Method for dynamically using cryptographic keys in a postage meter
First Claim
Patent Images
1. A method for dynamically creating in an electronic chip, after its manufacture, a cryptographic key having a plurality of component parts, the method comprising the steps of:
- storing software code in a memory device of the electronic chip;
creating a data file having a plurality of pointers, each of the plurality of pointers corresponding to one of the plurality of component parts by identifying a location in the memory device where a portion of the software code is the same as the corresponding one of the component parts;
providing the data file to the electronic chip;
using the plurality of pointers within the electronic chip to obtain the plurality of component parts from the stored software code; and
assembling the cryptographic key in the electronic chip using the plurality of component parts obtained from the stored software code;
wherein the memory device is a ROM;
wherein the electronic chip is a smart card chip including the ROM, an EEPROM having an encrypted key, a decryption algorithm, and executable code stored therein, a CPU, and a RAM;
the electronic chip is part of a postage meter that also includes a vault that accounts for postage dispensed by the postage meter and a print-head that includes the electronic chip and a print-head for printing the postage dispensed, the print-head further includes a flash memory in which the data file is stored in encrypted form; and
further comprising the steps of during power-up of the postage meter the encrypted data file is read from flash memory into the RAM by the CPU;
the CPU uses the executable code to decrypt the encrypted data file to obtain the plurality of pointers, the CPU uses the plurality of pointers to obtain from the software code component parts of the cryptographic key and to assemble in RAM the cryptographic key from the component parts;
the CPU uses the assembled cryptographic key and the decryption algorithm to decrypt the encrypted key;
the CPU stores the decrypted encrypted key in a secure area of the EEPROM, erases the assembled cryptographic key, and the encrypted data file from the RAM, erases the encrypted key, the decryption algorithm, and executable code from EEPROM, and erases the encrypted data file from the flash memory.
2 Assignments
0 Petitions
Accused Products
Abstract
A postage meter includes a vault that accounts for postage dispensed by the postage meter; and a printhead module having a printhead for printing the postage dispensed; a smart card chip having a ROM having software code stored therein; an EEPROM having an encrypted key and executable code stored therein, a CPU; a RAM; and a flash memory having an encrypted pointer data file stored therein. During power-up of the postage meter the encrypted pointer data file is read from the flash memory into the RAM by the CPU, the CPU uses the executable code to decrypt the encrypted pointer data file to obtain from the software code components parts of a decryption key and to assemble in the ram the decryption key from the component parts, the CPU uses the assembled decryption key and the executable code to decrypt the encrypted cryptographic key, and the CPU stores the decrypted cryptographic key in a secure area of the EEPROM, erases the decryption key and the encrypted pointer data file from the RAM, erases the encrypted cryptographic key and executable code from the EEPROM, and erases the pointer data file from the flash memory.
-
Citations
20 Claims
-
1. A method for dynamically creating in an electronic chip, after its manufacture, a cryptographic key having a plurality of component parts, the method comprising the steps of:
-
storing software code in a memory device of the electronic chip;
creating a data file having a plurality of pointers, each of the plurality of pointers corresponding to one of the plurality of component parts by identifying a location in the memory device where a portion of the software code is the same as the corresponding one of the component parts;
providing the data file to the electronic chip;
using the plurality of pointers within the electronic chip to obtain the plurality of component parts from the stored software code; and
assembling the cryptographic key in the electronic chip using the plurality of component parts obtained from the stored software code;
wherein the memory device is a ROM;
wherein the electronic chip is a smart card chip including the ROM, an EEPROM having an encrypted key, a decryption algorithm, and executable code stored therein, a CPU, and a RAM;
the electronic chip is part of a postage meter that also includes a vault that accounts for postage dispensed by the postage meter and a print-head that includes the electronic chip and a print-head for printing the postage dispensed, the print-head further includes a flash memory in which the data file is stored in encrypted form; and
further comprising the steps of during power-up of the postage meter the encrypted data file is read from flash memory into the RAM by the CPU;
the CPU uses the executable code to decrypt the encrypted data file to obtain the plurality of pointers, the CPU uses the plurality of pointers to obtain from the software code component parts of the cryptographic key and to assemble in RAM the cryptographic key from the component parts;
the CPU uses the assembled cryptographic key and the decryption algorithm to decrypt the encrypted key;
the CPU stores the decrypted encrypted key in a secure area of the EEPROM, erases the assembled cryptographic key, and the encrypted data file from the RAM, erases the encrypted key, the decryption algorithm, and executable code from EEPROM, and erases the encrypted data file from the flash memory. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for securely decrypting in an electronic chip, after its manufacture, an encrypted cryptographic key using a decryption key having a plurality of component parts, the method comprising the steps of:
-
storing software codes in a memory device of the electronic chip;
creating a data file having a plurality of pointers, each of the plurality of pointers corresponding to one of the plurality of component parts by identifying a location in the memory device where a portion of the software code is the same as the corresponding one of the component parts;
providing the data file to the electronic chip;
using the plurality of pointers in the electronic chip to obtain the plurality of component parts from the stored software code;
assembling the decryption key in the electronic chip using the plurality of component parts obtained from the stored software code;
using the decryption key to decrypt the encrypted cryptographic key;
erasing the pointer data file, the encrypted cryptographic key, and the decryption key from the electronic chip; and
storing the decrypted cryptographic key in a secure region of the electronic chip. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneePitney Bowes Incorporated (Böwe Systec AG)
-
Original AssigneePitney Bowes Incorporated (Böwe Systec AG)
-
InventorsDeFilippo, Craig J., Gargiulo, Joseph L.
-
Primary Examiner(s)Trammell, James P.
-
Assistant Examiner(s)Greene, Daniel L.
-
Application NumberUS09/726,744Publication NumberTime in Patent Office1,741 DaysField of Search705/60, 705/62, 705/401, 705/405, 705/408, 705/410, 705/57, 380/4, 380/23US Class Current705/62CPC Class CodesG07B 17/00733 Cryptography or similar spe...G07B 2017/00177 from a portable device, e.g...G07B 2017/00322 Communication between compo...G07B 2017/00741 using specific cryptographi...G07B 2017/00846 Key managementG07B 2017/00854 Key generationG07B 2017/00879 using session key
