SYSTEM FOR AND METHOD OF CRYPTOGRAPHIC PROVISIONING
First Claim
Patent Images
1. A method of provisioning a module with cryptographic parameters, wherein the module comprises a first nonvolatile memory, a second nonvolatile memory and a processor, the method comprising:
- storing a first cryptographic key in at least one of the first nonvolatile memory and the second nonvolatile memory; and
storing a first program encrypted using the first cryptographic key in at least one of the first nonvolatile memory and the second nonvolatile memory, wherein the first program is configured to;
generate, within the module and using the processor, a second cryptographic key and a third cryptographic key;
encrypt, within the module, the second cryptographic key using the third cryptographic key, whereby encrypting the second cryptographic key with the third cryptographic key generates an encrypted second cryptographic key and a first authenticator;
store, within the first nonvolatile memory, the encrypted second cryptographic key and the first authenticator; and
store, within the second nonvolatile memory, the third cryptographic key.
2 Assignments
0 Petitions
Accused Products
Abstract
A system for and method of securely provisioning a module with cryptographic parameters, such as cryptographic keys and key tables, is presented. Such modules may be used to enable encrypted communications between mobile phones to which they are coupled. The system and method prevent a malevolent individual involved in manufacturing the modules from compromising the security of the module. In particular, the modules are provisioned by an entity different from the manufacturer.
-
Citations
15 Claims
-
1. A method of provisioning a module with cryptographic parameters, wherein the module comprises a first nonvolatile memory, a second nonvolatile memory and a processor, the method comprising:
-
storing a first cryptographic key in at least one of the first nonvolatile memory and the second nonvolatile memory; and storing a first program encrypted using the first cryptographic key in at least one of the first nonvolatile memory and the second nonvolatile memory, wherein the first program is configured to; generate, within the module and using the processor, a second cryptographic key and a third cryptographic key; encrypt, within the module, the second cryptographic key using the third cryptographic key, whereby encrypting the second cryptographic key with the third cryptographic key generates an encrypted second cryptographic key and a first authenticator; store, within the first nonvolatile memory, the encrypted second cryptographic key and the first authenticator; and store, within the second nonvolatile memory, the third cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for provisioning a module with cryptographic parameters, wherein the module comprises a first nonvolatile memory, a second nonvolatile memory and a processor, the system comprising:
-
means for storing a first cryptographic key in at least one of the first nonvolatile memory and the second nonvolatile memory; and means for storing a first program encrypted using the first cryptographic key in at least one of the first nonvolatile memory and the second nonvolatile memory, wherein the first program is configured to; generate, within the module and using the processor, a second cryptographic key and a third cryptographic key; encrypt, within the module, the second cryptographic key using the third cryptographic key, whereby encrypting the second cryptographic key with the third cryptographic key generates an encrypted second cryptographic key and a first authenticator; store, within the first nonvolatile memory, the encrypted second cryptographic key and the first authenticator; and store, within the second nonvolatile memory, the third cryptographic key. - View Dependent Claims (11, 12, 13, 14, 15)
-
Specification