Cryptographic key, or other secret material, recovery
First Claim
1. A method permitting secure recovery of secret information which is stored at a first location and is also stored at a second location, remote from said first location, said method comprising the steps of:
- (a) generating a seed value at the first location, (b) using said seed value to generate an encryption key from the secret information at said first location, (c) using said encryption key to encrypt the secret information at said first location, (d) storing the seed value and the encrypted secret information at the first location, (e) securely erasing said encryption key from said first location, (f) when recovery of the secret information is required at the first location, supplying the seed value from the first location to the second location, g) at said second location, using said seed value to generate a recovery key from the secret information stored at the second location, (h) supplying the recovery key from the second location to the first location, and, (j) at the first location, decrypting the encrypted secret information using the recovery key.
2 Assignments
0 Petitions
Accused Products
Abstract
Secret material, such as a cryptographic key, that is needed for operation of a computer system (4a), can be stored under password protection on a storage medium for insertion into the computer system as required. If the password is forgotten, or the storage medium is faulty, the secret material will not be accessible. To permit secure recovery of the secret material in these or other circumstances, the secret material is encrypted using a recovery key and stored on the computer system, together with a value used in the generation of the recovery key from the secret material. The secret material is also stored on a remote secure system (5). When recovery of the secret material is required, the value for generating the recovery key is supplied to the remote system and used to generate the recovery key there. The generated recovery key is then supplied to the computer system, where it is used to decrypt the secret material. A new recovery key is then generated using a different value for a future recovery instance. The value can be supplied to the remote system (5) by dictation of a corresponding alphanumeric expression by a computer system operator (6), over a telephone connection (7, 8, 9) to a support technician (10) at the remote system for input thereat, and another alphanumeric expression corresponding to the generated recovery key can be dictated back to the computer system operator for insertion into the computer system and subsequent decryption of the secret material, thus allowing operation of the computer system, in circumstances where there is no data connection link between the two systems.
-
Citations
6 Claims
-
1. A method permitting secure recovery of secret information which is stored at a first location and is also stored at a second location, remote from said first location, said method comprising the steps of:
-
(a) generating a seed value at the first location, (b) using said seed value to generate an encryption key from the secret information at said first location, (c) using said encryption key to encrypt the secret information at said first location, (d) storing the seed value and the encrypted secret information at the first location, (e) securely erasing said encryption key from said first location, (f) when recovery of the secret information is required at the first location, supplying the seed value from the first location to the second location, g) at said second location, using said seed value to generate a recovery key from the secret information stored at the second location, (h) supplying the recovery key from the second location to the first location, and, (j) at the first location, decrypting the encrypted secret information using the recovery key. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification