System and method for configuring and registering a cryptographic device

US 5,970,147 A
Filed: 09/30/1997
Issued: 10/19/1999
Est. Priority Date: 09/30/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for configuring a cryptographic device comprising:

loading a device serial number into a non-volatile memory of the cryptographic device;

producing a key within the cryptographic device the key being stored in the non-volatile memory;

producing a cryptographic key pair within the cryptographic device the cryptographic key pair including a public key and a private key;

encrypting the private key with the key; and

exporting the device serial number, the public key and the private key encrypted with the key to a database remotely located from the cryptographic device without storage of the public key and the private key internally within the cryptographic device.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for configuring and registering a cryptographic device. The configuration phase involves loading a device serial number (DSER) and a symmetric key (SK) into non-volatile memory of the cryptographic device. The non-volatile memory is integrated with processing logic of the cryptographic device. DSER is provided by an external source while SK is generated within the cryptographic device. The registration phase involves providing DSER to a database that contains cryptographic information associated with each cryptographic device manufactured. The cryptographic information includes at least a public key and a private key encrypted with SK. DSER is used to locate the appropriate cryptographic information and to transmit the cryptographic information to an electronic system having the cryptographic device.

315 Citations

18 Claims

1. A method for configuring a cryptographic device comprising:
- loading a device serial number into a non-volatile memory of the cryptographic device;
  
  producing a key within the cryptographic device the key being stored in the non-volatile memory;
  
  producing a cryptographic key pair within the cryptographic device the cryptographic key pair including a public key and a private key;
  
  encrypting the private key with the key; and
  
  exporting the device serial number, the public key and the private key encrypted with the key to a database remotely located from the cryptographic device without storage of the public key and the private key internally within the cryptographic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 further comprising:
    - discontinuing any further loading of information within the non-volatile memory of the cryptographic device after the device serial number and the key have been loaded.
  - 3. The method of claim 1 further comprising:
    - providing the public key to a certification authority;
      
      encrypting the public key with a private key of the certification authority to produce a digital certificate; and
      
      sending the digital certificate to the database to accompany the public key and the encrypted private key.
  - 4. The method of claim 1, wherein the device serial number is unique and distinct from device serial numbers for other cryptographic devices.
  - 5. The method of claim 1, wherein the key is a symmetric key.
  - 6. The method of claim 5, wherein the symmetric key is unique and distinct from other symmetric keys associated with the other cryptographic devices.
  - 7. The method of claim 1, wherein the non-volatile memory is integrated within processing logic of the cryptographic device.

8. A method for registering a cryptographic device comprising:
- establishing a communication channel between a database and an electronic system implemented with the cryptographic device, the cryptographic device including non-volatile memory storing a key and a device serial number;
  
  transmitting a message to the database, the message including the device serial number contained in the cryptographic device; and
  
  receiving a public key and a private key encrypted with the key associated with the cryptographic device, the public key and the private key having been originally generated internally within the cryptographic device but now stored within the database in lieu of the cryptographic device itself.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8 further comprising:
    - loading the public key and the private key encrypted with the key into a non-volatile memory element of the electronic system.
  - 10. The method of claim 8, wherein the communication channel is not secure.
  - 11. The method of claim 8, wherein the key is a symmetric key.
  - 12. The method of claim 8, wherein prior to receiving the public key, the method further comprising:
    - receiving the message including the device serial number by the database;
      
      using the device serial number as a lookup index; and
      
      transmitting the public key and the private key encrypted with the key to the electronic system.
  - 13. The method of claim 8 further comprising:
    - receiving a digital certificate being the public key encrypted with a private key of a certification authority.

14. A system comprising:
- a chipset;
  
  a non-volatile memory element coupled to the chipset;
  
  a cryptographic device coupled to the chipset, the cryptographic device including processing logic having a small amount of device non-volatile memory, the non-volatile memory containing a device serial number and a key; and
  
  a transceiver to download a public key of the system and a corresponding private key encrypted with the key into the non-volatile memory during registration, the public and private keys having been originally generated internally within the cryptographic device during a prior configuration stage for exclusive storage outside the cryptoraphic device prior to registration.

15. A cryptographic device comprising:
- a random number generator to generate at least one random number to produce a symmetric key, a public key and a private key associated with the cryptographic device;
  
  a non-volatile memory including the symmetric key; and
  
  a processing unit coupled to the random number generator and the non-volatile memory, the processing unit to control (i) loading of the key into the non-volatile memory, (ii) encrypting of the private key with the symmetric key, and (iii) outputting of the public key and the encrypted private key without storage of the public key and the private key within the cryptographic device during configuration of the cryptographic device.
- View Dependent Claims (16, 17, 18)
- - 16. The cryptographic device of claim 15, wherein the processing unit controls subsequent retrieval of the public key and the encrypted private key after outputting the public key and the encrypted private key during a registration phase.
  - 17. The cryptographic device of claim 16, wherein the processing unit controlling access to a remote database for retrieval of the public key and the encrypted private key.
  - 18. The cryptographic device of claim 15, wherein the processing unit is a general purpose microprocessor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micron Technology, Inc.
Original Assignee
Intel Corporation
Inventors
Davis, Derek L.
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/938,491
Time in Patent Office

749 Days
Field of Search

380/4, 380/23, 380/25, 380/30
US Class Current

713/172
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/79   in semiconductor storage me...

G09C 1/00   Apparatus or methods whereb...

H04L 2209/12   Details relating to cryptog...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

System and method for configuring and registering a cryptographic device

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

315 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for configuring and registering a cryptographic device

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

315 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links