Enhanced cryptographic system and method with key escrow feature
First Claim
1. A method for secure communication in a system having at least one communicating party and a message key that is recoverable by one not a party to the communication, the method comprising steps of:
- providing each user with a computer hardware device;
registering hardware devices with a center in accordance with control information determined by a device owner distinct from a device user;
certifying hardware devices, each certification generating a certificate associating a center, a user, and a hardware device;
initiating a secure communication from an initiating user to a recipient using a message key in a manner that permits the owner to access the communication.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides a cryptographic system and method with a key escrow feature that uses a method for verifiably splitting users'"'"' private encryption keys into components and for sending those components to trusted agents chosen by the particular users, and provides a system that uses modern public key certificate management, enforced by a chip device that also self-certifies. The methods for key escrow and receiving an escrow certificate are also applied herein to a more generalized case of registering a trusted device with a trusted third party and receiving authorization from that party enabling the device to communicate with other trusted devices.
-
Citations
12 Claims
-
1. A method for secure communication in a system having at least one communicating party and a message key that is recoverable by one not a party to the communication, the method comprising steps of:
-
providing each user with a computer hardware device; registering hardware devices with a center in accordance with control information determined by a device owner distinct from a device user; certifying hardware devices, each certification generating a certificate associating a center, a user, and a hardware device; initiating a secure communication from an initiating user to a recipient using a message key in a manner that permits the owner to access the communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for encrypted communication in a system having communicating parties and a message key that is recoverable by one not a party to the communication the method comprising steps of:
-
providing each user with a computer hardware device having at least one device-associated key; registering hardware devices with at least a selected one of a plurality of centers; certifying the hardware devices, said certification generating a certificate for a device; initiating a secure communication from an initiating user to a recipient using a message key, said communication containing an access portion encrypted by a key of the center to recover the message key, wherein the communication step includes steps of; encrypting access information using a key of a first center; and encrypting access information using a key of a second center.
-
Specification