Secure printing with authenticated printer key
First Claim
1. A method for securely storing a public key for encryption of data in a computing device, the method using a user-specific key pair which is securely stored in the computing device, the method comprising:
- a user authenticating step of authenticating a user who logs into the computing device;
a registering step of registering the user-specific key pair of the user authenticated by said authenticating step, wherein the user-specific key pair is registered in a secure registry;
a receiving step of receiving a target public key corresponding to a target device;
an obtaining step of obtaining the user-specific key pair from the secure registry, wherein the user-specific key pair is obtained from a key function call which is supported by an operating system executing in the computing device and wherein the key function call is provided with user login information for verification of the user'"'"'s authorization to use the computing device;
a key encrypting step of using a user-specific private key from the user-specific key pair to create a target key verifier based on the target public key;
a storing step of storing the target key verifier and the target public key in a storage area;
a retrieving step of retrieving the target key verifier and the target public key from the storage area;
a recognizing step of recognizing a printing instruction;
a verification step of applying, in response to recognizing the printing instruction, a user-specific public key from the user-specific key pair to the target key verifier for verifying the authenticity of the target public key, wherein said verification step verifies whether the public key in the storage area and the public key in the secure registry correspond to each other; and
a data encrypting step of encrypting data with the target public key, in the case that the authenticity of the target public key is verified, thereby creating encrypted data for transmission to the target device.
1 Assignment
0 Petitions
Accused Products
Abstract
Securely storing a public key for encryption of data in a computing device by using a user-specific key pair which is securely stored in the computing device, including receiving a target public key corresponding to a target device, obtaining a user-specific key pair from a secure registry, using a user-specific private key from the user-specific key pair to create a target key verifier based on the target public key, storing the target key verifier and the target public key in a storage area, retrieving the target key verifier and the target public key from the storage area, applying a user-specific public key from the user-specific key pair to the target key verifier for verifying the authenticity of the target public key, and encrypting data with the target public key, if authenticity of the target public key is verified, thereby creating encrypted data for transmission to the target device.
-
Citations
25 Claims
-
1. A method for securely storing a public key for encryption of data in a computing device, the method using a user-specific key pair which is securely stored in the computing device, the method comprising:
-
a user authenticating step of authenticating a user who logs into the computing device; a registering step of registering the user-specific key pair of the user authenticated by said authenticating step, wherein the user-specific key pair is registered in a secure registry; a receiving step of receiving a target public key corresponding to a target device; an obtaining step of obtaining the user-specific key pair from the secure registry, wherein the user-specific key pair is obtained from a key function call which is supported by an operating system executing in the computing device and wherein the key function call is provided with user login information for verification of the user'"'"'s authorization to use the computing device; a key encrypting step of using a user-specific private key from the user-specific key pair to create a target key verifier based on the target public key; a storing step of storing the target key verifier and the target public key in a storage area; a retrieving step of retrieving the target key verifier and the target public key from the storage area; a recognizing step of recognizing a printing instruction; a verification step of applying, in response to recognizing the printing instruction, a user-specific public key from the user-specific key pair to the target key verifier for verifying the authenticity of the target public key, wherein said verification step verifies whether the public key in the storage area and the public key in the secure registry correspond to each other; and a data encrypting step of encrypting data with the target public key, in the case that the authenticity of the target public key is verified, thereby creating encrypted data for transmission to the target device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 22, 23, 24)
-
-
20. A method for securely storing a printer public key for encryption of print data in a computing device, the method using a user-specific key pair which is securely stored in the computing device, the method comprising:
-
a user authenticating step of authenticating a user who logs into the computing device; a registering step of registering the user-specific key pair of the user authenticated by said authenticating step, wherein the user-specific key pair is registered in a secure registry; a receiving step of receiving a printer public key corresponding to a printer; an obtaining step of obtaining a user-specific key pair from a secure registry upon receipt of a corresponding user identification, wherein the user-specific key pair is obtained from a key function call which is supported by an operating system executing in the computing device and wherein the key function call is provided with user login information for verification of the user'"'"'s authorization to use the computing device; a first hashing step of applying a hashing algorithm to the printer public key to create a first printer key hash; an encryption step of applying an encryption algorithm to encrypt the first printer key hash with a user-specific private key from the user-specific key pair, thereby creating a printer key signature; a storing step of storing the printer key signature and the printer public key in a storage area; a retrieving step of retrieving the printer key signature and the printer public key from the storage area; a second hashing step of applying the hashing algorithm to the retrieved printer public key to create a second printer key hash; a decrypting step of applying a decryption algorithm to decrypt the printer key signature with a user-specific public key from the user-specific key pair, thereby retrieving the first printer key hash; a recognizing step of recognizing a printing instruction; a verification step of applying, in response to recognizing the printing instruction, a verification algorithm to compare the first printer key hash with the second printer key hash, for verifying the authenticity of the retrieved printer public key, wherein said verification step verifies whether the public key in the storage area and the public key in the secure registry correspond to each other; and a print data encrypting step of applying an encryption algorithm to print data using the retrieved printer public key, in the case that the authenticity of the retrieved printer public key is verified, to create encrypted print data for transmission to the printer.
-
-
21. A method for authentication of a printer public key received by a computing device, the method comprising:
-
a user authenticating step of authenticating a user who logs into the computing device; a registering step of registering the user-specific key pair of the user authenticated by said authenticating step, wherein the user-specific key pair is registered in a secure registry; a first receiving step of receiving in the computing device a printer public key corresponding to a printer; a hashing step of applying a hashing algorithm to the printer public key to create a first printer key hash; a second receiving step of receiving in the computing device a predetermined second printer key hash obtained from a test page printed by the printer, wherein the second printer key hash is input into the computing device by a user-input means connected to the computing device; a recognizing step of recognizing a printing instruction; a verification step of applying, in response to recognizing the printing instruction, a verification algorithm to compare the first printer key hash with the second printer key hash, for verifying the authenticity of the received printer public key, wherein said verification step verifies whether the public key in the storage area and the public key in the secure registry correspond to each other; and a storing step of storing, in the case that the authenticity of the received printer public key is verified in the verification step, the received printer public key in a memory area of the computing device.
-
-
25. An information apparatus which transmits encrypted data to a target device, the information apparatus securely storing a public key for encryption of the data and utilizing a user-specific key pair which is securely stored in the apparatus, comprising:
-
authenticating means for authenticating a user who logs into the computing device; registering means for registering the user-specific key pair of the user authenticated by said authenticating means, wherein the user-specific key pair is registered in a secure registry; receiving means for receiving a target public key corresponding to a target device; obtaining means for obtaining a user-specific key pair from a secure registry, wherein the user-specific key pair is obtained from a key function call which is supported by an operating system executing in the computing device and wherein the key function call is provided with user login information for verification of the user'"'"'s authorization to use the computing device; key encrypting means for using a user-specific private key from the user-specific key pair to create a target key verifier based on the target public key; storing means for storing the target key verifier and the target public key; retrieving means for retrieving the target key verifier and the target public key from the storing means; recognizing means for recognizing a printing instruction; verification means for applying, in response to recognizing the printing instruction, a user-specific public key from the user-specific key pair to the target key verifier for verifying the authenticity of the target public key, wherein said verification means verifies whether the public key in the storage area and the public key in the secure registry correspond to each other; and data encrypting means for encrypting data with the target public key, in the case that the authenticity of the target public key is verified, thereby creating encrypted data for transmission to the target device.
-
Specification