System and method for secure storage data using a key

US 7,434,263 B2
Filed: 05/07/2003
Issued: 10/07/2008
Est. Priority Date: 10/26/1998
Status: Expired due to Fees

First Claim

Patent Images

1. A method, implemented in a system, the method comprising:

receiving a block of data, a current operating system identity, and a target operating system identity, wherein the target operating system identity comprises a unique value that represents the identity of the target operating system, the unique value being a digest of both an identity of an initial boot block of the target operating system and an identity of each of one or more loaded operating system components of the target operating system;

encrypting the block of data using a key;

subsequently receiving a request to decrypt the encrypted block of data; and

returning the encrypted block of data to the requester only if the target operating system identity is equal to an operating system identity when the request to decrypt is received.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one aspect, a data structure to be encrypted is received in a device, the data structure including content along with a statement of conditions under which the content may be decrypted. The data structure is encrypted using a symmetric key of a processor of the device. In another aspect, a data structure is decrypted using a processor symmetric key. A statement of conditions under which content in the data structure can be decrypted is obtained, and testing is performed as to whether the conditions are satisfied. The decrypted content is returned only if the conditions are satisfied.

Citations

56 Claims

1. A method, implemented in a system, the method comprising:
- receiving a block of data, a current operating system identity, and a target operating system identity, wherein the target operating system identity comprises a unique value that represents the identity of the target operating system, the unique value being a digest of both an identity of an initial boot block of the target operating system and an identity of each of one or more loaded operating system components of the target operating system;
  
  encrypting the block of data using a key;
  
  subsequently receiving a request to decrypt the encrypted block of data; and
  
  returning the encrypted block of data to the requester only if the target operating system identity is equal to an operating system identity when the request to decrypt is received.
- View Dependent Claims (2, 3, 4)
- - 2. A method as recited in claim 1, wherein the key comprises a symmetric key.
  - 3. A method as recited in claim 1, wherein the key comprises a symmetric key of a processor of the system.
  - 4. A method as recited in claim 1, wherein the current operating system identity and the target operating system are the same.

5. A method implemented in a system, the method comprising:
- receiving a block of data, a current operating system identity, and a target operating system identity, wherein the target operating system identity comprises a specified software identity register (SIR) value that must be current in order for the encrypted block of data to be decrypted, the software identity register (SIR) being set to the specified value only if a boot block of the target operating system is atomically executed;
  
  encrypting the block of data using a key;
  
  subsequently receiving a request to decrypt the encrypted block of data; and
  
  returning the encrypted block of data to the requester only if the target operating system identity is equal to an operating system identity when the request to decrypt is received.
- View Dependent Claims (6, 7, 8)
- - 6. A method as recited in claim 5, wherein the key comprises a symmetric key.
  - 7. A method as recited in claim 5, wherein the key comprises a symmetric key of a processor of the system.
  - 8. A method as recited in claim 5, wherein the current operating system identity and the target operating system are the same.

9. A method, implemented in a device, the method comprising:
- receiving a data structure to be encrypted, wherein the data structure includes content along with a statement of conditions under which the content may be decrypted, wherein the statement of conditions comprises a specified value of a software identity register (SIR) internal to a processor of the device that must be current at a point of future decryption, the specified value being a digest of both an identity of an initial boot block of an operating system of the device and an identity of each of one or more loaded operating system components, and wherein the data structure is received as an input to a Seal operation; and
  
  encrypting the content using a key.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. A method as recited in claim 9, wherein the key comprises a symmetric key.
  - 11. A method as recited in claim 9, wherein the key comprises a symmetric key of the processor of the device.
  - 12. A method as recited in claim 9, wherein the content comprises an arbitrary block of data.
  - 13. A method as recited in claim 9, wherein an operating system identity is maintained in the software identity register (SIR).
  - 14. A method as recited in claim 9, wherein the content can be decrypted only by a same processor as encrypted the data structure.
  - 15. A method as recited in claim 9, wherein the encrypting comprises encrypting the data structure.

16. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- receive a data structure to be encrypted, wherein the data structure includes content along with a statement of conditions under which the content may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity having been set to a specified value only if a boot block of the operating system was atomically executed; and
  
  encrypt the content using a key.
- View Dependent Claims (17, 18, 19)
- - 17. One or more computer readable memories as recited in claim 16, wherein the key comprises a symmetric key.
  - 18. One or more computer readable memories as recited in claim 16, wherein the key comprises a symmetric key of a processor of the device.
  - 19. One or more computer readable memories as recited in claim 16, wherein one or more of the plurality of instructions that cause the one or more processors to encrypt the content comprises one or more instructions that cause the one or more processors to encrypt the data structure.

20. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- receive a data structure to be encrypted, wherein the data structure includes content along with a statement of conditions under which the content may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing an the device must have in order for the content to be decrypted, the operating system identity being a digest of both an initial boot block of the operating system and an identity of each of one or more loaded operating system components, wherein the operating system identity is maintained in a software identity register (SIR) internal to one of the one or more processors; and
  
  encrypt the content using a key.
- View Dependent Claims (21, 22, 23)
- - 21. One or more computer readable memories as recited in claim 20, wherein the key comprises a symmetric key.
  - 22. One or more computer readable memories as recited in claim 20, wherein the key comprises a symmetric key of a processor of the device.
  - 23. One or more computer readable memories as recited in claim 20, wherein one or more of the plurality of instructions that cause the one or more processors to encrypt the content comprises one or more instructions that cause the one or more processors to encrypt the data structure.

24. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- receive a data structure to be encrypted, wherein the data structure includes content along with a statement of conditions under which the content may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity having been set to a unique value only if the boot block of the operating system was atomically executed wherein the operating system identity is for an operating system that is different than an operating system executing when the content to be encrypted is received; and
  
  encrypt the content using a key.
- View Dependent Claims (25, 26, 27, 28)
- - 25. One or more computer readable memories as recited in claim 24, wherein the key comprises a symmetric key.
  - 26. One or more computer readable memories as recited in claim 24, wherein the key comprises a symmetric key of a processor of the device.
  - 27. One or more computer readable memories as recited in claim 24, wherein the operating system identity is maintained in a software identity register (SIR).
  - 28. One or more computer readable memories as recited in claim 24, wherein one or more of the plurality of instructions that cause the one or more processors to encrypt the content comprises one or more instructions that cause the one or more processors to encrypt the data structure.

29. A method comprising:
- decrypting a data structure using a key;
  
  obtaining a statement of conditions under which content in the data structure can be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on a device including a processor must have in order for the content to be decrypted, the operating system identity being a digest of both an identity of an initial boot block of the operating system and an identity of each of one or more loaded operating system components indicated in a boot log of the device testing whether the conditions are satisfied; and
  
  returning the decrypted content only if the conditions are satisfied.
- View Dependent Claims (30, 31, 32, 33, 34)
- - 30. A method as recited in claim 29, wherein the key comprises a symmetric key.
  - 31. A method as recited in claim 29, wherein the key comprises a symmetric key of a processor.
  - 32. A method as recited in claim 29, wherein obtaining the statement of conditions comprises obtaining the statement of conditions from the data structure.
  - 33. A method as recited in claim 29, further comprising returning an error if the conditions are not satisfied.
  - 34. A method as recited in claim 29, further comprising decrypting the data structure only if the key is the same key as was previously used to encrypt the content.

35. A method comprising:
- decrypting a data structure using a key;
  
  obtaining a statement of conditions under which content in the data structure can be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on a device including a processor must have in order for the content to be decrypted, wherein the operating system identity is maintained in a software identity register (SIR) internal to the processor, wherein the operating system identity is a cryptographic digest of a data structure comprising both an identity of an initial boot block of the operating system of the device and an identity of each of one or more loaded operating system components, wherein each time one of the one or more loaded operating system components is loaded a current SIR value is replaced with a new SIR value that is a hash of a concatenation of the current SIR value and the identity of the one operating system component being loaded;
  
  testing whether the conditions are satisfied; and
  
  returning the decrypted content only if the conditions are satisfied.
- View Dependent Claims (36, 37, 38, 39, 40)
- - 36. A method as recited in claim 35, wherein the key comprises a symmetric key.
  - 37. A method as recited in claim 35, wherein the key comprises a symmetric key of a processor.
  - 38. A method as recited in claim 35, wherein obtaining the statement of conditions comprises obtaining the statement of conditions from the data structure.
  - 39. A method as recited in claim 35, further comprising returning an error if the conditions are not satisfied.
  - 40. A method as recited in claim 35, further comprising decrypting the data structure only if the key is the same key as was previously used to encrypt the content.

41. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- decrypt a data structure using a key;
  
  obtain a statement of conditions under which content in the data structure can be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity having been set to a specified value only if a boot block of the overatine system was atomically executed, wherein the operating system identity is maintained in a software identity register (SIR);
  
  test whether the conditions are satisfied; and
  
  return the decrypted content only if the conditions are satisfied.
- View Dependent Claims (42, 43, 44)
- - 42. One or more computer readable memories as recited in claim 41, wherein the key comprises a symmetric key.
  - 43. One or more computer readable memories as recited in claim 41, wherein the key comprises a symmetric key of one of the one or more processors.
  - 44. One or more computer readable memories as recited in claim 41, the specified value being a digest of the boot block.

45. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- decrypt a data structure using a key;
  
  obtain a statement of conditions under which content in the data structure can be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity being a digest of both an identity of an initial boot block of the operating system and an identity of each of one or more loaded operating system components;
  
  test whether the conditions are satisfied; and
  
  return the decrypted content only if the conditions are satisfied.
- View Dependent Claims (46, 47)
- - 46. One or more computer readable memories as recited in claim 45, wherein the key comprises a symmetric key.
  - 47. One or more computer readable memories as recited in claim 45, wherein the key comprises a symmetric key of one of the one or more processors.

48. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processor to:
- obtain content to be encrypted; and
  
  invoke a seal operation, inputting the content to have the content encrypted using a key so that the content can be decrypted only if a statement of conditions under which the content may be decrypted is satisfied, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity being a digest of both an identity of an initial boot block of the operating system and an identity of each of one or more loaded operating system components.
- View Dependent Claims (49, 50, 51, 52)
- - 49. One or more computer readable memories as recited in claim 48, wherein the inputting comprises inputting both the content and the statement of conditions under which the content may be decrypted.
  - 50. One or more computer readable memories as recited in claim 48, wherein the key comprises a symmetric key.
  - 51. One or more computer readable memories as recited in claim 48, wherein the key comprises a symmetric key of a processor of the device.
  - 52. One or more computer readable memories as recited in claim 48, wherein the operating system identity is for an operating system that is different than an operating system invoking the seal operation.

53. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- make a seal operation and an unseal operation available for invoking;
  
  wherein the seal operation causes content to be encrypted using a symmetric key along with a statement of the conditions under which it may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity being set to a unique value only if a boot block of the operating system was atomically executed;
  
  wherein the unseal operation causes the content to be returned to a requester if the conditions are satisfied; and
  
  wherein the seal operation and unseal operation collectively provide the ability to seal secrets only for subsequent use on the device.
- View Dependent Claims (54)
- - 54. One or more computer readable memories as recited in claim 53, wherein the unseal operation allows the content to be decrypted only by the processor that encrypted the content.

55. One or more computer readable memories having stored thereon a plurality of instructions that, when executed by one or more processors of a device, causes the one or more processors to:
- make a seal operation and an unseal operation available for invoking;
  
  wherein the seal operation causes content to be encrypted using a symmetric key along with a statement of the conditions under which it may be decrypted, wherein the statement of conditions comprises an operating system identity that an operating system executing on the device must have in order for the content to be decrypted, the operating system identity being a digest of both an identity of an initial boot block of the operating system and an identity of each of one or more loaded operating system components, and wherein the unseal operation causes the content to be returned to a requester if the conditions are satisfied.
- View Dependent Claims (56)
- - 56. One or more computer readable memories as recited in claim 55, wherein the unseal operation allows the content to be decrypted only by the processor that encrypted the content.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
England, Paul, Lampson, Butler W., DeTreville, John D.
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US10/430,994
Publication Number

US 20030194094A1
Time in Patent Office

1,980 Days
Field of Search

705/51, 705 54- 57, 713/2, 713/187, 713/190, 713/193, 726/26, 726/30, 726/21, 726/27
US Class Current

726/27
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/575   Secure boot

G06F 2221/2113   Multi-level security, e.g. ...

G06F 9/4406   Loading of operating system

G06F 9/468   Specific access rights for ...

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/166   at the transport layer

System and method for secure storage data using a key

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

56 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure storage data using a key

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

56 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links