Electronic keying scheme for locking data

US 4,944,008 A
Filed: 02/18/1988
Issued: 07/24/1990
Est. Priority Date: 02/18/1988
Status: Expired due to Term

First Claim

Patent Images

1. In a digital processing system for providing security of data stored in the system, apparatus for protecting data in a memory of the system comprising:

key means for storing a psuedorandom combination number, said key means corresponding to a key holder;

first memory means for storing encrypted data;

second memory means for storing decrypted data, corresponding to said encrypted data;

decryption/encryption means connected between said first memory means and said second memory means, said decryption/encryption means operating to encrypt data for storage in said first memory means and further operating to decrypt data for storage in said second memory means;

control means connected to said key means and to said decryption/encryption means, said control means operating in response to said pseudorandom combination number of said key means to produce a key variable to allow said decryption of data of said first memory means for access by said key holder to said second memory means; and

said control means further operating to write a second psuedorandom combination number in said key means for subsequent accesses by said key holder.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data locking system which modifies data in accordance with a renewable key variable derived from the exclusive ORing of a pseudorandom combination number from an external source means with an altered key variable.

108 Citations

15 Claims

1. In a digital processing system for providing security of data stored in the system, apparatus for protecting data in a memory of the system comprising:
- key means for storing a psuedorandom combination number, said key means corresponding to a key holder;
  
  first memory means for storing encrypted data;
  
  second memory means for storing decrypted data, corresponding to said encrypted data;
  
  decryption/encryption means connected between said first memory means and said second memory means, said decryption/encryption means operating to encrypt data for storage in said first memory means and further operating to decrypt data for storage in said second memory means;
  
  control means connected to said key means and to said decryption/encryption means, said control means operating in response to said pseudorandom combination number of said key means to produce a key variable to allow said decryption of data of said first memory means for access by said key holder to said second memory means; and
  
  said control means further operating to write a second psuedorandom combination number in said key means for subsequent accesses by said key holder.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. Apparatus for protecting data in a memory as claimed in claim 1, wherein said control means includes third memory means for storing said psuedorandom combination number corresponding to said key holder, said psuedorandom combination number being stored in said third memory means in an encrypted manner.
  - 3. Apparatus for protecting data in a memory as claimed in claim 1, wherein said control means further includes:
    - psuedorandom number generation means for generating first and second psuedorandom numbers, said psuedorandom number generating means being connected to said decryption/encryption means; and
      
      combining means connected to said psuedorandom number generating means, to said third memory means and to said key means, said combining means operating in response to said first and second psuedorandom numbers to produce said key variable encrypted by said first psuedorandom number.
  - 4. Apparatus for protecting data in a memory as claimed in claim 3, wherein there is further included means for connecting said psuedorandom number generation means to said key means, said means for connecting operating in response to said psuedorandom number generation means to write said second psuedorandom number, said key variable, to said key means.
  - 5. Apparatus for protecting data in a memory as claimed in claim 4, wherein there is further included clock means connected to said third memory means and to said means for connecting, said clock means operating to store a time stamp and a sequence number in said third memory means corresponding to said encrypted key variable of said key holder and further operating to store said time stamp and said sequence number in said key means.
  - 6. Apparatus for protecting data in a memory as claimed in claim 5, wherein said combining means includes exclusive-OR means.
  - 7. Apparatus for protecting data in a memory as claimed in claim 6, wherein there is further included:
    - a second key holder including second key means, said second key holder requesting access to said decrypted data of said second memory means; and
      
      means for updating connected to said psuedorandom number generation means, to said means for connecting and to said third memory means, said means for updating said key variable of said second key holder to encrypt said key variable with said first psuedorandom number generated for said first key holder.
  - 8. Apparatus for protecting data in a memory as claimed in claim 7, wherein said means for updating includes exclusive-OR means.

9. A method for protecting data in a memory of a digital processing system, said method for protecting data in a memory comprising the steps of:
- reading a first psuedorandom number from a key of a key holder;
  
  combining said key with an encrypted key stored in a first memory to produce a key variable;
  
  decrypting previously encrypted data stored in a second memory using said key variable;
  
  storing said decrypted data in a third memory, said decrypted data for use and modification by said key holder;
  
  generating first and second psuedorandom numbers;
  
  encrypting said previously decrypted data of said third memory with said first psuedorandom number;
  
  second storing said encrypted data in said second memory;
  
  forming an encrypted key variable from said first and second psuedorandom numbers; and
  
  third storing said second psuedorandom number in said key of said key holder.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. A method for protecting data in a memory as claimed in claim 9, wherein there is further included the step of fourth storing said encrypted key variable in said first memory corresponding to said key holder.
  - 11. A method for protecting data in a memory as claimed in claim 10, wherein there is further included the steps of:
    - second generating a time stamp and sequence number;
      
      fifth storing said time stamp and sequence number in said first memory and in said key of said key holder.
  - 12. A method for protecting data in a memory as claimed in claim 11, wherein said step of forming includes the step of exclusive-ORing said first and second psuedorandom numbers to produce said key variable, which corresponds to said first psuedorandom number encrypted by said second psuedorandom number.
  - 13. A method for protecting data in a memory as claimed in claim 12, wherein there is further included the step of updating the key variable of a second key corresponding to a second key holder by encrypting said key variable of said second key with said first pseudorandom number, which corresponds to key variable of said first key.
  - 14. A method for protecting data in a memory as claimed in claim 13, wherein said step of updating further includes the steps of:
    - reading said encrypted key variable of said first key from said first memory;
      
      decrypting said key variable from said encrypted key variable of said first key;
      
      second decrypting said second psuedorandom number of said second key;
      
      encrypting said second psuedorandom number of said second key with variable of said first key to form a new encrypted key variable for said second key holder; and
      
      storing said new encrypted key variable of said second key holder in said first memory corresponding to said second key; and
      
      second storing said second psuedorandom number of said second key in said second key of said second key holder.
  - 15. A method for protecting data in a memory as claimed in claim 14, wherein each of said steps of decrypting, second decrypting and encrypting include the step or exclusive-ORing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Dynamics C4 Systems Incorporated (General Dynamics Corporation)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Savage, Michael A., Worger, William R., Piosenka, Gerald V.
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
CAIN, DAVID C

Application Number

US07/157,002
Time in Patent Office

887 Days
Field of Search

380/46, 380/23, 380/25
US Class Current

380/46
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 2221/2107   File encryption

G07C 9/215   the system having a variabl...

Electronic keying scheme for locking data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic keying scheme for locking data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links