Key replacement in a public key cryptosystem
First Claim
1. A public key cryptography apparatus for secure communications over an untrusted network between a key server node and a user node, comprising:
- user data storage, coupled to the user node of the untrusted network, for storing a first active public key and a first replacement public key;
key server data storage, coupled to the key server node, for storing a first active private key and a first replacement private key, wherein the first active private key and the first active public key are a first key pair and the first replacement private key and the first replacement public key are a first replacement key pair;
means for transmitting a key replacement message from the key server node to the user node, the key replacement message comprising the first replacement public key, a mask of a second replacement public key and a digital signature proving knowledge by the key server node of both of the first active private key and the first replacement private key; and
means for using the second replacement public key to replace the first replacement public key and using the first replacement public key as a second active public key wherein the second active public key is used to encrypt or decrypt data in conjunction with a corresponding second active private key.
1 Assignment
0 Petitions
Accused Products
Abstract
Improved key management is provided by a public key replacement apparatus and method for operating over insecure networks. An active public key and the mask of a replacement public key are provided by a key server to nodes where the active key is used to encrypt and verify messages. To replace the active public key with the replacement public key, a key replacement message is sent to the node. The key replacement message contains the replacement public key and contains the mask of the next replacement key. The mask of the replacement public key may be generated by hashing or encrypting. The key replacement message is signed by the active public key and the replacement public key. Nodes are implemented by a computer, a smart card, a stored data card in combination with a publicly accessible node machine, or other apparatus for sending and/or receiving messages. In a particular application, a financial transaction network, nodes are consumer nodes, merchant nodes, or both, and transactions are securely sent over a possible insecure network
-
Citations
13 Claims
-
1. A public key cryptography apparatus for secure communications over an untrusted network between a key server node and a user node, comprising:
-
user data storage, coupled to the user node of the untrusted network, for storing a first active public key and a first replacement public key;
key server data storage, coupled to the key server node, for storing a first active private key and a first replacement private key, wherein the first active private key and the first active public key are a first key pair and the first replacement private key and the first replacement public key are a first replacement key pair;
means for transmitting a key replacement message from the key server node to the user node, the key replacement message comprising the first replacement public key, a mask of a second replacement public key and a digital signature proving knowledge by the key server node of both of the first active private key and the first replacement private key; and
means for using the second replacement public key to replace the first replacement public key and using the first replacement public key as a second active public key wherein the second active public key is used to encrypt or decrypt data in conjunction with a corresponding second active private key. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A key replacement system comprising:
-
plurality of user nodes, each coupled to send and receive messages over said network, each said user node having a user node storage device for storing at least an active public key, an indication of a replacement public key, and a user node key pair;
a key server, coupled to send and receive messages over a network, said key server coupled to at least a first storage device for storing user node public key information for said plurality of user nodes coupled to said network;
a key controller, coupled to said key server, including a key controller storage device for storing an active private key and a replacement private key, said active public key and said active private key comprising a key pair, said replacement public key and said replacement private key comprising a replacement key pair;
said key controller producing a key replacement message including said replacement public key, an indication of a next replacement public key, a first digital signature verifiable by said active public key, and a second digital signature verifiable by said replacement private key;
wherein said key replacement message is forwarded to said plurality of user nodes;
wherein the authenticity of said first digital signature and second digital signature are verified before the plurality of user nodes replace said active public key with said replacement public key, thereby defining a new active public key; and
wherein the new active public key is used to encrypt or decrypt data sent over said network. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A public key cryptography apparatus for secure communications over a network, comprising:
-
user data storage, coupled to a user node of said network, for storing an active public key and a replacement public key;
key server data storage, coupled to a key server node of said network, for storing an active private key and a replacement private key, wherein said active private key and said active public key are an active key pair and said replacement private key and said replacement public key are a replacement key pair;
said key server node transmitting a key replacement message from said key server node to said user node over said network, said key replacement message comprising said replacement public key, a mask of a next replacement public key and a digital signature proving knowledge by said key server node of both of said active private key and said replacement private key;
said user node receiving said key replacement message and replacing said active public key with said replacement public key if the authenticity of said digital signature is verified, wherein said replacement public key and replacement private key are used to encode data according to the Public Key Infrastructure for secure communications over a network. - View Dependent Claims (13)
-
Specification