Method and apparatus for crytographically protecting data
First Claim
Patent Images
1. A method for transferring selected information T to a database, the method comprising the steps of:
- storing a first certification information PrA(PuL) in a first database. the first certification information including a first public key PuL encrypted using a first private key PrA;
storing a character string X in the first database;
storing a second certification information in a second database, the second certification information including the character string X encrypted using a first secret key ρ
, and the encrypted character string ρ
(X) encrypted using the first private key PrA;
transferring the first certification information PrA(PuL) from the first database to a second database;
transferring the second certification information PrA(ρ
(X)) from the second database to the first database;
verifying at the first database that the character string X stored in the first database equals the character string X contained in the second certification information; and
enabling the transfer of the selected information T to the second database when the character string X stored in the first database equals the character string X contained in the second certification information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for transferring encrypted information to a database. First certification information is transferred from a first database to a second database. Second certification information is then transferred from the second database to the first database, where both the first certification information and the second certification information is authenticated. If both certifications are authenticated, the transfer of the encrypted information to the second database is enabled.
89 Citations
53 Claims
-
1. A method for transferring selected information T to a database, the method comprising the steps of:
-
storing a first certification information PrA(PuL) in a first database. the first certification information including a first public key PuL encrypted using a first private key PrA; storing a character string X in the first database; storing a second certification information in a second database, the second certification information including the character string X encrypted using a first secret key ρ
, and the encrypted character string ρ
(X) encrypted using the first private key PrA;transferring the first certification information PrA(PuL) from the first database to a second database; transferring the second certification information PrA(ρ
(X)) from the second database to the first database;verifying at the first database that the character string X stored in the first database equals the character string X contained in the second certification information; and enabling the transfer of the selected information T to the second database when the character string X stored in the first database equals the character string X contained in the second certification information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a certification module having an associated first database storing a first certification information PrA(PuL), a first public key PuA, an encrypted first secret key λ
(λ
T), a second secret key λ
, a first private key PrL and a character string X, the first certification information being formed by encrypting a second public key PuL using a second private key PrA, and the encrypted first secret key λ
T being encrypted using the second secret key λ
; anda personality module having an associated second database storing a third secret key ρ
, the first public key PuA and second certification information PrA(ρ
X), the second certification information PrA(ρ
(X)) being formed from the character string X being encrypted by the third secret key ρ and
the encrypted character string ρ
(X) being further encrypted by the second private key PrA,the personality module receiving the first certification information from the certification module, decrypting the first certification information using the first public key PuA stored in the personality module to obtain the second public key PuL, encrypting the third secret key ρ
using the decrypted second public key PuL, encrypting the second certification information PrA(ρ
(X)) using the decrypted second public key PuL and transferring the encrypted third secret key PuL(ρ
) and the encrypted second certification information PuL(PrA(ρ
(X))) to the certification module, andthe certification module decrypting the encrypted third secret key PuL(ρ
) using the first private key PrL, decrypting the encrypted second certification information PuL(PrA(ρ
(X))) using the first private key PrL, further decrypting the second certification information using the first public key PuA to obtain the character string X contained in the second certification information, and enabling transmission of selected information T to the personality module when the character string X stored in the first database equals the character string X contained in the second certification information. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A personality module comprising:
-
a database storing a first secret key ρ
, a first public key PuA and first certification information PrA(ρ
(X)), the first certification information PrA(ρ
(X)) being formed by encrypting a character string X using the first secret key ρ
, and by encrypting the encrypted character string ρ
(X) using a first private key PrA; anda transceiver receiving a second public key PuL encrypted using the first private key PrA. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
-
-
32. A certification module comprising:
-
a database storing an encrypted first public key PrA(PuL), a second public key PuA, an encrypted first secret key λ
(λ
T), a second secret key λ
, a first private key PrL and a character string X, the first public key PuL being encrypted using a second private key PrA, and the first secret key λ
T being encrypted using the second secret key λ
; anda transceiver transmitting the encrypted first public key PrA(PuL) and receiving encrypted certification information PuL(PrA(ρ
(X))) encrypted using the first public key PuL and a third secret key ρ
encrypted by the first public key PuL, the encrypted certification information including the character string X,the certification module decrypting the encrypted certification information PuL(PrA(ρ
(X))) using the first private key PrL, decrypting the encrypted third secret key PuL(ρ
) to obtain the third secret key ρ
, decrypting the encrypted certification information using the second public key PuA, decrypting the character string X contained in the encrypted certification information using the third secret key ρ and
enabling transmission of selected information T when the character string X contained in the encrypted certification information equals the character string X stored in the database. - View Dependent Claims (33, 34, 35, 36, 37, 38)
-
-
39. A method for transferring selected information T to a database, the method comprising the steps of:
-
storing the first secret key ρ
, a first public key PuA and the first certification information PrA(ρ
(X)) in a first database, the certification information including a character string X encrypted using a first secret key ρ and
further encrypted using a first private key PrA; andreceiving from a second database a second public key PuL encrypted using the first private key PrA. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46)
-
-
47. A method for transferring selected information T to a database, the method comprising the steps of:
-
storing an encrypted first public key PrA(PuL), a second public key PuA, an encrypted first secret key λ
(λ
T), a second secret key λ
, a first private key PrL and a character string X at a first database, the first public key PuL being encrypted by a second private key PrA, and the first secret key λ
T being encrypted using the second secret key λ
;transmitting the encrypted first public key PrA(PuL) to a second database; receiving an encrypted certification information PuL(PrA(ρ
(X))) and a third secret key ρ
encrypted by the first public key PuL from the second database at the first database, the encrypted certification information including the character string X encrypted using the third secret key ρ
, the encrypted character string ρ
(X) being encrypted using the first public key PuL and the encrypted character string PuL(ρ
(X)) being encrypted by the first public key PuL;decrypting the encrypted third secret key PuL(ρ
) at the first database using the first private key PrL to obtain the third secret key ρ
;decrypting the encrypted certification information PuL(PrA(ρ
(X))) at the first database using the first private key PrL;decrypting the encrypted certification information using the second public key PuA; decrypting the character string X contained in the encrypted certification information using the third secret key ρ
; andenabling transmission of selected information T when the character string X contained in the encrypted certification information equals the character string X stored in the first database. - View Dependent Claims (48, 49, 50, 51, 52, 53)
-
Specification