METHOD AND SYSTEM FOR SECURELY STORING AND USING PRIVATE CRYPTOGRAPHIC KEYS

US 20160218873A1
Filed: 01/22/2016
Published: 07/28/2016
Est. Priority Date: 01/22/2015
Status: Active Application

First Claim

Patent Images

1. A computer-implemented method for securely storing and using private cryptographic keys utilizing a cryptographic system comprising an online computer, an offline computer, a first communication device, a second communication device, an inner Faraday cage housing the offline computer and the second communication device, and an outer Faraday cage housing the online computer, the first communication device, and the inner Faraday cage, the method comprising the steps of:

(a) transmitting a cryptographic operation request requiring a private key in an electrical signal from the online computer to the first communication device;

(b) converting, by the first communication device, the electrical signal received from the online computer into an optical signal, and transmitting the optical signal from the first communication device outside the inner Faraday cage to the second communication device inside the inner Faraday cage;

(c) converting, by the second communication device, the optical signal received from the first communication device into an electrical signal, and transmitting the electrical signal to the offline computer;

(d) performing, by the offline computer, the cryptographic operation request, and transmitting a result of the cryptographic operation request to the second communication device in an electrical signal;

(e) converting, by the second communication device, the electrical signal received from the offline computer into an optical signal, and transmitting the optical signal to the first communication device; and

(f) converting, by the first communication device, the optical signal received from the second communication device into an electrical signal, and transmitting the electrical signal to the online computer; and

(g) processing, by the online computer, the electrical signal received from the first communication device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic system includes an online computer, an offline computer and custom hardware and software by which the two computers can securely communicate to facilitate the creation, secure use, and maintenance of private cryptographic keys. The system securely stores private cryptographic keys while still enabling the keys to be quickly and easily accessed as needed in a variety of applications including, but not limited to, electronic financial transactions, cryptographic transaction processing, medical record access, email encryption, or any other cryptographic authentication process.

11 Citations

View as Search Results

17 Claims

1. A computer-implemented method for securely storing and using private cryptographic keys utilizing a cryptographic system comprising an online computer, an offline computer, a first communication device, a second communication device, an inner Faraday cage housing the offline computer and the second communication device, and an outer Faraday cage housing the online computer, the first communication device, and the inner Faraday cage, the method comprising the steps of:
- (a) transmitting a cryptographic operation request requiring a private key in an electrical signal from the online computer to the first communication device;
  
  (b) converting, by the first communication device, the electrical signal received from the online computer into an optical signal, and transmitting the optical signal from the first communication device outside the inner Faraday cage to the second communication device inside the inner Faraday cage;
  
  (c) converting, by the second communication device, the optical signal received from the first communication device into an electrical signal, and transmitting the electrical signal to the offline computer;
  
  (d) performing, by the offline computer, the cryptographic operation request, and transmitting a result of the cryptographic operation request to the second communication device in an electrical signal;
  
  (e) converting, by the second communication device, the electrical signal received from the offline computer into an optical signal, and transmitting the optical signal to the first communication device; and
  
  (f) converting, by the first communication device, the optical signal received from the second communication device into an electrical signal, and transmitting the electrical signal to the online computer; and
  
  (g) processing, by the online computer, the electrical signal received from the first communication device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the cryptographic operation comprises generating a public/private key pair, outputting the public key to the online computer, and storing the private key, or signing an electronic transaction request.
  - 3. The method of claim 1, further comprising validating each incoming electrical and optical signal by the first communication device and the second communication device.
  - 4. The method of claim 3, wherein validating each incoming electrical and optical signal is performed based on length, timing, and a unique identifier assigned to the request.
  - 5. The method of claim 1, further comprising generating and appending a unique one-time machine authentication code to the request by the first communication device.
  - 6. The method of claim 1, further comprising validating the electrical signal received from the second communication device prior to performing the cryptographic operation request by the offline computer in step (d).
  - 7. The method of claim 1, further comprising determining, by the second communication device, whether the electrical signal received from the offline computer in step (e) is white listed, has arrived in order, is properly formatted, and is on time, before converting the electrical signal to an optical signal.
  - 8. The method of claim 1, further comprising validating the electrical signal received from the first communication device prior to processing the electrical signal received from the second communication device by the online computer in step (e).
  - 9. The method of claim 1, wherein the inner Faraday cage and the outer Faraday cage each include concrete walls reinforced with stainless steel rebar to reduce magnetic resonance and lined with isolated layers of copper sheet and Mu-metal to inhibit electromagnetic leakage.

10. A cryptographic system for securely storing and using private cryptographic keys, comprising:
- an online computer for receiving or originating a cryptographic operation request requiring a private key;
  
  a first communication device connected to the online computer for transmission of electrical signals therebetween;
  
  a second communication device connected to the first communication device for transmission of optical signals therebetween;
  
  an offline computer for performing the cryptographic operation to generate a result, said offline computer connected to the second communication device for transmission of electrical signals therebetween;
  
  an inner Faraday cage housing the offline computer and the second communication device; and
  
  an outer Faraday cage housing the online computer, the first communication device, and the inner Faraday cage in a nested arrangement;
  
  wherein the online computer transmits the cryptographic operation request to the offline computer and the offline computer transmits the result of the cryptographic operation to the online computer only across the first communication device and the second communication device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The cryptographic system of claim 10, wherein the first communication device and the second communication device each include serial-optical converters for converting electrical signals to optical signals and optical signals to electrical signals.
  - 12. The cryptographic system of claim 10, wherein the cryptographic operation comprises generating a public/private key pair, outputting the public key to the online computer, and storing the private key, or signing an electronic transaction request.
  - 13. The cryptographic system of claim 10, wherein the first communication device and the second communication device are configured to validate each electrical signal and optical signal received by said device.
  - 14. The cryptographic system of claim 13, wherein the online computer, the first communication device, the second communication device, and the offline computer are configured to validate each incoming electrical or optical signal.
  - 15. The cryptographic system of claim 10, wherein the first communication device is configured to generate and append a unique one-time machine authentication code to the request received from the online computer.
  - 16. The cryptographic system of claim 10, wherein the second communication device is configured to determine whether an electrical signal received from the offline computer is white listed, has arrived in order, is properly formatted, and is on time, before converting the electrical signal to an optical signal.
  - 17. The cryptographic system of claim 10, wherein the inner Faraday cage and the outer Faraday cage each include concrete walls reinforced with stainless steel rebar to reduce magnetic resonance and lined with isolated layers of copper sheet and Mu-metal to inhibit electromagnetic leakage.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vermont Secure Computing, Inc.
Original Assignee
Vermont Secure Computing, Inc.
Inventors
Spiro, Ian, Segal, Samuel I.

Application Number

US15/004,655
Publication Number

US 20160218873A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/602   Providing cryptographic fac...

G06F 2221/2153   Using hardware token as a s...

H04L 9/0894   Escrow, recovery or storing...

METHOD AND SYSTEM FOR SECURELY STORING AND USING PRIVATE CRYPTOGRAPHIC KEYS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

11 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR SECURELY STORING AND USING PRIVATE CRYPTOGRAPHIC KEYS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links