Key transformation unit for a tamper resistant module

US 20080059812A1
Filed: 10/25/2007
Published: 03/06/2008
Est. Priority Date: 02/21/1997
Status: Active Grant

First Claim

Patent Images

1. A method for processing a data transmission, said method comprising the steps of:

receiving said data transmission, said data transmission comprising an executable software application encrypted with a first key, and a key transformation unit (KTU) encrypted with a second key, wherein said executable software application comprises at least one encrypted portion having an associated location, and said KTU comprises said first key and a location indicator for said associated location;

decrypting said KTU onto a tamper resistant module (TRM) to recover said first key and said location indicator;

identifying said encrypted portion associated with said associated location;

decrypting said encrypted portion of said executable software application onto said TRM using said first key for each encrypted portion; and

storing said decrypted executable software application in memory of said TRM for subsequent execution.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparati, and computer-readable media for securely transporting a software application onto a tamper resistant module (TRM) (103) by using an individualized TRM key set. A method embodiment of the present invention comprises: storing a key pair unique to the TRM (103) in a memory located on the TRM (103), where the key pair comprises a TRM public key (150) and a TRM private key (190); retrieving the TRM public key from the TRM; encrypting a portion of the software application using the TRM public key (150); transmitting the encrypted software application to the TRM (103); and recovering and decrypting the encrypted software application using the TRM private key (190).

105 Citations

View as Search Results

25 Claims

1. A method for processing a data transmission, said method comprising the steps of:
- receiving said data transmission, said data transmission comprising an executable software application encrypted with a first key, and a key transformation unit (KTU) encrypted with a second key, wherein said executable software application comprises at least one encrypted portion having an associated location, and said KTU comprises said first key and a location indicator for said associated location;
  
  decrypting said KTU onto a tamper resistant module (TRM) to recover said first key and said location indicator;
  
  identifying said encrypted portion associated with said associated location;
  
  decrypting said encrypted portion of said executable software application onto said TRM using said first key for each encrypted portion; and
  
  storing said decrypted executable software application in memory of said TRM for subsequent execution.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein said second key is from a public key and private key set used in asymmetric encryption.
  - 3. The method of claim 1, wherein said KTU further indicates a technique used to encrypt said portion of said executable software application.
  - 4. The method of claim 1, further comprising the step of enciphering a second portion of said executable software application independently of said encrypted portion of said executable software application.
  - 5. The method of claim 4, wherein said second portion is encrypted using a second encryption technique, and said KTU indicates said second encryption technique.
  - 6. The method of claim 4, wherein said second portion is encrypted using a second key, and said KTU indicates said second key.
  - 7. The method of claim 4, wherein said KTU comprises a second location indicator for said second portion of said executable software application.
  - 8. The method of claim 1, wherein said KTU indicates an associated location for each portion of said executable application.
  - 9. The method of claim 1, further comprising the steps of:
    - providing a software application provider (SAP) with an SAP public key and an SAP private key;
      
      providing a certification authority (CA) with a CA public key and a CA private key;
      
      signing said SAP public key using said CA private key to produce an application load certificate;
      
      further encrypting said encrypted application using said SAP private key to produce a signed application; and
      
      transmitting said signed application and said application load certificate to said TRM.
  - 10. The method of claim 9, further comprising the step of said TRM verifying said application load certificate with said CA public key.
  - 11. The method of claim 10, further comprising the step of verifying the signed application using said SAP public key from said application load certificate to produce a verified application unit.
  - 12. The method of claim 11, wherein said verified application unit is compared to said application unit to determine whether said verified application unit and said application unit are equivalent.

13. Apparatus for processing a data transmission, said apparatus comprising:
- means for receiving said data transmission, said data transmission comprising an executable software application encrypted with a first key, and a key transformation unit (KTU) encrypted with a second key, wherein said executable software application comprises an encrypted portion having an associated location, and said KTU comprises said first key and a location indicator for said associated location;
  
  means for decrypting said KTU onto a tamper resistant module (TRM) to recover said first key and said location indicator;
  
  means for identifying said encrypted portion;
  
  means for decrypting said encrypted portion onto said TRM using said first key for said encrypted portion; and
  
  means for storing said decrypted executable software application in memory of said TRM for subsequent execution.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 14. The apparatus of claim 13, wherein said second key is from a public key and private key set used in asymmetric encryption.
  - 15. The apparatus of claim 13, wherein said KTU further indicates a technique used to encrypt said encrypted portion.
  - 16. The apparatus of claim 13, further comprising means for enciphering a second portion of said executable software application independently of said encrypted portion.
  - 17. The apparatus of claim 16, wherein said second portion is encrypted using a second encryption technique, and said KTU indicates said second encryption technique.
  - 18. The apparatus of claim 16, wherein said second portion is encrypted using a second key, and said KTU indicates said second key.
  - 19. The apparatus of claim 16, wherein said KTU comprises a location indicator for said second portion.
  - 20. The apparatus of claim 16, wherein said KTU comprises a location indicator for an associated location corresponding to each portion.
  - 21. The apparatus of claim 16, further comprising:
    - a certification authority (CA) arrangement providing a respective CA public key; and
      
      means for verifying an application load certificate using the CA public key.
  - 22. The apparatus of claim 21, further comprising means for providing a software application provider with an SAP public key for verifying the signed encrypted application using said SAP public key located in said verified application load certificate.
  - 23. The apparatus of claim 22, wherein said verified application signature is compared to said encrypted application to determine whether they are equivalent.

24. A method for processing a data transmission, said method comprising the steps of:
- receiving said data transmission, said data transmission comprising an executable software application encrypted with a first key, and a key transformation unit (KTU) encrypted with a second key, wherein said executable software application comprises an encrypted portion having an associated location, and said KTU comprises said first key and a location indicator for said associated location;
  
  decrypting said KTU onto a personal computer (PC) having at least one tamper resistant module (TRM) to recover said first key and said location indicator;
  
  identifying said encrypted portion;
  
  decrypting said encrypted portion of said executable software application onto a combination of PC and TRM (PC/TRM) using said first key for said encrypted portion; and
  
  storing said decrypted executable software application in memory of said PC/TRM for subsequent execution.

25. Apparatus for processing a data transmission, said apparatus comprising:
- means for receiving said data transmission, said data transmission comprising an executable software application encrypted with a first key, and a key transformation unit (KTU) encrypted with a second key, wherein said executable software application comprises an encrypted portion having an associated location, and said KTU comprises said first key and a location indicator for said associated location;
  
  means for decrypting said KTU onto a personal computer (PC) having at least one tamper resistant module (TRM), a PC and TRM combination (PC/TRM) being operable to recover said first key and said location indicator;
  
  means for identifying said encrypted portion;
  
  means for decrypting said encrypted portion onto said PC/TRM using said first key for said encrypted portion; and
  
  means for storing said decrypted portion in memory of said PC/TRM for subsequent execution.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Multos Ltd
Original Assignee
Multos Ltd
Inventors
Simmons, Ian, Miller, Stuart, Everett, David, Viner, John, Richards, Timothy, Peacham, Anthony

Granted Patent

US 7,730,311 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/194
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/57   Certifying or maintaining t...

G06F 21/77   in smart cards

G06F 2221/2115   Third party

G06K 19/0719   at least one of the integra...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/355   Personalisation of cards fo...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/3574   Multiple applications on card

G06Q 20/35765   Access rights to memory zones

G06Q 20/4097   using mutual authentication...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/3263   involving certificates, e.g...

Key transformation unit for a tamper resistant module

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Key transformation unit for a tamper resistant module

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links