Dynamic substitution of USB data for on-the-fly encryption/decryption

US 7,469,343 B2
Filed: 05/02/2003
Issued: 12/23/2008
Est. Priority Date: 05/02/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A method for mediating data transfer between a device and a secure component, comprising:

receiving a first and second data request from the secure component at a security module;

after said receipt of the first data request at the security module, passing said first data request to said device;

receiving data in response to said first data request from said device at the security module;

after said receipt of said first data request at the security module, sending a deliberately false first signal to said secure component indicating that no data is available;

after said receipt of said data from said device, encrypting said data at the security module;

intercepting a second data request from said secure component to said device at the security module; and

after intercepting said second data request, sending said encrypted data to said secure component and sending a deliberately smashed second signal to said device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security module and method implements data requests from a USB or other similar device, in which a secure component can communicate securely with a device without modifying the underlying USB bus protocol, or the device, even where the software controlling the bus is untrusted. A security module (physically separate or integrated into a device or hub) intercepts data being sent from device to secure component in response to a data request. A “not acknowledged” signal is sent to the secure component, and the data is encrypted. The next data request is intercepted, and the encrypted data sent in response. The acknowledgement from the secure component to the device is allowed to reach the device. In order to handle a setup request, an allow command is sent to the security module, which includes the encrypted and unencrypted setup command. If an encryption check is successful, a setup command sent to the device (via the security module) is allowed to reach the device.

Citations

32 Claims

1. A method for mediating data transfer between a device and a secure component, comprising:
- receiving a first and second data request from the secure component at a security module;
  
  after said receipt of the first data request at the security module, passing said first data request to said device;
  
  receiving data in response to said first data request from said device at the security module;
  
  after said receipt of said first data request at the security module, sending a deliberately false first signal to said secure component indicating that no data is available;
  
  after said receipt of said data from said device, encrypting said data at the security module;
  
  intercepting a second data request from said secure component to said device at the security module; and
  
  after intercepting said second data request, sending said encrypted data to said secure component and sending a deliberately smashed second signal to said device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, where said encryption is performed using a key, and where said secure component comprises a secure portion comprising a copy of said key for decryption.
  - 3. The method of claim 1, where said device is a USB device, where said secure component is operably connected to a USB host, where said data request is a USB IN token, said data is USB data, and said signal to said secure component indicating that no data is available is a NAK signal.
  - 4. The method of claim 1, further comprising:
    - after said sending of said encrypted data from the security module to said secure component, receiving an acknowledgement from said secure component;
      
      after said receipt of said acknowledgement from said secure component at the security module, sending said acknowledgement to said device.
  - 5. The method of claim 4, where said device is a USB device, where said secure component is operably connected to a USB host, and where said acknowledgement is an ACK signal.
  - 6. The method of claim 1, where said data received from said device comprises a signal indicating that said device is in an error state, and where, after data is received from said device indicating that said device is in an error state, said sending a signal to said secure component indicating that no data is available is a signal indicating that said device is in an error state.
  - 7. The method of claim 6, where said device is a USB device, said secure component is operably connected to a USB host, and said signal indicating that said device is in an error state is a STALL signal.

8. A method for mediating data transfer between a USB device and a secure component operably connected to a USB host, comprising:
- intercepting data from said USB device responsive to a first IN token from said secure component at a security module;
  
  sending a deliberately false first signal to said secure component from the security module indicating that no data is available;
  
  encrypting said data at the security module;
  
  intercepting a second IN token sent by said secure component for said USB device; and
  
  in response to intercepting the second IN token, sending said encrypted data to said secure component and sending a deliberately smashed second signal to said device.
- View Dependent Claims (9)
- - 9. The method of claim 8, further comprising:
    - after intercepting said data from said USB device, sending an NAK signal to said secure component.

10. A security module for mediating data transfer between a device and a secure component, comprising:
- means for receiving a first and second data request at the security module;
  
  means for, after said receipt of the first data request, passing said first data request to said device;
  
  means for, after said passing of said first data request to said device, receiving data from said device at the security module;
  
  means for, after said receipt of said first data request, sending a deliberately false signal from the security module to said secure component indicating that no data is available;
  
  means for, after said receipt of said data from said device, encrypting said data at the security module;
  
  means for intercepting a second data request at the security module from said secure component to said device; and
  
  means for, after said second data request, sending said encrypted data from the security module to said secure component and sending a deliberately smashed second signal to said device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 11. The security module of claim 10, where said device comprises said security module.
  - 12. The security module of claim 10, where said security module comprises a hub.
  - 13. The security module of claim 10, where a dongle comprises said security module, and where said dongle is operably connected to said secure component.
  - 14. The security module of claim 10, where said encryption is performed using a key, where said security module comprises means for storing said key, and where said secure component comprises a secure portion comprising a copy of said key for decryption.
  - 15. The security module of claim 10, where said device is a USB device, where said secure component is operably connected to a USB host, where said data request is a USB IN token, said data is USB data, and said signal to said secure component indicating that no data is available is a NAK signal.
  - 16. The security module of claim 10, further comprising:
    - means for, after said sending of said encrypted data to said secure component, receiving an acknowledgement from said secure component;
      
      means for, after said receipt of said acknowledgement from said secure component, sending said acknowledgement to said device.
  - 17. The security module of claim 16, where said device is a USB device, where said secure component is operably connected to a USB host, and where said acknowledgement is an ACK signal.
  - 18. The security module of claim 10, where said data received from said device comprises a signal indicating that said device is in an error state, and where, after data is received from said device indicating that said device is in an error state, said sending a signal to said secure component indicating that no data is available is a signal indicating that said device is in an error state.
  - 19. The security module of claim 18, where said device is a USB device, said secure component is operably connected to a USB host, and said signal indicating that said device is in an error state is a STALL signal.
  - 20. The security module of claim 10, where said secure component is located in a first computer system, where said device is located in a second computer system, where said first and second computer systems are operably connected, and where said operable connection comprises at least one of:
    - a network, a local bus, and a USB bus.
  - 21. The security module of claim 10, where said secure component comprises a secure software component running at least one secure process, and where said data transfer occurs between one of said at least one secure processes and said device.

22. A security module for mediating data transfer between a USB device and a secure component operably connected to a USB host comprising:
- means for intercepting data from said USB device responsive to a first IN token from said secure component at a security module;
  
  means for sending a deliberately false first signal to said secure component indicating that no data is available;
  
  means for encrypting said data at the security module;
  
  means for intercepting a second IN token sent by said secure component for said USB device at the security module; and
  
  means for sending said encrypted data from the security module to said secure component and sending a deliberately smashed second signal to said device.
- View Dependent Claims (23)
- - 23. The security module of claim 22, further comprising:
    - means for, after intercepting said data from said USB device, sending an NAK signal to said secure component.

24. A tangible computer-readable medium for mediating data transfer between a device and a secure component, said computer-readable medium having computer-readable instructions which, when executed by one or more processors, implement steps comprising:
- receiving a first and second data request at a security module;
  
  after said receipt of a first data request, passing said first data request to said device;
  
  after said passing of said first data request to said device, receiving data from said device at the security module;
  
  after said receipt of said first data request, sending a deliberately false signal from the security module to said secure component indicating that no data is available;
  
  after said receipt of said data from said device, encrypting said data at the security module;
  
  intercepting a second data request at the security module from said secure component to said device; and
  
  after said second data request, sending said encrypted data to said secure component and sending a deliberately smashed second signal to said device.
- View Dependent Claims (25, 26, 27, 28, 29, 30)
- - 25. The computer-readable medium of claim 24, where said encryption is performed using a key, and where said secure component comprises a secure portion comprising a copy of said key for decryption.
  - 26. The computer-readable medium of claim 24, where said device is a USB device, where said secure component is operably connected to a USB host, where said data request is a USB IN token, said data is USB data, and said signal to said secure component indicating that no data is available is a NAK signal.
  - 27. The computer-readable medium of claim 24, said steps further comprising:
    - after said sending of said encrypted data to said secure component, receiving an acknowledgement from said secure component;
      
      after said receipt of said acknowledgement from said secure component, sending said acknowledgement to said device.
  - 28. The computer-readable medium of claim 27, where said device is a USB device, where said secure component is operably connected to a USB host, and where said acknowledgement is an ACK signal.
  - 29. The computer-readable medium of claim 24, where said data received from said device comprises a signal indicating that said device is in an error state, and where, after data is received from said device indicating that said device is in an error state, said sending a signal to said secure component indicating that no data is available is a signal indicating that said device is in an error state.
  - 30. The tangible computer-readable medium of claim 29, where said device is a USB device, said secure component is operably connected to a USB host, and said signal indicating that said device is in an error state is a STALL signal.

31. A tangible computer-readable medium for mediating data transfer between a USB device and a secure component operably connected to a USB host, said computer-readable medium having computer-readable instructions which, when executed by one or more processors, implement steps comprising:
- intercepting data at a security module from said USB device responsive to a first IN token from said secure component;
  
  encrypting said data at the security module;
  
  sending a deliberately false signal to said secure component indicating that no data is availableintercepting a second IN token at the security module sent by said secure component for said USB device; and
  
  sending said encrypted data to said secure component from the security module and sending a deliberately smashed second signal to said device.
- View Dependent Claims (32)
- - 32. The computer-readable medium of claim 31, said steps further comprising:
    - after intercepting said data from said USB device, sending an NAK signal to said secure component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ray, Kenneth, Kehl, Theodore
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Powers; William S

Application Number

US10/428,251
Publication Number

US 20040250087A1
Time in Patent Office

2,062 Days
Field of Search

713/189
US Class Current

713/189
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/606   by securing the transmissio...

G06F 21/72   in cryptographic circuits

G06F 21/725   operating on a secure refer...

G06F 21/78   to assure secure storage of...

G06F 21/82   Protecting input, output or...

G06F 21/85   interconnection devices, e....

G06F 2221/2153   Using hardware token as a s...

H04L 9/0869   involving random numbers or...

Dynamic substitution of USB data for on-the-fly encryption/decryption

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Dynamic substitution of USB data for on-the-fly encryption/decryption

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links