System and method for securely copying a cryptographic key
First Claim
1. A method of securely copying a cryptographic key from one smart device to another smart device, comprising:
- mutually authenticating a smart source device and a host with respect to each other;
mutually authenticating a smart destination device and the host with respect to each other;
authenticating the destination device through the host by the source device; and
sending a cryptographic key stored in the source device to the destination device,wherein the step of authenticating the destination device includessending to the destination device a challenge encrypted with a symmetric key and signed with a private key of the source device, the symmetric key being common to the source and destination devices,decrypting the challenge with the symmetric key by the destination device,verifying the signature of the challenge by the destination device,sending to the source device a response encrypted with the public key of the source device and signed with the private key of the destination device,verifying the signature of the response by the source device, anddecrypting the response with the private key of the source device,wherein the step of sending to the destination device a challenge includessending the challenge to the host,signing the challenge with the private key of the host, andsending the signed challenge to the destination device.
2 Assignments
0 Petitions
Accused Products
Abstract
A system and method are provided in which a cryptographic key stored in a secure token such as a smart card can be copied to another smart card with high security and assurance with no intermediary being able to see what is being transferred. According to the invention, a host assisting in the transfer and a source smart card mutually authenticate themselves with each other. The host and a destination smart card also mutually authenticate themselves with each other. Then, the source card authenticates the destination card to ensure that the destination card is permitted to receive the cryptographic key of the source card. The source card then sends the cryptographic key to the destination card in a secure manner.
-
Citations
8 Claims
-
1. A method of securely copying a cryptographic key from one smart device to another smart device, comprising:
-
mutually authenticating a smart source device and a host with respect to each other; mutually authenticating a smart destination device and the host with respect to each other; authenticating the destination device through the host by the source device; and sending a cryptographic key stored in the source device to the destination device, wherein the step of authenticating the destination device includes sending to the destination device a challenge encrypted with a symmetric key and signed with a private key of the source device, the symmetric key being common to the source and destination devices, decrypting the challenge with the symmetric key by the destination device, verifying the signature of the challenge by the destination device, sending to the source device a response encrypted with the public key of the source device and signed with the private key of the destination device, verifying the signature of the response by the source device, and decrypting the response with the private key of the source device, wherein the step of sending to the destination device a challenge includes sending the challenge to the host, signing the challenge with the private key of the host, and sending the signed challenge to the destination device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification