APPARATUS AND METHOD FOR SECURE DELIVERY OF DATA UTILIZING ENCRYPTION KEY MANAGEMENT
First Claim
Patent Images
1. A method comprising:
- obtaining, by a remote management server, a master key;
obtaining, by the remote management server, derivation data associated with an end user device;
applying, by the remote management server, a one-way function to the master key and the derivation data to generate a derived encryption key; and
providing, by the remote management server over a network, the derived encryption key to a universal integrated circuit card of the end user device to enable the universal integrated circuit card to generate a temporary encryption key for encrypting data,wherein the master key is not provided by the remote management server to the end user device.
1 Assignment
0 Petitions
Accused Products
Abstract
A device that incorporates the subject disclosure may perform, for example, receiving a derived encryption key from a remote management server without receiving a master key from which the derived encryption key was generated, applying a one-way function to the derived encryption key and a nonce to generate a temporary encryption key, obtaining data for transmission to a recipient device, encrypting the data using the temporary encryption key to generate encrypted data, and providing the encrypted data over a network to the recipient device. Other embodiments are disclosed.
-
Citations
20 Claims
-
1. A method comprising:
-
obtaining, by a remote management server, a master key; obtaining, by the remote management server, derivation data associated with an end user device; applying, by the remote management server, a one-way function to the master key and the derivation data to generate a derived encryption key; and providing, by the remote management server over a network, the derived encryption key to a universal integrated circuit card of the end user device to enable the universal integrated circuit card to generate a temporary encryption key for encrypting data, wherein the master key is not provided by the remote management server to the end user device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A communication device comprising:
-
a secure element having a secure element memory that stores first executable instructions that, when executed by the secure element, facilitate performance of first operations, comprising; receiving a derived encryption key from a remote management server without receiving a master key from which the derived encryption key was generated; and applying a one-way function to the derived encryption key and a nonce to generate a temporary encryption key; a secure device processor having a secure device processor memory that stores second executable instructions that, when executed by the secure device processor, facilitate performance of second operations, comprising; receiving the temporary encryption key from the secure element without receiving the derived encryption key; obtaining data for transmission to a recipient device; encrypting the data using the temporary encryption key to generate encrypted data; and providing the encrypted data over a network to the recipient device, wherein the secure device processor is separate from the secure element and in communication with the secure element. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
receiving, by a communication device comprising a processor, a derived encryption key from a remote management server without receiving a master key from which the derived encryption key was generated; applying, by the communication device, a one-way function to the derived encryption key and a nonce to generate a temporary encryption key; obtaining, by the communication device, data for transmission to a recipient device; encrypting, by the communication device, the data using the temporary encryption key to generate encrypted data; and providing, by the communication device, the encrypted data over a network to the recipient device. - View Dependent Claims (18, 19, 20)
-
Specification