Enhanced cryptographic system and method with key escrow feature

US 5,799,086 A
Filed: 02/19/1997
Issued: 08/25/1998
Est. Priority Date: 01/13/1994
Status: Expired due to Term

First Claim

Patent Images

1. A method of authorizing a trusted device to conduct an electronic transaction between a first user and a second party, and providing assurance that said trusted device will engage in said electronic transaction in accordance with predetermined rules which cannot be changed by said user, said method comprising:

electronically transmitting from said trusted device to a third party a request for authorization to engage in said electronic transaction, said request including the identity of said trusted device;

determining, by said third party, that said trusted device should be authorized to engage in said transaction at least in part in accordance with a determination that said trusted device will operate only in accordance with said rules;

electronically transmitting from said third party to said trusted device authorization to engage in said electronic transaction, said authorization including certification that said third party provided said authorization;

electronically transmitting from said trusted device to said second party said certification as assurance that said trusted device is authorized to engage in said electronic transaction and will do so only in accordance with said rules;

electronically transmitting transaction data from said trusted device to said second party in accordance with said rules.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic system with key escrow feature that uses a method for verifiably splitting user'"'"'s private encryption keys into components and for sending those components to trusted agents chosen by the particular users is provided. The system uses public key certificate management, enforced by a chip device that also self-certifies. The methods for key escrow and receiving an escrow certificate are applied to register a trusted device with a trusted third party and to receive authorization from that party enabling the device to communicate with other trusted devices. The methods for key escrow also provide assurance that a trusted device will engage in electronic transactions in accordance with predetermined rules.

437 Citations

12 Claims

1. A method of authorizing a trusted device to conduct an electronic transaction between a first user and a second party, and providing assurance that said trusted device will engage in said electronic transaction in accordance with predetermined rules which cannot be changed by said user, said method comprising:
- electronically transmitting from said trusted device to a third party a request for authorization to engage in said electronic transaction, said request including the identity of said trusted device;
  
  determining, by said third party, that said trusted device should be authorized to engage in said transaction at least in part in accordance with a determination that said trusted device will operate only in accordance with said rules;
  
  electronically transmitting from said third party to said trusted device authorization to engage in said electronic transaction, said authorization including certification that said third party provided said authorization;
  
  electronically transmitting from said trusted device to said second party said certification as assurance that said trusted device is authorized to engage in said electronic transaction and will do so only in accordance with said rules;
  
  electronically transmitting transaction data from said trusted device to said second party in accordance with said rules.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. A method as in claim 1 wherein said authorization transmitting step includes the step of transmitting said rules from said third party to said trusted device.
  - 3. A method as in claim 1 wherein said trusted device contains said rules prior to said authorization transmitting step.
  - 4. A method as in claim 1 wherein said authorization transmitting step includes the step of appending a digital signature of said third party to said certification.
  - 5. A method as in claim 1 wherein said request transmitting step includes the step of transmitting certification of said identity of said trusted device digitally signed by a manufacturer of said trusted device.
  - 6. A method as in claim 1 wherein said determining step includes the step of determining whether said trusted device is tamper-resistant based upon said identity of said trusted device.
  - 7. A method as in claim 1 wherein said trusted device has associated with it a public key and a private key of an asymmetric cryptosystem and said request transmitting step includes the step of transmitting said device public key to said third party.
  - 8. A method as in claim 1 wherein said trusted device has associated with it a first key and a second key of an asymmetric cryptosystem and said step of transmitting transaction data to said second party includes a step of appending a digital signature of said trusted device created with said first key.
  - 9. A method as in claim 5 wherein said identity certification includes a public key of a public-private key pair for said trusted device and said request transmitting step includes appending a digital signature of said trusted device created with said device private key to said request so that said third party can confirm that said request came from said trusted device.
  - 10. A method as in claim 8 wherein said step of transmitting transaction data to said second party includes a step of transmitting said second key to said second party.
  - 11. A method as in claim 8 wherein said first and second device keys are private and public keys respectively.
  - 12. A method as in claim 10 wherein said first and second device keys are private and public keys respectively.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Certco
Original Assignee
Certco
Inventors
Sudia, Frank Wells
Primary Examiner(s)
Barron, Jr., Gilberto

Application Number

US08/803,176
Time in Patent Office

552 Days
Field of Search

380/30, 380/23
US Class Current

705/76
CPC Class Codes

G06F 7/725   over elliptic curves

G06Q 20/02   involving a neutral party, ...

G06Q 20/3821   Electronic credentials

G06Q 20/3829   involving key management

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0844   with user authentication or...

H04L 9/085   Secret sharing or secret sp...

H04L 9/088   Usage controlling of secret...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Enhanced cryptographic system and method with key escrow feature

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

437 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced cryptographic system and method with key escrow feature

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

437 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links