Apparatus and method for establishing a crytographic link between elements of a system
First Claim
1. A method of establishing a control system comprising:
- producing a personalization station by creating a public signature key and a corresponding private signature key for use by said personalization station, and generating a certificate signed by a trusted authority, said certificate containing said public signature key for use by said personalization station and an authorization statement authorizing said personalization station to personalize units of said access control system; and
personalizing units of said control system, wherein said personalizing comprises creating public and private keys for cryptographic communication, and communicating said public and private keys from said personalization station to said units of said control system.
3 Assignments
0 Petitions
Accused Products
Abstract
A hierarchical cryptographic system has distributed authority among different classes of units in the system. The system may comprise a trusted authority, a first unit authorized by the trusted authority to distribute public and private signature and encryption keys. A second unit accepts for use one or more of the keys only after performing a verification program using the public signature key of the trusted authority. The invention also comprises a unit of a cryptographic system having a processor and a read only memory. The read only memory has stored therein a verification program which includes a public signature key of a trusted authority, and the verification program is made a permanent part of the read only memory during the formation process of the read only memory prior to the application of electrical power to the read only memory.
-
Citations
28 Claims
-
1. A method of establishing a control system comprising:
-
producing a personalization station by creating a public signature key and a corresponding private signature key for use by said personalization station, and generating a certificate signed by a trusted authority, said certificate containing said public signature key for use by said personalization station and an authorization statement authorizing said personalization station to personalize units of said access control system; and personalizing units of said control system, wherein said personalizing comprises creating public and private keys for cryptographic communication, and communicating said public and private keys from said personalization station to said units of said control system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of establishing a control system comprising:
-
producing a personalization station by creating a public signature key and a corresponding private signature key for use by said personalization station, and generating a certificate signed by a trusted authority, said certificate containing said public signature key for use by said personalization station and an authorization statement authorizing said personalization station to personalize units of said access control system; personalizing an operational unit of said control system wherein said personalizing comprises creating public and private signature keys for cryptographic communication, communicating said public and private signature keys from said personalization station to said operational unit, and creating a certificate, signed by said private signature key of said personalization station, containing said public signature key for use by said operational unit; and personalizing a registration station for registering operational units, wherein said personalizing comprises creating a public signature key and a private signature key for use by said registration station, and creating a certificate, signed by said private signature key of said personalization station, containing said public signature key for use by said registration station and a statement of authorization to register operational units. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A hierarchical cryptographic system having distributed authority among different classes of units in said system, said system comprising:
-
a trusted authority; a first unit authorized by said trusted authority to distribute public and private signature and encryption keys; a second unit having read only memory circuitry and a programmable processor, said read only memory circuitry having stored therein (1) a public signature key of said trusted authority and (2) processor commands for reading said public signature key of said trusted authority and for verifying the authorization of said first unit, said second unit accepting for use one or more of said keys only after said programmable processor performs said processor commands so as to read said public signature key of said trusted authority and verify that said first unit has been authorized to distribute public and private signature and encryption keys. - View Dependent Claims (14, 15)
-
-
16. A method of establishing operational authority for an operational unit of an access control system, said access control system comprising a trusted authority, at least one personalization station, at least one registration station, and at least one operational unit, said method comprising the steps of:
-
a. authorizing the personalization station to personalize units of the access control system by; creating a message containing a personalization station public signature key and an authorization for the personalization station to personalize units of the access control system; signing the message with a trusted authority private signature key corresponding to a trusted authority public signature key to create a personalization station certificate; and communicating the personalization station certificate from the trusted authority to the personalization station; b. personalizing the registration station by; communicating a copy of the personalization station certificate to the registration station; generating, in the personalization station, a registration station public signature key and a registration station private signature key; creating a message containing the registration station public signature key; signing the message with a personalization station private signature key corresponding to the personalization station public signature key to create a registration station certificate; and communicating the registration station certificate front the personalization station to the registration station; c. personalizing the operational unit by; communicating a copy of the personalization station certificate to the operational unit; verifying in the operational unit that the copy of the personalization station certificate was signed by the trusted authority by applying a trusted authority public signature key corresponding to the trusted authority private signature key; verifying in the operational unit that the copy of the personalization station certificate authorizes the personalization station to personalize the operational unit; generating, in the personalization station, an operational unit public encryption key and an operational unit private decryption key; creating a message containing the operational unit public encryption key; and signing the message with the personalization station private signature key to create an operational unit certificate; d. registering the operational unit with the registration station by; communicating a copy of the operational unit certificate from the operational unit to the registration station; communicating a copy of the personalization station certificate from the operational unit to the registration station; verifying in the registration station that the personalization station certificate was signed by the trusted authority by applying the trusted authority public signature key; verifying in the registration station that the operational unit certificate was signed by the personalization station by applying the personalization station public signature key, said personalization station public signature key having been obtained from the copy of the personalization station certificate; communicating a copy of the registration station certificate from the registration station to the operational unit; communicating a copy of the personalization station certificate from the registration station to the operational unit; verifying, in the operational unit, that the personalization station certificate was signed by the trusted authority by applying the trusted authority public signature key; verifying, in the operational unit, that the registration station certificate was signed by the personalization station by applying the personalization station public signature key, said personalization station public signature key having been obtained from the copy of the personalization station certificate; generating, in the registration station, a cryptographic data element for the operational unit; encrypting the cryptographic data element in the operational unit public encryption key, said registration station having obtained said operational unit public encryption key from the operational unit certificate; communicating the cryptographic data element, encrypted in the operational unit public encryption key, from the registration station to the operational unit; and decrypting, in the operational unit, the cryptographic data element by applying the operational unit private decryption key. - View Dependent Claims (17, 18)
-
-
19. A method of using a first unit of a cryptographic system to establish a cryptographic link between second and third units of a cryptographic system comprising the steps of:
-
storing a trusted authority public signature key corresponding to a trusted authority private signature key in said second and third units; generating a first certificate, wherein said first certificate is signed with said trusted authority private signature key, and wherein said first certificate comprises (1) a first unit public signature key corresponding to a first unit private signature key, and (2) a statement of authorization designating said first unit as authorized to transfer public and private keys to other units of said cryptographic system; communicating said first certificate and said first unit private signature key to said first unit; generating, in said first unit, a second certificate, wherein said second certificate is signed with said first unit private signature key, and wherein said second certificate comprises a second unit public signature key corresponding to a second unit private signature key; communicating said second certificate and said second unit private signature key from said first unit to said second unit; applying, in said second unit, said trusted authority public signature key to said first certificate to verify that said first certificate was signed by said trusted authority; reading, in said second unit, said statement of authorization in said first certificate to determine whether said first unit has been authorized to transfer public and private keys to other units of said cryptographic system; accepting, in said second unit, said second unit private key if said statement of authorization indicates that said first unit has been authorized to transfer public and private keys to other units of said cryptographic system; communicating said first and said second certificates from said second unit to said third unit; applying, in said third unit, said trusted authority public signature key to said first certificate to verify that said first certificate was signed by said trusted authority and obtaining said first unit public signature key from said first certificate; applying, in said third unit, said first unit public signature key to said second certificate to verify that said second certificate was signed by said first unit and obtaining said second unit public signature key from said second certificate; and communicating messages from said third unit to said second unit using said second unit public signature key. - View Dependent Claims (20, 21, 22, 23, 24)
-
- 25. A unit of a cryptographic system comprising a processor and read only memory circuitry, wherein said read only memory circuitry has stored therein (1) a public signature key of a trusted authority, and (2) verification program processor commands, wherein said processor is operative under the direction of said verification program processor commands to analyze the authenticity of certificates received by said unit, and wherein said verification program processor commands and said public signature key of said trusted authority are made a permanent part of said read only memory circuitry during the formation process of said read only memory circuitry prior to the application of electrical power to said read only memory circuitry.
Specification