SYSTEM AND METHOD FOR MANAGING SECURE INFORMATION WITHIN A HYBRID PORTABLE COMPUTING DEVICE

US 20120054498A1
Filed: 08/24/2010
Published: 03/01/2012
Est. Priority Date: 08/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method for managing secure information within a portable computing device, the method comprising:

initializing a program module of a central processing unit for communicating with a secure element that is part of the portable computing device;

receiving a password for gaining access to the secure element;

initializing a password based encryption algorithm with the password;

establishing a secure communication channel between the secure element and the central processing unit based on the password based encryption algorithm; and

if the password is incorrect, then determining if a predetermined threshold number of password attempts has been achieved.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for managing secure information within a portable computing device are disclosed. The portable computing device includes a program module for communicating with a secure element that is part of the portable computing device. The secure element may receive messages utilizing the decrypted crypto keys derived from a non-padded cipher in order to establish a secure communications channel. The secure element may store at least one of a substantial encryption key for server authentication and a substantial encryption key for decrypting encrypted data stored locally within the portable computing device. If an incorrect password is entered after a predetermined number of times, the secure element may activate security measures which may permanently disable the secure element. To establish secure communications between the secure element and a CPU of the portable computing device, a password based encryption algorithm utilizing a non-padded cipher may be employed.

29 Citations

View as Search Results

40 Claims

1. A method for managing secure information within a portable computing device, the method comprising:
- initializing a program module of a central processing unit for communicating with a secure element that is part of the portable computing device;
  
  receiving a password for gaining access to the secure element;
  
  initializing a password based encryption algorithm with the password;
  
  establishing a secure communication channel between the secure element and the central processing unit based on the password based encryption algorithm; and
  
  if the password is incorrect, then determining if a predetermined threshold number of password attempts has been achieved.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising activating one or more security measures if the predetermined threshold number of incorrect password attempts has been achieved.
  - 3. The method of claim 2, wherein the one or more security measures comprises permanent disablement of the secure element.
  - 4. The method of claim 1, further comprising granting access to the secure element which comprises at least one of a substantial encryption key for server authentication and a substantial encryption key for decrypting encrypted data stored locally within the portable computing device.
  - 5. The method of claim 1, further comprising using the password for encrypting one or more cryptographic keys.
  - 6. The method of claim 1, wherein the password based encryption correction algorithm utilizes a non-padded cipher.
  - 7. The method of claim 1, further comprising one of authenticating the portable computing device to a server with a substantial encryption key for server authentication and decrypting encrypted data stored locally within the portable computing device with a substantial encryption key for decrypting data stored locally.
  - 8. The method of claim 7, wherein the substantial encryption key comprises an asymmetric key having a bit length of greater than or equal to 1024 bits.
  - 9. The method of claim 7, wherein the substantial encryption key comprises a symmetric key having a bit length of greater than or equal to 80 bits.
  - 10. The method of claim 1, wherein the portable computing device comprises at least one of a mobile telephone, a personal digital assistant, a pager, a smartphone, and a hand-held computer with a wireless connection or link.

11. A computer system for managing secure information within a portable computing device, the system comprising:
- a processor operable to;
  
  initialize a program module of a central processing unit for communicating with a secure element that is part of the portable computing device;
  
  initialize a password based encryption algorithm with the password;
  
  establish a secure communication channel between the secure element and the central processing unit based on the password based encryption algorithm if the password is correct; and
  
  determine if a predetermined threshold number of password attempts has been achieved if the password is incorrect.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The system of claim 11, wherein the processor is further operable to activate one or more security measures if the predetermined threshold number of incorrect password attempts has been achieved.
  - 13. The system of claim 12, wherein the one or more security measures comprises permanent disablement of the secure element.
  - 14. The system of claim 11, wherein the processor operable to grant access to the secure element which comprises at least one of a substantial encryption key for server authentication and a substantial encryption key for decrypting encrypted data stored locally within the portable computing device.
  - 15. The system of claim 14, wherein the processor is operable to use the password for encrypting one or more cryptographic keys.
  - 16. The system of claim 15, wherein the password based encryption correction algorithm utilizes a non-padded cipher.
  - 17. The system of claim 11, wherein the processor is further operable to:
    - authenticate the portable computing device to a server with a substantial encryption key for server authentication and decrypt encrypted data stored locally within the portable computing device with a substantial encryption key for decrypting data stored locally.
  - 18. The system of claim 17, wherein the substantial encryption key comprises an asymmetric key having a bit length of greater than or equal to 1024 bits.
  - 19. The system of claim 17, wherein the substantial encryption key comprises a symmetric key having a bit length of greater than or equal to 80 bits.
  - 20. The system of claim 11, wherein the portable computing device comprises at least one of a mobile telephone, a personal digital assistant, a pager, a smartphone, a navigation device, and a hand-held computer with a wireless connection or link.

21. A computer system for managing secure information within a portable computing device, the system comprising:
- means for initializing a program module of a central processing unit for communicating with a secure element that is part of the portable computing device;
  
  means for receiving a password for gaining access to the secure element;
  
  means for initializing a password based encryption algorithm with the password;
  
  means for establishing a secure communication channel between the secure element and the central processing unit based on the password based encryption algorithm; and
  
  means for determining if a predetermined threshold number of password attempts has been achieved if the password is incorrect.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 22. The system of claim 21, further comprising means for activating one or more security measures if the predetermined threshold number of incorrect password attempts has been achieved.
  - 23. The system of claim 22, wherein the one or more security measures comprises permanent disablement of the secure element.
  - 24. The system of claim 21, further comprising means for granting access to the secure element which comprises at least one of a substantial encryption key for server authentication and a substantial encryption key for decrypting encrypted data stored locally within the portable computing device.
  - 25. The system of claim 21, wherein the means for establishing a secure communication channel between the secure element and the central processing unit further comprises means for using the password for encrypting one or more cryptographic keys.
  - 26. The method of claim 21, wherein the password based encryption correction algorithm has a non-padded cipher.
  - 27. The system of claim 21, further comprising at least one of means for authenticating the portable computing device to a server with a substantial encryption key for server authentication and means for decrypting encrypted data stored locally within the portable computing device with a substantial encryption key for decrypting data stored locally.
  - 28. The system of claim 27, wherein the substantial encryption key comprises an asymmetric key having a bit length of greater than or equal to 1024 bits.
  - 29. The system of claim 27, wherein the substantial encryption key comprises a symmetric key having a bit length of greater than or equal to 80 bits.
  - 30. The system of claim 21, wherein the portable computing device comprises at least one of a mobile telephone, a personal digital assistant, a pager, a smartphone, a navigation device, and a hand-held computer with a wireless connection or link.

31. A computer program product comprising a computer usable medium having a computer readable program code embodied therein, said computer readable program code adapted to be executed to implement a method for managing secure information within a portable computing device, said method comprising:
- initializing a program module of a central processing unit for communicating with a secure element that is part of the portable computing device;
  
  receiving a password for gaining access to the secure element;
  
  initializing a password based encryption algorithm with the password;
  
  establishing a secure communication channel between the secure element and the central processing unit based on the password based encryption algorithm; and
  
  if the password is incorrect, then determining if a predetermined threshold number of password attempts has been achieved.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 32. The computer program product of claim 31, wherein the program code implementing the method further comprises activating one or more security measures if the predetermined threshold number of incorrect password attempts has been achieved.
  - 33. The computer program product of claim 32, wherein the one or more security measures comprises permanent disablement of the secure element.
  - 34. The computer program product of claim 31, wherein the program code implementing the method further comprises granting access to the secure element which comprises at least one of a substantial encryption key for server authentication and a substantial encryption key for decrypting encrypted data stored locally within the portable computing device.
  - 35. The computer program product of claim 34, wherein the program code implementing the method further comprises using the password for encrypting one or more cryptographic keys.
  - 36. The computer program product of claim 31, wherein the program code implementing the method further comprises utilizing a non-padded cipher in the password based encryption algorithm.
  - 37. The computer program product of claim 31, wherein the program code implementing the method further comprises:
    - one of authenticating the portable computing device to a server with a substantial encryption key for server authentication and decrypting encrypted data stored locally within the portable computing device with a substantial encryption key for decrypting data stored locally.
  - 38. The computer program product of claim 37, wherein the substantial encryption key comprises an asymmetric key having a bit length of greater than or equal to 1024 bits.
  - 39. The computer program product of claim 37, wherein the wherein the substantial encryption key comprises a symmetric key having a bit length of greater than or equal to 80 bits.
  - 40. The computer program product of claim 31, wherein the portable computing device comprises at least one of a mobile telephone, a personal digital assistant, a pager, a smartphone, a navigation device, and a hand-held computer with a wireless connection or link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Rickman, Gregory M.

Granted Patent

US 8,700,908 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/72   in cryptographic circuits

H04W 12/12   Detection or prevention of ...

H04W 12/37   Managing security policies ...

SYSTEM AND METHOD FOR MANAGING SECURE INFORMATION WITHIN A HYBRID PORTABLE COMPUTING DEVICE

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

40 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR MANAGING SECURE INFORMATION WITHIN A HYBRID PORTABLE COMPUTING DEVICE

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

40 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others