Secure establishment of cryptographic keys using persistent key component
First Claim
1. An apparatus for securely establishing a unique cryptographic key in a first cryptographic device, the first cryptographic device having means for entering a key component and a processor for processing electrical signals, said apparatus electrically disposed between the key component entry means and the processor of the first cryptographic device and comprising:
- a microprocessor in electrical communication with the key component entry means and the processor of the first cryptographic device;
means for persistently storing a first key component entered from the key component entry means by a first key custodian, said persistent storage means in electrical communication with said microprocessor; and
means for temporarily storing a second key component entered, at a subsequent time, from the key component entry means by a second key custodian;
wherein said microprocessor comprises means for combining the first key component stored in said persistent storage means with the second key component to form the unique cryptographic key.
1 Assignment
0 Petitions
Accused Products
Abstract
An apparatus and method is disclosed for securely establishing a unique cryptographic key in a first cryptographic device, for example an Automated Teller Machine (ATM). In a preferred embodiment, the ATM includes means for entering a key component and an ATM processor board, and the apparatus includes a microprocessor and a persistent, non-volatile memory device electrically disposed between the key component entry means and the ATM processor board. In a preferred embodiment of the method, the microprocessor detects and captures a key component entered by a key custodian. The microprocessor then determines whether a first key component is present in the non-volatile memory device. If not, the key component is stored in the non-volatile memory device as the persistent key component (PKC). If a PKC is present in the non-volatile memory device, the key component is temporarily stored as a second key component. Each byte of the second key component is then combined with the corresponding byte of the PKC to form the unique cryptographic key. The same unique cryptographic key is securely established in a second cryptographic device to facilitate secure electronic communications. Preferably, the PKC is entered by a first key custodian at a convenient location and time and the second key component is entered by a second key custodian at a subsequent time in the field. Thus, a unique cryptographic key is securely established in the ATM in compliance with network operating rules and voluntary ANSI Standards while utilizing only a single key custodian in the field.
-
Citations
18 Claims
-
1. An apparatus for securely establishing a unique cryptographic key in a first cryptographic device, the first cryptographic device having means for entering a key component and a processor for processing electrical signals, said apparatus electrically disposed between the key component entry means and the processor of the first cryptographic device and comprising:
-
a microprocessor in electrical communication with the key component entry means and the processor of the first cryptographic device;
means for persistently storing a first key component entered from the key component entry means by a first key custodian, said persistent storage means in electrical communication with said microprocessor; and
means for temporarily storing a second key component entered, at a subsequent time, from the key component entry means by a second key custodian;
wherein said microprocessor comprises means for combining the first key component stored in said persistent storage means with the second key component to form the unique cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
means for detecting and capturing the entry of the first key component and the second key component from the key component entry means of the first cryptographic device;
means for discriminating between the first key component and the second key component entered from the key component entry means of the first cryptographic device;
means for combining the first key component stored in said persistent storage means with the second key component to form the unique cryptographic key; and
means for passing the unique cryptographic key to the processor of the first cryptographic device.
-
-
3. An apparatus according to claim 1 wherein said persistent storage means comprises a non-volatile memory device.
-
4. An apparatus according to claim 3 wherein said non-volatile memory device is a battery-backed Random Access Memory (RAM).
-
5. An apparatus according to claim 3 wherein said non-volatile memory device is an Electrically Erasable Programmable Read Only Memory (EEPROM).
-
6. An apparatus according to claim 2 wherein said detecting and capturing ms electrically monitors the key component entry mean of the first cryptographic device for a predetermined electrical signal from the key component entry means and temporarily stores the second key component entered from the key component entry means in a non-persistent memory device once the electrical signal is received from the key component entry means.
-
7. An apparatus according to claim 2 wherein said combining means electrically combines each byte of the second key component with the corresponding byte of the first key component using an “
- exclusive or”
operation to form the unique cryptographic key.
- exclusive or”
-
8. An apparatus for securely establishing a unique cryptographic key, said apparatus comprising:
-
a first cryptographic device comprising;
means for entering a key component; and
a processor electrically coupled to said key component entry means for receiving electrical signals therefrom; and
persistent key component function hardware electrically disposed between said key component entry means and said processor, said persistent key component function hardware comprising;
a microprocessor in electrical communication with said key component entry means and said processor of said first cryptographic device;
means for persistently storing a first key component entered from the key component entry means by a first key custodian, said persistent storage means in electrical communication with said microprocessor; and
means for temporarily storing a second key component entered at a subsequent time, from the key component entry means by a second key custodian;
wherein said microprocessor of said persistent key component function hardware comprises means for combining the first key component stored in said persistent storage means with the second key component to form the unique cryptographic key. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
means for detecting and capturing the entry of the first key component and the second key component from said key component entry means of said first cryptographic device;
means for discriminating between the first key component and the second key component entered from said key component entry means of said first cryptographic device;
means for combining the first key component stored in said persistent storage means of said persistent key component function hardware with the second key component to form the unique cryptographic key; and
means for passing the unique cryptographic key to said processor of said first cryptographic device.
-
-
10. An apparatus according to claim 8 wherein said persistent storage means of said persistent key component function hardware comprises a non-volatile memory device.
-
11. An apparatus according to claim 10 wherein said non-volatile memory device is a battery-backed Random Access Memory (RAM).
-
12. An apparatus according to claim 10 wherein said non-volatile memory device is an Electrically Erasable Programmable Read Only Memory (EEPROM).
-
13. An apparatus according to claim 9 wherein said detecting and capturing means electrically monitors said key component entry means of said first cryptographic device for a predetermined electrical signal from said key component entry means and temporarily stores the second key component entered from said key component entry means in a non-persistent memory device once the electrical signal is received from said key component entry means.
-
14. An apparatus according to claim 9 wherein said combining means electrically combines each byte of the second key component with the corresponding byte of the first key component using an “
- exclusive or”
operation to form the unique cryptographic key.
- exclusive or”
-
15. An apparatus according to claim 8 wherein said first cryptographic device further comprises:
-
a switch electrically coupled to said persistent key component function hardware for selectively activating and deactivating said microprocessor; and
input means electrically coupled to said persistent key component function hardware for inputting a key component to said microprocessor;
wherein said input means inputs the first key component to said microprocessor and said persistent storage means persistently stores the first key component at a convenient location and time; and
wherein said input means subsequently inputs the second key component to said microprocessor and said microprocessor combines the second key component with the first key component, thereby requiring only a single key custodian to be present at a current location of the first cryptographic device even though establishing the unique cryptographic key in said first cryptographic device using split knowledge and dual control.
-
-
16. A method of securely establishing a unique cryptographic key in a first cryptographic device, said method comprising the steps of:
-
placing the first cryptographic device in an operational state to establish the unique cryptographic key;
entering a first key component into the first cryptographic device, by a first key custodian, at a convenient location and time;
storing the first key component in a persistent, non-volatile memory device as a persistent key component;
entering a second key component into the first cryptographic device, by a second key custodian, at a subsequent time;
storing the second key component in a temporary, non-persistent memory device; and
combining the second key component with the persistent key component to form the unique key component. - View Dependent Claims (17, 18)
detecting entry of the first key component; and
if a persistent key component is already present in the persistent, non-volatile memory device, skipping operation of the steps of storing the first key component, entering a second key component, and storing the second key component, and instead storing the first key component in the temporary, non-persistent memory device as the second key component.
-
-
18. A method of securely establishing a unique cryptographic key according to claim 16 wherein the step of combining comprises the further step of combining each byte of the second key component with the corresponding byte of the persistent key component using an “
- exclusive or”
operation.
- exclusive or”
Specification