Method of preventing unauthorized distribution and use of electronic keys using a key seed

US 7,352,867 B2
Filed: 07/10/2002
Issued: 04/01/2008
Est. Priority Date: 07/10/2002
Status: Active Grant

First Claim

Patent Images

1. A method of generating an electronic key used in an electronic transaction, said method comprising executing a first one-way function which is unique to a first host and installed on said first host that derives said electronic key from:

a key seed received along with said first one-way function from a key distribution centre, said key seed and said first one-way function being saved in a non-volatile storage unit of said first host, anda unique host identification of said first host, said unique host identification not received from the key distribution centre;

said function being executed to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for generating an electronic key used in an electronic transaction can be created by executing a one-way function on a host that derives the electronic key from a key seed saved in a non-volatile storage unit of the host and a unique host identification that is resident on the host. The function is preferably executed each time an electronic transaction requiring the use of the electronic key is made.

84 Citations

View as Search Results

21 Claims

1. A method of generating an electronic key used in an electronic transaction, said method comprising executing a first one-way function which is unique to a first host and installed on said first host that derives said electronic key from:
- a key seed received along with said first one-way function from a key distribution centre, said key seed and said first one-way function being saved in a non-volatile storage unit of said first host, anda unique host identification of said first host, said unique host identification not received from the key distribution centre;
  
  said function being executed to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, further comprising executing said first one-way function with said saved key seed and said unique host identification as inputs to generate said electronic key used in said electronic transaction between said first host and an electronic device that uses a symmetric session key in said electronic transaction.
  - 3. The method of claim 2, further comprising allowing a successful completion of said electronic transaction only if said electronic key matches said symmetric session key.
  - 4. The method of claim 1, further comprising deleting said electronic key from said first host device following said transaction.
  - 5. The method of claim 1, further comprising executing a second one-way function which is unique to a second host and installed on said second host that derives said electronic key from a key seed received along with said second one-way function from a key distribution centre, and saved in a non-volatile storage unit of said second host and a unique host identification of said second host, said function being executed to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.

6. A system for generating an electronic key used in an electronic transaction, said system comprising:
- a first host for making said electronic transaction, said first host having a unique host identification not received from a certifying authority for said electronic key;
  
  a non-volatile storage unit of said first host for storing a private key seed; and
  
  a first one-way function, unique to said first host and installed in said first host, for deriving said electronic key from said key seed and said host identification of said first host, said first host executing said one-way function to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 7. The system of claim 6, wherein said first host randomly generates said private key seed.
  - 8. The system of claim 7, wherein said one-way function derives a private key from said private key seed and said host identification.
  - 9. The system of claim 8, wherein said first host derives a public key from said private key.
  - 10. The system of claim 9, wherein said certifying authority registers said public key to produce a registered public key.
  - 11. The system of claim 10, wherein said certifying authority comprises a key distribution center.
  - 12. The system of claim 10, wherein said certifying authority saves said public key in a trusted database.
  - 13. The system of claim 10, wherein said certifying authority sends a digital certificate to said first host attesting to the binding of said public key to said first host.
  - 14. The system of claim 10, wherein said first host saves said private key seed in said non-volatile storage unit.
  - 15. The system of claim 10, wherein said first host executes said one-way function to generate said private key used in said electronic transaction between said first host and an electronic device that uses said registered public key in said electronic transaction.
  - 16. The system of claim 15, wherein said electronic transaction is successfully completed only if said private key correlates correctly with said public key.
  - 17. The system of claim 6, wherein said key seed comprises a symmetric session key seed.
  - 18. The system of claim 17, said system further comprising a key distribution center for sending said symmetric session key seed to said first host, said first host saving said symmetric session key seed in said non-volatile storage unit.
  - 19. The system of claim 18, wherein said first host executes said first one-way function to generate said symmetric session key used in said electronic transaction between said first host and an electronic device, said electronic device also using a symmetric session key in said electronic transaction.
  - 20. The system of claim 19, wherein said electronic transaction is completed successfully only if said symmetric session key used by said first host matches said symmetric session key used by said electronic device.
  - 21. The system of claim 6 further comprising:
    - a second host for making said electronic transaction, said second host having a unique host identification;
      
      a non-volatile storage unit of said second host for storing a private key seed; and
      
      a second one-way function unique to said second host, installed on said second host, for deriving said electronic key from said key seed and said host identification of said second host, said second host executing said one-way function to derive said electronic key each time an electronic transaction requiring the use of said electronic key is made.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
General Instrument Corporation (CommScope Holding Company, Inc.)
Inventors
Medvinsky, Alexander
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Cervetti; David Garcia

Application Number

US10/192,920
Publication Number

US 20040008846A1
Time in Patent Office

2,092 Days
Field of Search

380/278, 713/171
US Class Current

380/278
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2463/061   applying further key deriva...

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/083   involving central third par...

H04L 9/0866   involving user or device id...

H04L 9/0869   involving random numbers or...

H04L 9/0897   involving additional device...

Method of preventing unauthorized distribution and use of electronic keys using a key seed

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

84 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method of preventing unauthorized distribution and use of electronic keys using a key seed

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links