Apparatus and method for depositing encryption keys

US 6,845,160 B1
Filed: 10/14/1999
Issued: 01/18/2005
Est. Priority Date: 11/12/1998
Status: Expired due to Term

First Claim

Patent Images

1. An encryption key depositing apparatus, comprising:

a unit that generates an encryption key for a user;

a unit that starts a process in response to the generation of said encryption key, said process allowing a depositary, with which said generated encryption key was deposited, to store said key in a subsequently recoverable manner; and

a server and a plurality of clients, wherein recovery information, usable to recover said encryption key, is encrypted by a public key of said depositary and is retained in said server, wherein said server, in response to a recovery request from the depositary, sends to said depositary said recovery information encrypted by said public key of said depositary, and acquires from said depositary said recovery information decrypted by a private key of said depositary and then encrypted by a public key of said server.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An encryption key depositing apparatus comprising a unit that generates an encryption key for a user; and a unit that starts a process in response to the generation of the encryption key, the process allowing a depositary deposited with the generated encryption key to store the key in question in a subsequently recoverable manner.

Citations

28 Claims

1. An encryption key depositing apparatus, comprising:
- a unit that generates an encryption key for a user;
  
  a unit that starts a process in response to the generation of said encryption key, said process allowing a depositary, with which said generated encryption key was deposited, to store said key in a subsequently recoverable manner; and
  
  a server and a plurality of clients, wherein recovery information, usable to recover said encryption key, is encrypted by a public key of said depositary and is retained in said server, wherein said server, in response to a recovery request from the depositary, sends to said depositary said recovery information encrypted by said public key of said depositary, and acquires from said depositary said recovery information decrypted by a private key of said depositary and then encrypted by a public key of said server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 13)
- - 2. The encryption key depositing apparatus according to claim 1, wherein said encryption key is a private key of a public key cryptosystem.
  - 3. The encryption key depositing apparatus according to claim 1, further having rules established as a basis for determining said depositary, said encryption key being stored in accordance with said rules.
  - 4. The encryption key depositing apparatus according to claim 1,wherein said server decrypts the acquired encrypted recovery information using a private key of said server;
    - and wherein the server recovers said encryption key using the decrypted acquired recovery information.
  - 5. The encryption key depositing apparatus according to claim 1, wherein said server logs historical records of the recovery request.
  - 6. The encryption key depositing apparatus according to claim 4, wherein said server, in response to an encryption key acquisition request from said depositary, encrypts said recovered encryption key using said public key of said depositary and sends said encrypted recovered encryption key to said depositary.
  - 7. The encryption key depositing apparatus according to claim 6, wherein said server logs historical records of the encryption key acquisition request.
  - 8. The encryption key depositing apparatus according to claim 4, wherein said server performs on behalf of said depositary a process using said encryption key in response to a processing request from said depositary.
  - 9. The encryption key depositing apparatus according to claim 8, wherein said server logs historical records of the processing request from said depositary.
  - 10. The encryption key depositing apparatus according to claim 5, wherein said historical records are supplied to the user to whom said encryption key is assigned.
  - 13. The encryption key depositary apparatus according to claim 4, wherein the server logs the depositary on historical records of depositaries,wherein, in response to an acquisition request from the depositary, the server determines whether the depositary is logged on the historical records of depositaries, and, if so, the server encrypts the recovered encryption key using the public key of the depositary and sends the encrypted recovered encryption key to the depositary.

11. A method for depositing an encryption key, comprising:
- generating an encryption key for a user;
  
  starting a process in response to generating said encryption key, said process allowing a depositary, with which the generated encryption key was deposited, to store said key in a subsequently recoverable manner;
  
  encrypting recovery information using a public key of the depositary, the recovery information usable to recover the encryption key;
  
  sending the encrypted recovery information to the depositary in response to a recovery request from the depositary; and
  
  acquiring from the depositary the recovery information decrypted by a private key of the depositary and then encrypted by a public key.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
- - 15. The method of claim 11, further comprising:
    - decrypting the acquired encrypted recovery information using a private key of said server, and recovering said encryption key using the decrypted acquired recovery information.
  - 16. The method of claim 11, further comprising:
    - logging historical records of the recovery request.
  - 17. The method of claim 15, further comprising:
    - encrypting said recovered encryption key using said public key of said depositary in response to an encryption key acquisition request from said depositary, and sending said encrypted recovered encryption key to said depositary.
  - 18. The method of claim 17, further comprising:
    - logging historical records of the encryption key acquisition request.
  - 19. The method of claim 15, further comprising:
    - performing on behalf of said depositary a process using said encryption key in response to a processing request from said depositary.
  - 20. The method of claim 19, further comprising:
    - logging historical records of the processing request from said depositary.
  - 21. The method of claim 15, further comprising:
    - supplying said historical records to the user to whom said encryption key is assigned.

12. A computer storage medium having executable software code, the executable software code:
- instructions for generating an encryption key for a user;
  
  instructions for starting a process in response to generating said encryption key, said process allowing a depositary, with which the generated encryption key was deposited, to store the key in a subsequently recoverable manner;
  
  instructions for encrypting recovery information using a public key of the depositary, the recovery information usable to recover the encryption key;
  
  instructions for sending the encrypted recovery information to the depositary in response to a recovery request from the depositary; and
  
  instructions for acquiring from the depositary the recovery information decrypted by a private key of the depositary and then encrypted by a public key.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The computer storage medium of claim 12, the executable software code further comprising:
    - instructions for decrypting the acquired encrypted recovery information using a private key of said server; and
      
      instructions for recovering said encryption key using the decrypted acquired recovery information.
  - 23. The computer storage medium of claim 12, the executable software code further comprising:
    - instructions for logging historical records of the recovery request.
  - 24. The computer storage medium of claim 22, the executable software code further comprising:
    - instructions for encrypting said recovered encryption key using said public key of said depositary in response to an encryption key acquisition request from said depositary; and
      
      instructions for sending said encrypted recovered encryption key to said depositary.
  - 25. The computer storage medium of claim 24, the executable software code further comprising:
    - instructions for logging historical records of the encryption key acquisition request.
  - 26. The computer storage medium of claim 22, the executable software code further comprising:
    - instructions for performing on behalf of said depositary a process using said encryption key in response to, a processing request from said depositary.
  - 27. The computer storage medium of claim 26, the executable software code further comprising:
    - instructions for logging historical records of the processing request from said depositary.
  - 28. The computer storage medium of claim 23, the executable software code further comprising:
    - instructions for supplying said historical records to the user to whom said encryption key is assigned.

14. An encryption key recovering method, comprising:
- receiving recovery request from a depositary for recovering an encryption key, the encryption key associated with recovery information, the recovery information encrypted with a public key of the depositary and retained at the server;
  
  sending the encrypted recovery information to the depositary; and
  
  acquiring from the depositary the encrypted recovery information that is decrypted by a private key of the depositary and then encrypted by a public key of the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fuji Xerox Company Limited (Fujifilm Holdings Corporation)
Original Assignee
Fuji Xerox Company Limited (Fujifilm Holdings Corporation)
Inventors
Aoki, Ryuichi
Primary Examiner(s)
Caldwell, Andrew
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US09/415,461
Time in Patent Office

1,923 Days
Field of Search

380/279, 380/281, 380/282, 380/284, 380/286
US Class Current

380/286
CPC Class Codes

H04L 63/0428 wherein the data content is...

H04L 9/0894 Escrow, recovery or storing...

Apparatus and method for depositing encryption keys

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for depositing encryption keys

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links