Systems And Methods For Root Certificate Update

US 20080025514A1
Filed: 07/25/2007
Published: 01/31/2008
Est. Priority Date: 07/25/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for replacing a cryptographic key, the method including:

receiving a key replacement message for replacing a fourth cryptographic key, wherein the key replacement message includes encrypted data, the encrypted data having been encrypted using at least part of at least a third cryptographic key;

decrypting at least part of the key replacement message using at least part of the fourth cryptographic key, the decrypting being associated with verifying a digital signature;

reading from the key replacement message at least part of at least a first replacement cryptographic key or at least a first replacement cryptographic key precursor value that is used to derive a first replacement cryptographic key; and

replacing the cryptographic key with at least part of the first replacement cryptographic key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Certain embodiments of the present invention provide a method for replacing a cryptographic key including receiving a key replacement message for replacing the cryptographic key, decrypting at least part of the key replacement message using at least part of the cryptographic key, reading from the key replacement message at least part of at least a first replacement cryptographic key or at least a first replacement cryptographic key precursor value that is used to derive a first replacement cryptographic key, and replacing the cryptographic key with at least part of the first replacement cryptographic key. The key replacement message includes encrypted data. The encrypted data having been encrypted using at least part of at least a third cryptographic key. Decrypting the encrypted data using at least part of the cryptographic key. The decrypting being associated with verifying a digital signature.

54 Citations

View as Search Results

20 Claims

1. A method for replacing a cryptographic key, the method including:
- receiving a key replacement message for replacing a fourth cryptographic key, wherein the key replacement message includes encrypted data, the encrypted data having been encrypted using at least part of at least a third cryptographic key;
  
  decrypting at least part of the key replacement message using at least part of the fourth cryptographic key, the decrypting being associated with verifying a digital signature;
  
  reading from the key replacement message at least part of at least a first replacement cryptographic key or at least a first replacement cryptographic key precursor value that is used to derive a first replacement cryptographic key; and
  
  replacing the cryptographic key with at least part of the first replacement cryptographic key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the fourth cryptographic key has not been previously used to decrypt data which was associated with verifying a digital signature.
  - 3. The method of claim 1, wherein the key replacement message includes a second replacement cryptographic key.
  - 4. The method of claim 1, wherein at least part of a second cryptographic key is replaced with at least part of the cryptographic key, where the second cryptographic key may be a root key corresponding to a root certificate in a public key cryptosystem.
  - 5. The method of claim 1, wherein the fourth cryptographic key and the cryptographic key are the same key.
  - 6. The method of claim 2, wherein the fourth cryptographic key and the cryptographic key are the same key.
  - 7. The method of claim 3, further including replacing the fourth cryptographic key with the second replacement cryptographic key.
  - 8. The method of claim 1, wherein the first replacement cryptographic key is never used to decrypt encrypted data until a second key replacement message is received as a new first key replacement message.
  - 9. The method of claim 2, wherein the first replacement cryptographic key is never used to decrypt encrypted data until a second key replacement message is received as a new first key replacement message.
  - 10. The method of claim 3, wherein the first replacement cryptographic key is never used to decrypt encrypted data until a second key replacement message is received as a new first key replacement message.
  - 11. The method of claim 4, wherein the first replacement cryptographic key is never used to decrypt encrypted data until a second key replacement message is received as a new first key replacement message.
  - 12. The method of claim 5, wherein the first replacement cryptographic key is treated as the cryptographic key for purposes of applying the method again with the new first key replacement message.
  - 13. The method of claim 6, wherein the first replacement cryptographic key is treated as the cryptographic key for purposes of applying the method again with the new first key replacement message.
  - 14. The method of claim 7, wherein the first replacement cryptographic key is treated as the cryptographic key for purposes of applying the method again with the new first key replacement message.
  - 15. The method of claim 8, wherein the first replacement cryptographic key is treated as the cryptographic key for purposes of applying the method again with the new first key replacement message.

16. A method of replacing a cryptographic key by communicating to a receiving party a new cryptographic key, together with a means of verification to prove to the party that the new cryptographic key is an authentic replacement key, where such means of verification employs a cryptographic transformation that involves computation using a fourth cryptographic key which was previously communicated to the party, and where the fourth cryptographic key was never previously used as a cryptographic key in any other cryptographic transformation by the party, and replacing said cryptographic key only after successful verification of authenticity for said new cryptographic key by said means of verification employing the fourth cryptographic key.

17. A system for replacing a cryptographic key, the system including:
- a host including a cryptographic key, wherein the host is adapted to receive a key replacement message including a first replacement cryptographic key, wherein the key replacement message has been encrypted at least in part using a third cryptographic key, wherein the host is further adapted to decrypt at least in part the key replacement message using the cryptographic key to read the first replacement cryptographic key, wherein the host is adapted to replace the cryptographic key with the first replacement cryptographic key.
- View Dependent Claims (18, 19, 20)
- - 18. The system of claim 17, wherein the host includes a second cryptographic key that is replaced with the cryptographic key when the cryptographic key is replaced with the first replacement cryptographic key.
  - 19. The system of claim 17, wherein the first replacement cryptographic key is never used to decrypt encrypted data until a second key replacement message is received as a new first key replacement message.
  - 20. The system of claim 18, wherein the first replacement cryptographic key is never used to decrypt encrypted data until a second key replacement message is received as a new first key replacement message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Jason Coombs
Original Assignee
Jason Coombs
Inventors
Coombs, Jason

Application Number

US11/828,187
Publication Number

US 20080025514A1
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 21/33 using certificates

G06F 2221/2145 Inheriting rights or proper...

Systems And Methods For Root Certificate Update

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

54 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems And Methods For Root Certificate Update

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

54 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links