Cryptographic key management and validation system

US 5,812,666 A
Filed: 10/23/1995
Issued: 09/22/1998
Est. Priority Date: 03/31/1995
Status: Expired due to Term

First Claim

Patent Images

1. A Key Management System for generating, distributing and managing cryptographic keys used by a transaction evidencing device that employs cryptographic means to produce evidence of information integrity, the system comprising:

a plurality of functionally distinct secure boxes communicatively coupled to each other, each of said secure boxes including means for performing one of key management functions for key generation, key installation, key verification and verification of the evidence of information integrity produced by the transaction evidencing device;

computer means for providing system control, said computer means being communicatively coupled to said secure boxes and including means for facilitating communication among said secure boxes;

a plurality of separate logical security domains, each of said security domains providing domain processes for key generation, key installation, key verification and verification of the evidence of information integrity produced by said transaction evidencing device within said domain using said key management functions;

a plurality of domain archives communicatively coupled to said computer means and corresponding respectively to each of said security domains, said domain archives including means for recording key status records and master keys for each domain;

means for installing said master keys in the transaction evidencing device; and

means for verifying said evidence of information integrity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A Key Management System for generating, distributing and managing cryptographic keys used by an information transaction system that employs cryptographic means to produce evidence of information integrity. The system comprises a plurality of functionally distinct secure boxes operatively coupled to each other. Each of the secure boxes performs functions for key generation, key installation, key verification or validation of tokens. Computers, operatively coupled to the secure boxes, provide system control and facilitate communication among the secure boxes. A plurality of separate logical security domains provide domain processes for key generation, key installation, key verification and validation of tokens produced by the transaction evidencing device within the domain using the key management functions. A plurality of domain archives, corresponding respectively to each of the security domains, securely and reliably record key status records and master keys for each domain. The Key Management System installs the master keys in the transaction evidencing device and validates the tokens. The secure boxes include a key generation box for generating, encrypting and signing a master key; a key installation box for receiving, verifying and decrypting the signed master key and for installing the master key into the transaction evidencing device; a key verification box for verifying the installation of the master key in the transaction evidencing device, a token verification box for verifying the tokens, and at least one manufacturing box for generating domain keys and distributing the domain keys among the secure boxes for each of the domains.

Citations

35 Claims

1. A Key Management System for generating, distributing and managing cryptographic keys used by a transaction evidencing device that employs cryptographic means to produce evidence of information integrity, the system comprising:
- a plurality of functionally distinct secure boxes communicatively coupled to each other, each of said secure boxes including means for performing one of key management functions for key generation, key installation, key verification and verification of the evidence of information integrity produced by the transaction evidencing device;
  
  computer means for providing system control, said computer means being communicatively coupled to said secure boxes and including means for facilitating communication among said secure boxes;
  
  a plurality of separate logical security domains, each of said security domains providing domain processes for key generation, key installation, key verification and verification of the evidence of information integrity produced by said transaction evidencing device within said domain using said key management functions;
  
  a plurality of domain archives communicatively coupled to said computer means and corresponding respectively to each of said security domains, said domain archives including means for recording key status records and master keys for each domain;
  
  means for installing said master keys in the transaction evidencing device; and
  
  means for verifying said evidence of information integrity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The Key Management System of claim 1 wherein said secure boxes comprise:
    - a key generation box including means for generating, encrypting and signing a master key when a request for said master key is received from said computer means; and
      
      a key installation box communicatively coupled to said key generation box and said transaction evidencing device, said key installation box including means for receiving, verifying and decrypting said signed master key and means for installing said master key into said transaction evidencing device.
  - 3. The Key Management System of claim 2 wherein said secure boxes further comprise:
    - a key verification box communicatively coupled to said key generation box and said key installation box, said key verification box including means for verifying the installation of said master key in said transaction evidencing device.
  - 4. The Key Management System of claim 3 wherein said secure boxes further comprise:
    - a verification box communicatively coupled to said key verification box, said token verification box including means for verifying the evidence of information integrity.
  - 5. The Key Management System of claim 4 wherein said computer means comprises a first key management computer located at a first data center and communicatively coupled to said secure boxes, said first key management computer controlling communications among said secure boxes and said domain archives.
  - 6. The Key Management System of claim 5 wherein said computer means further comprises a key distribution computer located at a manufacturing site and communicatively coupled to said secure boxes and said first key management computer, said key distribution computer controlling distribution of said master keys for installation into said transaction evidencing device.
  - 7. The Key Management System of claim 6 wherein said computer means further comprises a second key management computer located at a second data center and communicatively coupled to said secure boxes, said first key management computer and said key distribution computer, said second key management computer monitoring the Key Management System and controlling said verification box located at said second data center.
  - 8. The Key Management System of claim 6 wherein said computer means further comprises a distributed key management computer communicatively coupled to said first key management computer and located at a verification site, and wherein said secure boxes further comprise a distributed verification box, said distributed key management computer controlling verification by said distributed verification box of the evidence of information integrity produced by said transaction evidencing device.
  - 9. The Key Management System of claim 8 wherein said transaction evidencing device produces temporal keys for generation of evidence of information integrity, and one of said secure boxes generates identical temporal keys and one of said key management computers distributes said temporal keys to said distributed key management computer.
  - 10. The Key Management System of claim 3 wherein said transaction evidencing device includes means for producing evidence of master key integrity and said key verification box verifies said master keys installed in said transaction evidencing device are identical to said master keys recorded in said domain archive using said evidence of master key integrity.
  - 11. The Key Management System of claim 2 wherein said key generation box assigns a unique key identifier and a key installation box to said master key, said key installation box verifying that said key identifier is fresh and said master key is assigned to said key installation box.
  - 12. The Key Management System of claim 2 wherein said key generation box includes means for producing evidence of master key integrity and said key installation box verifies said master keys installed in said transaction evidencing device using said evidence of master key integrity.
  - 13. The Key Management System of claim 1 wherein said secure boxes further comprise:
    - at least one manufacturing box communicatively coupled to said secure boxes, said manufacturing box including means for generating domain keys and distributing said domain keys among said secure boxes for each of said domains.
  - 14. The Key Management System of claim 1 wherein a subset of said logical security domains exists in each of said secure boxes.
  - 15. The Key Management System of claim 1 wherein said transaction evidencing device includes at least two of said master keys from at least two of said security domains, said transaction evidencing device generating evidence of information integrity for each of said two domains.
  - 16. The Key Management System of claim 1 wherein said transaction evidencing device is a postage meter.
  - 17. The Key Management System of claim 1 wherein said evidence of information integrity comprises a digital token.
  - 18. The Key Management System of claim 1 wherein said evidence of postage payment comprises a digital token.

19. A Key Management System for generating, distributing and managing cryptographic keys used by a digital postage meter that employs cryptographic means to produce evidence of postage payment, the system comprising:
- a plurality of functionally distinct secure boxes communicatively coupled to each other, each of said secure boxes including means for performing one of key management functions for key generation, key installation, key verification and verification of the evidence of postage payment;
  
  computer means for providing system control, said computer means being communicatively coupled to said secure boxes and including means for facilitating communication among said secure boxes;
  
  a plurality of separate logical security domains, each of said security domains providing domain processes for key generation, key installation, key verification and verification of the evidence of postage payment produced by the digital meter within said domain using said key management functions;
  
  a plurality of domain archives communicatively coupled to said computer means and corresponding respectively to each of said security domains, said domain archives including means for securely and recording key status records and master keys for each domain;
  
  means for installing said master keys in the digital postage meter; and
  
  means for verifying said evidence of postage payment.

20. A Key Management System for generating, distributing and managing cryptographic keys used by a transaction evidencing device that employs cryptographic means to produce evidence of information integrity, the system comprising:
- a plurality of functionally distinct processes communicatively coupled to communicate with each other, each of said plurality of processes including means for performing one of key management functions for key generation, key installation, key verification and verification of the evidence of information integrity produced by the transaction evidencing device;
  
  computer means for providing system control, said computer means being communicatively coupled to said plurality of processes and including means for facilitating communication among said processes;
  
  a plurality of separate logical security domains, each of said security domains providing domain processes for key generation, key installation, key verification and verification of the evidence of information integrity produced by said transaction evidencing device within said domain using said key management functions;
  
  a plurality of domain archives communicatively coupled to said computer means and corresponding respectively to each of said security domains, said domain archives including means for recording key status records and master keys for each domain;
  
  means for installing said master keys in the transaction evidencing device; and
  
  means for verifying said evidence of information integrity.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 21. The Key Management System of claim 20 wherein said plurality of processes comprise:
    - a key generation process including means for generating, encrypting and signing a master key when a request for said master key is received from said computer means; and
      
      a key installation process communicatively coupled to said key generation process and said transaction evidencing device, said key installation process including means for receiving, verifying and decrypting said signed master key and means for installing said master key into said transaction evidencing device.
  - 22. The Key Management System of claim 21 wherein said plurality of processes further comprise:
    - a key verification process communicatively coupled to said key generation process and said key installation process, said key verification process including means for verifying the installation of said master key in said transaction evidencing device.
  - 23. The Key Management System of claim 22 wherein said plurality of processes further comprise:
    - an evidence verification process communicatively coupled to said key verification process, said evidence verification process including means for verifying the evidence of information integrity.
  - 24. The Key Management System of claim 23 wherein said computer means comprises a first key management computer located at a first data center and communicatively coupled to said plurality of processes, said first key management computer controlling communications among said plurality of processes and said domain archives.
  - 25. The Key Management System of claim 24 wherein said computer means further comprises a key distribution computer located at a manufacturing site and communicatively coupled to said plurality of processes and said first key management computer, said key distribution computer controlling distribution of said master keys for installation into said transaction evidencing device.
  - 26. The Key Management System of claim 25 wherein said computer means further comprises a second key management computer located at a second data center and communicatively coupled to said plurality of processes, said first key management computer and said key distribution computer, said second key management computer monitoring the Key Management System and controlling said verification process located at said second data center.
  - 27. The Key Management System of claim 25 wherein said computer means further comprises a distributed key management computer communicatively coupled to said first key management computer and located at a verification site, and wherein said plurality of processes further comprise a distributed verification process, said distributed key management computer controlling verification by said distributed verification process of the evidence of information integrity produced by said transaction evidencing device.
  - 28. The Key Management System of claim 27 wherein said transaction evidencing device produces temporal keys for generation of evidence of information integrity, and one of said plurality of processes generates identical temporal keys and one of said key management computers distributes said temporal keys to said distributed key management computer.
  - 29. The Key Management System of claim 22 wherein said transaction evidencing device includes means for producing evidence of master key integrity and said key verification process verifies said master keys installed in said transaction evidencing device are identical to said master keys recorded in said domain archive using said evidence of master key integrity.
  - 30. The Key Management System of claim 22 wherein said transaction evidencing device is a postage meter.
  - 31. The Key Management System of claim 21 wherein said key generation process assigns a unique key identifier and a key installation process to said master key, said key installation process verifying that said key identifier is fresh and said master key is assigned to said key installation process.
  - 32. The Key Management System of claim 21 wherein said key generation process includes means for producing evidence of master key integrity and said key installation process verifies said master keys installed in said transaction evidencing device using said evidence of master key integrity.
  - 33. The Key Management System of claim 20 wherein said plurality of processes further comprise:
    - at least one manufacturing process communicatively coupled to said plurality of processes, said manufacturing process including means for generating domain keys and distributing said domain keys among said plurality of processes for each of said domains.
  - 34. The Key Management System of claim 20 wherein a subset of said logical security domains exists in each of said plurality of processes.
  - 35. The Key Management System of claim 20 wherein said transaction evidencing device includes at least two of said master keys from at least two of said security domains, said transaction evidencing device generating evidence of information integrity for each of said two domains.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Original Assignee
Pitney Bowes Incorporated (Böwe Systec AG)
Inventors
Hunter, Kevin D., Ryan, Frederick W. Jr., Bator, Feliks, Cordery, Robert A., Pintsov, Leon A., Pauly, Steven J., Heiden, Gary M., Baker, Walter J., Weiant, Monroe A. Jr., Lawton, Kathryn V., Loglisci, Louis J.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/553,812
Time in Patent Office

1,065 Days
Field of Search

380/4, 380/9, 380/21, 380/23, 380/24, 380/25, 380/49, 380/50, 380/51, 380/55, 380/59, 380/28, 380/29, 380/37, 380/43, 705/401, 705/405, 705/408
US Class Current

380/277
CPC Class Codes

G07B 17/0008   Communication details outsi...

G07B 17/00733   Cryptography or similar spe...

G07B 2017/00846   Key management

G07B 2017/00854   Key generation

G07B 2017/00862   Key storage, e.g. escrowing...

G07B 2017/0087   Key distribution

G07B 2017/00895   Key verification, e.g. by u...

G07B 2017/00967   PSD [Postal Security Device...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/083   involving central third par...

H04L 9/3213   using tickets or tokens, e....

Cryptographic key management and validation system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Cryptographic key management and validation system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links