Method and Apparatus for Dynamic Generation of Symmetric Encryption Keys and Exchange of Dynamic Symmetric Key Infrastructure
First Claim
Patent Images
1. A method (50) for generating dynamic encryption keys for encrypting data files using detachable token devices, comprising:
- (a) coupling (54) a detachable token device (30) to a computer (14), wherein said token device comprises symmetric shared secrets previously embedded in a key storage region (39), and an on-board processor (32) for advanced encryption standard (AES) processing (70);
(b) using said computer (14) to generate (58) a challenge in the form of a number chosen from the group consisting of a challenge puzzle, a key ID, a random number, and a user code;
(c) transmitting (58) the challenge to the token device (30);
(d) using said token device to generate (68) an encrypted puzzle key responsive to receipt of the challenge and said symmetric shared secrets;
(e) using said token device to generate a dynamic file key (71) based upon the encrypted puzzle key and challenge;
(f) encrypting a data file with the dynamic file key after decomposing said file into data blocks (74) and generating encrypted data blocks (74E); and
(g) appending decryption information (78) to an encrypted data file (53E).
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for dynamically generating data encryption keys for encrypting data files and for decrypting encrypted data files via a key exchange method is provided. A dynamically generated an encryption key is generated for each encryption event, so that the key cannot be produced or reproduced. A key exchange component of the invention ensures that only an intended recipient has the means to decrypt a file encrypted with the dynamically generated symmetric encryption keys.
-
Citations
11 Claims
-
1. A method (50) for generating dynamic encryption keys for encrypting data files using detachable token devices, comprising:
-
(a) coupling (54) a detachable token device (30) to a computer (14), wherein said token device comprises symmetric shared secrets previously embedded in a key storage region (39), and an on-board processor (32) for advanced encryption standard (AES) processing (70); (b) using said computer (14) to generate (58) a challenge in the form of a number chosen from the group consisting of a challenge puzzle, a key ID, a random number, and a user code; (c) transmitting (58) the challenge to the token device (30); (d) using said token device to generate (68) an encrypted puzzle key responsive to receipt of the challenge and said symmetric shared secrets; (e) using said token device to generate a dynamic file key (71) based upon the encrypted puzzle key and challenge; (f) encrypting a data file with the dynamic file key after decomposing said file into data blocks (74) and generating encrypted data blocks (74E); and (g) appending decryption information (78) to an encrypted data file (53E). - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method to dynamically generate symmetric encryption keys for encrypting data files, comprising:
-
providing a computer and a detachable hardware token that can connect to the computer; said hardware token comprising a token encryption processor and token memory, said token memory comprising a previously entered shared secret and a token identification number; said computer comprising a computer processor, computer memory, and encryption software; wherein said computer encryption software generates a challenge and transmits it to the hardware token, and wherein said hardware token uses this challenge, the previously entered shared secret, and the token encryption processor, to dynamically generate a symmetric encryption key. - View Dependent Claims (7, 8, 9, 10, 11)
-
Specification