019527A1
Filed: 03/03/2006
Published: 01/24/2008
Est. Priority Date: 03/03/2006
Status: Active Grant

First Claim

Patent Images

1. A method for managing keys, comprising:

authenticating a client at a key manager;

receiving a token from the client at the key manager, wherein the token is associated with a customer key, and wherein the token includes a token authenticator that comprises one-half of an authenticator pair used to determine if the client is the owner of the customer key;

decrypting the token using a master key;

verifying a client authenticator, wherein the client authenticator comprises the other half of the authenticator pair used to determine if the client is the owner of the customer key; and

if the client is the owner of the customer key, sending the customer key to the client so that the client can use the customer key to encrypt/decrypt data at the client, and can then delete the customer key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

One embodiment of the present invention provides a system for managing keys. During operation, the system authenticates a client at a key manager. Next, the system receives a token from the client at the key manager, wherein the token is associated with a customer key, and includes a token authenticator. This token authenticator comprises one-half of an authenticator pair which is used to determine if the client is the owner of the customer key. Next, the system decrypts the token using a master key. The system then verifies a client authenticator, which comprises the other half of the authenticator pair which is used to determine if the client is the owner of the customer key. If the client is the owner of the customer key, the system sends the customer key to the client, which enables the client to encrypt/decrypt data. Finally, the client deletes the customer key.

100 Citations

View as Search Results

25 Claims

1. A method for managing keys, comprising:
- authenticating a client at a key manager;
  
  receiving a token from the client at the key manager, wherein the token is associated with a customer key, and wherein the token includes a token authenticator that comprises one-half of an authenticator pair used to determine if the client is the owner of the customer key;
  
  decrypting the token using a master key;
  
  verifying a client authenticator, wherein the client authenticator comprises the other half of the authenticator pair used to determine if the client is the owner of the customer key; and
  
  if the client is the owner of the customer key, sending the customer key to the client so that the client can use the customer key to encrypt/decrypt data at the client, and can then delete the customer key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising creating the customer key and the token by:
    - receiving a request for the customer key and for the token at the key manager, wherein the request may include a second client authenticator;
      
      generating the customer key;
      
      creating the token, wherein the second client authenticator is included in the token as the token authenticator;
      
      sending the customer key and the token to the client; and
      
      saving the token at the client.
  - 3. The method of claim 1, further comprising configuring the key manager by:
    - receiving a request from an administrator to setup a secret key store, wherein the secret key store is used by the key manager to store the customer key;
      
      in response to the request, setting up the secret key store; and
      
      creating a master key, wherein the master key is used by the key manager to encrypt/decrypt the token.
  - 4. The method of claim 1, wherein the token can include:
    - the customer key;
      
      the token authenticator;
      
      a type vector; and
      
      a checksum, wherein the checksum facilitates determining whether the token has been tampered.
  - 5. The method of claim 1, wherein the token is encrypted with the master key, and wherein the master key can be generated randomly by the key manager or specified by an administrator.
  - 6. The method of claim 1, wherein the token authenticator and the client authenticator can include at least one of:
    - a user name;
      
      a password;
      
      a certificate;
      
      an Internet Protocol address of the client;
      
      a hard-coded identifier;
      
      an identification number;
      
      a question response;
      
      a formula result; and
      
      an integrity check of the authenticator.
  - 7. The method of claim 1, wherein the key manager does not send the customer key to the client, but instead sends a message to the client indicating that the customer key is available at the key manager for use by the client.
  - 8. The method of claim 7, further comprising:
    - receiving data from the client for encryption/decryption with the customer key; and
      
      sending to the client the encrypted/decrypted data from the centralized key manager.
  - 9. The method of claim 2, wherein the key manager sends the token to the client, but does not send the customer key to the client.
  - 10. The method of claim 9, further comprising:
    - receiving data from the client at the key manager for encryption with the customer key;
      
      sending the encrypted data to the client; and
      
      saving the token at the client.
  - 11. The method of claim 1, wherein verifying the client authenticator further comprises:
    - receiving the client authenticator at the key manager;
      
      examining a type vector to determine a token authenticator type, wherein the type vector is included in the token;
      
      performing a client authentication technique, as indicated by the token authenticator type, to compare the token authenticator with the client authenticator;
      
      if the token authenticator matches the client authenticator, identifying the client as the owner of the customer key; and
      
      if not, rejecting the client as the owner of the customer key.
  - 12. The method of claim 11, wherein the type vector stores configuration information that may include:
    - the token authenticator type, wherein the token authenticator type indicates the form of the token authenticator, wherein the form of the token authenticator indicates both the kind of token authenticator used and whether the token authenticator is hashed, encrypted, or in plain text;
      
      a customer key management method, wherein the customer key management method indicates whether the customer key is to be returned to the client or used by the key manager on behalf of the client;
      
      an owner of the customer key;
      
      an expiration value defining how long the token is valid;
      
      a checksum-creation rule, wherein the checksum-creation rule indicates what part of the token is hashed, and what hash formula is implemented; and
      
      a customer key type, wherein the customer key type indicates the kind of key used, and what functions the key can be used for.
  - 13. The method of claim 1, further comprising verifying a checksum, wherein verifying the checksum involves determining if the token has been tampered with, and wherein verifying the checksum involves:
    - examining a type vector to determine a checksum-creation rule, wherein the type vector is included in the token authenticator;
      
      calculating a second checksum, wherein the second checksum is created following the checksum-creation rule;
      
      verifying the checksum and the second checksum;
      
      if the checksum and the second checksum match, determining that the token has not been tampered with; and
      
      if not, determining that the token has been tampered with and rejecting the client as the owner of the customer key.

14. A computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method for managing keys, the method comprising:
- authenticating a client at a key manager;
  
  receiving a token from the client at the key manager, wherein the token is associated with a customer key, and wherein the token includes a token authenticator that comprises one-half of an authenticator pair used to determine if the client is the owner of the customer key;
  
  decrypting the token using a master key;
  
  verifying a client authenticator, wherein the client authenticator comprises the other half of the authenticator pair used to determine if the client is the owner of the customer key; and
  
  if the client is the owner of the customer key;
  
  sending the customer key to the client, using the customer key to encrypt/decrypt data at the client, and deleting the customer key at the client.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 15. The computer-readable storage medium of claim 14, wherein the method further comprises creating the customer key and the token by:
    - receiving a request for the customer key at the key manager, wherein the request may include a second client authenticator;
      
      receiving a request for the token;
      
      generating the customer key;
      
      creating the token, wherein the second client authenticator is included in the token as the token authenticator;
      
      sending the customer key and the token to the client; and
      
      saving the token at the client.
  - 16. The computer-readable storage medium of claim 14, wherein the method further comprises configuring the key manager by:
    - receiving a request from an administrator to setup a secret key store, wherein the secret key store is used by the key manager to store the customer key;
      
      in response to the request, setting up the secret key store; and
      
      creating a master key, wherein the master key is used by the key manager to encrypt/decrypt the token.
  - 17. The computer-readable storage medium of claim 14, wherein the token can include:
    - the customer key;
      
      the token authenticator;
      
      a type vector; and
      
      a checksum, wherein the checksum facilitates determining whether the token has been tampered.
  - 18. The computer-readable storage medium of claim 14, wherein the token is encrypted with the master key, and wherein the master key can be generated randomly by the key manager or specified by an administrator.
  - 19. The computer-readable storage medium of claim 14, wherein the token authenticator and the client authenticator can include at least one of:
    - a user name;
      
      a password;
      
      a certificate;
      
      an Internet Protocol address of the client;
      
      a hard-coded identifier;
      
      an identification number;
      
      a question response;
      
      a formula result; and
      
      an integrity check of the authenticator.
  - 20. The computer-readable storage medium of claim 14, wherein the key manager does not send the customer key to the client, but instead sends a message to the client indicating that the customer key is available at the key manager for use by the client resulting in the method further comprising:
    - receiving data from the client for encryption/decryption with the customer key; and
      
      sending to the client the encrypted/decrypted data from the centralized key manager.
  - 21. The computer-readable storage medium of claim 15, wherein the key manager sends the token to the client, but does not send the customer key to the client resulting in the method further comprising:
    - receiving data from the client at the key manager for encryption with the customer key;
      
      sending the encrypted data to the client; and
      
      optionally saving the token at the client.
  - 22. The computer-readable storage medium of claim 14, wherein verifying the client authenticator further comprises:
    - receiving the client authenticator at the key manager;
      
      examining a type vector to determine a token authenticator type, wherein the type vector is included in the token;
      
      performing a client authentication method, as indicated by the token authenticator type, to compare the token authenticator with the client authenticator;
      
      if the token authenticator matches the client authenticator, identifying the client as the owner of the customer key; and
      
      if not, rejecting the client as the owner of the customer key.
  - 23. The computer-readable storage medium of claim 22, wherein the type vector stores configuration information that may include:
    - the token authenticator type, wherein the token authenticator type indicates the form of the token authenticator, wherein the form of the token authenticator indicates both the kind of token authenticator used and whether the token authenticator is hashed, encrypted, or in plain text;
      
      a customer key management method, wherein the customer key management method indicates whether the customer key is to be returned to the client or used by the key manager on behalf of the client;
      
      an owner of the customer key;
      
      an expiration value defining how long the token is valid;
      
      a checksum-creation rule, wherein the checksum-creation rule indicates what part of the token is hashed, and what hash formula is implemented; and
      
      a customer key type, wherein the customer key type indicates the kind of key used, and what functions the key can be used for.
  - 24. The computer-readable storage medium of claim 14, wherein the method further comprises verifying a checksum, wherein verifying the checksum involves determining if the token has been tampered with, and wherein verifying the checksum involves:
    - examining a type vector to determine a checksum-creation rule, wherein the type vector is included in the token authenticator;
      
      calculating a second checksum, wherein the second checksum is created following the checksum-creation rule;
      
      verifying the checksum and the second checksum;
      
      if the checksum and the second checksum match, determining that the token has not been tampered with; and
      
      if not, determining that the token has been tampered with and rejecting the client as the owner of the customer key.

25. An apparatus for managing keys, comprising:
- a key manager;
  
  a client;
  
  a token;
  
  an authentication mechanism configured to authenticate the client;
  
  a receiving mechanism configured to receive a token from the client at the key manager, wherein the token is associated with the customer key, and wherein the token includes a token authenticator that comprises one-half of an authenticator pair used to determine if the client is the owner of the customer key;
  
  a decrypting mechanism configured to decrypt the token using the master key;
  
  a verifying mechanism configured to verify a client authenticator, wherein the client authenticator comprises the other half of the authenticator pair used to determine if the client is the owner of the customer key; and
  
  a sending mechanism configured to send the customer key to the client if the client is the owner of the customer key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Wong, Daniel, Ho, Min-Hank, Youn, Paul, Lei, Chon

Granted Patent

US 7,925,023 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/278
CPC Class Codes

H04L 63/06   for supporting key manageme...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 9/083   involving central third par...

H04L 9/3234   involving additional secure...

H04L 9/3239   involving non-keyed hash fu...

Method and apparatus for managing cryptographic keys

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

100 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for managing cryptographic keys

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links