Apparatus and method for establishing a crytographic link between elements of a system
First Claim
1. A method of establishing access to a communication system between a dispersed plurality of operational units comprising:
- producing a personalization station by creating a public signature key and a corresponding private signature key for use by said personalization station, and generating a certificate signed by a trusted authority, said certificate containing said public signature key for use by said personalization station and an authorization statement authorizing said personalization station to personalize operational units of said communication system; and
personalizing operational units of said communication system, wherein said personalizing comprises creating public and private keys for cryptographic communication, and communicating said public and private keys from said personalization station to said operational units of said communication system.
3 Assignments
0 Petitions
Accused Products
Abstract
A hierarchical cryptographic system has distributed authority among different classes of units in the system. The system may comprise a trusted authority, a first unit authorized by the trusted authority to distribute public and private signature and encryption keys. A second unit accepts for use one or more of the keys only after performing a verification program using the public signature key of the trusted authority. The invention also comprises a unit of a cryptographic system having a processor and a read only memory. The read only memory has stored therein a verification program which includes a public signature key of a trusted authority, and the verification program is made a permanent part of the read only memory during the formation process of the read only memory prior to the application of electrical power to the read only memory.
167 Citations
1 Claim
-
1. A method of establishing access to a communication system between a dispersed plurality of operational units comprising:
-
producing a personalization station by creating a public signature key and a corresponding private signature key for use by said personalization station, and generating a certificate signed by a trusted authority, said certificate containing said public signature key for use by said personalization station and an authorization statement authorizing said personalization station to personalize operational units of said communication system; and
personalizing operational units of said communication system, wherein said personalizing comprises creating public and private keys for cryptographic communication, and communicating said public and private keys from said personalization station to said operational units of said communication system.
-
Specification