Reliably identifying information of device generating digital signatures
First Claim
1. A method in which information of a device that generates digital signatures is reliably identified, comprising the steps of,(a) for each of a plurality of devices manufactured in a secure manufacturing environment, (i) creating, within the secure manufacturing environment, a public-private key pair, (ii) linking, within the secure manufacturing environment, the public key with other information associated with the device, wherein the other information comprises at least one of security features and manufacturing history of the device and wherein the other information defines a relative security level of the device, and (iii) before release of the device from the secure manufacturing environment, storing the private key within the device for utilization in generating a digital signature for an electronic message, (b) recording the linked public key and other information in a database and maintaining the database in a secure environment having a security rating at least comparable to the security level of the device for which the public key thereof is linked, (c) thereafter, when a public key linked in step (a)(ii) successfully authenticates a digitally signed message outside of the secure manufacturing environment, identifying from the database the other information to which the public key was linked in step (a)(ii) as pertaining to the device to which belongs the private key utilized in digitally signing the message without use of a digital certificate.
8 Assignments
0 Petitions
Accused Products
Abstract
Information of a device that generates digital signatures is reliably identified by (a) for each of a plurality of devices manufactured in an environment, (i) creating a public-private key pair within the environment, (ii) linking within the environment in a secure manner the public key with other information associated with the device, and (iii) before release of the device from the environment, storing the private key within the device for generating a digital signature for an electronic message, and (b) thereafter, when a said linked public key successfully authenticates a digitally signed message, identifying the other information associated with said linked public key as pertaining to the device to which belongs the private key utilized in digitally signing the message. Manufacturing the devices includes creating a public-private key pair within the secure environment, and storing the private key within the device against the possibility of divulgement thereof by the device.
-
Citations
29 Claims
-
1. A method in which information of a device that generates digital signatures is reliably identified, comprising the steps of,
(a) for each of a plurality of devices manufactured in a secure manufacturing environment, (i) creating, within the secure manufacturing environment, a public-private key pair, (ii) linking, within the secure manufacturing environment, the public key with other information associated with the device, wherein the other information comprises at least one of security features and manufacturing history of the device and wherein the other information defines a relative security level of the device, and (iii) before release of the device from the secure manufacturing environment, storing the private key within the device for utilization in generating a digital signature for an electronic message, (b) recording the linked public key and other information in a database and maintaining the database in a secure environment having a security rating at least comparable to the security level of the device for which the public key thereof is linked, (c) thereafter, when a public key linked in step (a)(ii) successfully authenticates a digitally signed message outside of the secure manufacturing environment, identifying from the database the other information to which the public key was linked in step (a)(ii) as pertaining to the device to which belongs the private key utilized in digitally signing the message without use of a digital certificate.
-
18. A method of manufacturing devices that generate digital signatures such that each device may be reliably and uniquely identified without use of a digital certificate, the devices being manufactured within a secure manufacturing environment, comprising the steps of, for each respective device:
-
(a) creating, within the secure manufacturing environment, a public-private key pair, (b) before release of the device from the secure manufacturing environment, storing the private key within the device for utilization in generating a digital signature for an electronic message, the private key being stored within the device against the possibility of divulgement thereof by the device, (c) securely linking, within the secure manufacturing environment, the public key with other information, wherein the other information comprises at least one of security features and manufacturing history of the device and wherein the other information defines a relative security level of the device, and (d) recording the linked public key and other information in a database and maintaining the database in a secure environment having a security rating at least comparable to the security level of the device for which the public key thereof is linked. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A method in which information of a device that generates digital signatures is reliably identified, comprising the steps of:
-
(a) for each of a plurality of devices manufactured in a secure manufacturing environment, before release of the device from the secure manufacturing environment;
(i) creating a public-private key pair;
(ii) storing the private key within the device for utilization in generating digital signatures for electronic messages; and
(iii) linking the public key with other information associated with the device, wherein the other information defines a relative security level of the device;
(b) for each of the plurality of devices manufactured in the secure manufacturing environment;
(i) originating a digital signature for a reference, the reference including the public key and the other information of the device, the digital signature for the reference generated by a private key of a Secure Entity;
(ii) publishing the reference and digital signature therefor, and;
(iii) maintaining the private key of the Secure Entity in a secure environment outside of the device, wherein the secure environment has a security rating that is at least comparable to the security level of the device to which the reference pertains; and
(c) thereafter, when a public key linked in step (a)(iii) successfully authenticates a digitally signed message, identifying the other information to which the public key was linked in step (a)(iii) as pertaining to the device to which belongs the private key utilized in digitally signing the message based on a successful authentication of the reference. - View Dependent Claims (26, 27, 28, 29)
-
Specification