Multi-token seal and unseal

US 7,480,806 B2
Filed: 02/22/2002
Issued: 01/20/2009
Est. Priority Date: 02/22/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprisingrequesting a first token to unseal a sealed first portion of a multi-token sealed object to obtain a first portion of the multi-token sealed object,receiving the first portion in response to the first token unsealing the sealed first portion only if the first token determines that a current device environment satisfies environment criteria specified for the sealed first portion,requesting a second token to unseal a sealed second portion of a multi-token sealed object to obtain a second portion of the multi-token sealed object, andusing the first portion and the second portion to obtain an object from the multi-token sealed object.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatus and computer readable medium are described for sealing objects to two or more tokens. Further, methods, apparatus and computer readable medium are described for unsealing objects that have been sealed to two or more tokens.

237 Citations

43 Claims

1. A method comprisingrequesting a first token to unseal a sealed first portion of a multi-token sealed object to obtain a first portion of the multi-token sealed object,receiving the first portion in response to the first token unsealing the sealed first portion only if the first token determines that a current device environment satisfies environment criteria specified for the sealed first portion,requesting a second token to unseal a sealed second portion of a multi-token sealed object to obtain a second portion of the multi-token sealed object, andusing the first portion and the second portion to obtain an object from the multi-token sealed object.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 further comprising obtaining the object of the multi-token sealed object by using the first portion as a key to decrypt the second portion.
  - 3. The method of claim 1 further comprisingreceiving a key in response to the first token unseating the sealed first portion,receiving an encrypted object in response to the second token unsealing the second portion, andobtaining the object of the multi-token sealed object by using the key to decrypt the encrypted object.
  - 4. The method of claim 1 further comprisinggenerating a key based upon the first portion and the second portion of the multi-token sealed object, andobtaining the object of the multi-token sealed object by using the generated key to decrypt an encrypted object of the multi-token sealed object.
  - 5. The method of claim 1 further comprisinggenerating a key from the first portion and the second portion of the multi-token sealed object, andobtaining the object of the multi-token sealed object by using the generated key and an asymmetric cryptographic algorithm to decrypt an encrypted object of the multi-token sealed object.
  - 6. The method of claim 1 further comprisingreceiving a first key in response to the first token unsealing the sealed first portion,receiving a second key in response to the second token unsealing the second portion,generating a third key from the first key and the second key, andobtaining the object of the multi-token sealed by using the third key to decrypt an encrypted object of the multi-token sealed object.
  - 7. The method of claim 1 further comprisingreceiving a first key in response to the first token unsealing the sealed first portion only if the first token determines that a current device environment satisfies environment criteria specified for the sealed first portion,receiving a second key in response to the second token unsealing the second portion only if the second token determines that the current device environment satisfies environment criteria specified for the sealed second portion,generating a third key from the first key and the second key, andobtaining the object of the multi-token sealed by using the third key to decrypt an encrypted object of the multi-token sealed object.
  - 8. The method of claim 7 further comprisingreceiving the first key in response to the first token unsealing the sealed first portion only if a first value computed from the first portion and a first seal record of the sealed first portion has a predetermined relationship with a first digest value of the sealed first portion, andreceiving the second key in response to the second token unsealing the sealed second portion only if a second value computed from the second portion and a second seal record of the sealed second portion has a predetermined relationship with a second digest value of the sealed second portion.
  - 9. The method of claim 1 further comprisingreceiving a first key in response to the first token unsealing the sealed first portion only if the first token generated the sealed first portion,receiving a second key in response to the second token unsealing the second portion only if the second token generated the sealed second portion,generating a third key from the first key and the second key, andobtaining the object of the multi-token sealed by using the third key to decrypt an encrypted object of the multi-token sealed object.

10. A method comprisingrequesting a plurality of tokens to unseal a plurality sealed portions of a multi-token sealed object,receiving a plurality of unsealed portions of the multi-token sealed object only if a current device environment satisfies device criteria specified for the plurality of sealed portions, andobtaining an object that has been sealed to the plurality of tokens using the plurality of unsealed portions of the multi-token sealed object.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10 wherein obtaining comprisesgenerating a key from the plurality of unsealed portions of the multi-token sealed object, anddecrypting an encrypted object using the key to obtain the object.
  - 12. The method of claim 10 wherein obtaining comprisesgenerating a key from the plurality of unsealed portions of the multi-token sealed object, anddecrypting an encrypted object using the key and a symmetric cryptographic algorithm to obtain the object.
  - 13. The method of claim 12 further comprising unsealing the plurality of sealed portions only if the plurality of tokens generated the plurality of sealed portions.

14. A method comprisingrequesting a first token of a computing device to seal a first portion of a multi-token sealed object to first environment criteria, andrequesting a second token of a computing device to seal a second portion of the multi-token sealed object to second environment criteria.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 15. The method of claim 14 further comprisingencrypting an object using a symmetric cryptographic algorithm and a key to obtain an encrypted object, andreceiving a scaled encrypted object in response to the first token sealing the first portion that comprises the encrypted object,receiving a sealed key in response to the second token sealing the second portion that comprises the key.
  - 16. The method of claim 14 further comprisingencrypting the object using an asymmetric cryptographic algorithm and an encryption key of an asymmetric key pair to obtain an encrypted object,receiving a sealed encrypted object in response to the first token sealing the first portion that comprises the encrypted object,receiving a sealed decryption key in response to the second token sealing the second portion that comprises a decryption key of the asymmetric key pair.
  - 17. The method of claim 14 further comprisingreceiving a sealed first portion encrypted by the first token using a first key of the first token, the sealed first portion comprising the first key, a first seal record comprisingone or more metrics specified by the first environment criteria, and a first digest value that attests to the integrity of the first key and the first seal record, andreceiving a sealed second portion encrypted by the second token using a second key of the second token, the sealed second portion comprising the second key, a second seal record comprising one or more metrics specified by the second environment criteria, and a second digest value that attests to the integrity of the second key and the second seal record.
  - 18. The method of claim 17 whereinthe first seal record comprises a unique first identifier for the first token, andthe second seal record comprises a unique second identifier for the second token.
  - 19. The method of claim 14 further comprisingencrypting the object using key that was generated based upon a first key and a second key,receiving a sealed first key in response to the first token sealing the first portion that comprises the first key,receiving a scaled second key in response to the second token sealing the second portion that comprises the second key.
  - 20. The method of claim 19 further comprisinggenerating a sealed first portion by encrypting the first portion and metrics specified by the first environment criteria using a first key of the first token, andgenerating a sealed second portion by encrypting the second portion and metrics specified by the second environment criteria using a second key of the second token.
  - 21. The method of claim 20 whereinthe first token comprises a virtual token, andthe second token comprises a physical token.
  - 22. The method of claim 21 further comprisingspecifying the second environment criteria by identifying at least one configuration register of the physical token that comprises a metric of the virtual token.
  - 23. The method of claim 14 further comprisingspecifying the first environment criteria by identifying one or more configuration registers of the first token that record metrics of the computing device, andspecifying the second environment criteria by identifying one or more configuration registers of the second token that record metrics of the computing device.
  - 24. The method of claim 23 whereinspecifying the second environment criteria comprises identifying at least one configuration register of the second token that comprises a metric of the first token.
  - 25. The method of claim 24 whereinthe first token comprises a virtual token, andthe second token comprises a physical token.

26. A device comprisinga virtual token comprising one or more configuration registers that record metrics of a device environment and one or more processing units to generate a sealed first key that comprises a first key sealed to first environment criteria,a physical token comprising one or more configuration registers that record metrics of the device environment, and one or more processing units to generate a sealed second key that comprises a second key sealed to second environment criteria, anda sealing component to generate a third key based upon the first key and the second key, encrypt an object using the third key to obtain an encrypted object, request the virtual token to seal the first key to obtain the sealed first key, and request the physical token to seal the second key to obtain the sealed second key.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33)
- - 27. The device of claim 26 wherein the sealing component specifies the first environment criteria by identifying one or more configuration registers of the virtual token to which to seal the first key, and specifies the second environment criteria by identifying one or more configuration registers of the physical token to which to seal the second key.
  - 28. The device of claim 27 wherein the sealing component specifies a first public key of the virtual token with which to seal the first key, and specifies a second public key of the physical token with which to seal the second key.
  - 29. The device of claim 28 whereinthe virtual token generates the sealed first key by using the first public key to encrypt the first key, a first seal record comprising metrics specified by the first environment criteria, and a first digest value that attests to the integrity of the first key and the first seal record, andthe physical token generates the sealed second key by using the second public key to encrypt the second key, a second seal record comprising metrics specified by the second environment criteria, and a second digest value that attests to the integrity of the second key and the second seal record.
  - 30. The device of claim 26 further comprising an unsealing component to request the virtual token to unseal the sealed first key to obtain the first key, to request the physical token to unseal the sealed second key to obtain the second key, to generate a third key based upon the first key and the second key, and to decrypt the encrypted object using the third key.
  - 31. The device of claim 30 whereinthe processing units of the virtual token further unseal the sealed first key and provide the unsealing component with the first key only if the metrics of the one or more configuration registers of the virtual token satisfy the first environment criteria, andthe processing units of the physical token further unseal the sealed key and provide the unsealing with the key used to decrypt the encrypted object only if the metrics of the one or more configuration registers of the physical token satisfy the second environment criteria.
  - 32. The device of claim 31 whereinthe virtual token unseals the sealed object by decrypting the sealed object using a first private key of the virtual token to obtain the encrypted object, a first seal record, and a first digest value that attests to the integrity of the encrypted object and the first seal record, andthe physical token unseals the sealed key by decrypting the sealed key using a second private key of the physical token to obtain the key, a second seal record, and a second digest value that attests to the integrity of the key and the second seal record.
  - 33. The device of claim 30 whereinthe processing units of the virtual token provide the unsealing component with the encrypted object only if the first digest value obtained from the sealed first key has a predetermined relationship with a value computed from the first key and the first seal record of the sealed first key, andthe processing units of the physical token provide the unsealing component with the second key only if the second digest value obtained from the sealed second key has a predetermined relationship with a value computed from the second key and the second seal record of the sealed second key.

34. A machine readable medium comprising a plurality of instructions that, in response to being executed, result in a computing devicesealing a first portion of a multi-token sealed object to first environment criteria using a first public key of a first token to obtain a sealed first portion, andsealing a second portion of the multi-token sealed object to second environment criteria using a second public key of a second token to obtain a sealed second portion.
- View Dependent Claims (35, 36, 37, 38, 39)
- - 35. The machine readable medium of claim 34 wherein the plurality of instructions further result in the computing devicespecifying the first environment criteria by identifying one or more configuration registers of the first token that record metrics of the computing device, andspecifying the second environment criteria by identifying one or more configuration registers of the second token that record metrics of the computing device.
  - 36. The machine readable medium of claim 35 wherein the plurality of instructions further result in the computing devicegenerating the sealed first portion such that the sealed first portion comprises the first portion, a first seal record comprising the metrics of the one or more configuration registers specified by the first environment criteria, and a first digest value of the encrypted object and the seal record, andgenerating the sealed second portion such that the sealed second portion comprises the second portion, a second seal record comprising the metrics of the one or more configuration registers specified by the second environment criteria, and a second digest value of the key and the second seal record.
  - 37. The machine readable medium of claim 36 wherein the plurality of instructions further result in the computing deviceunsealing the sealed first portion using a first private key of the first token and providing the first portion only if the metrics recorded by the first token have a predetermined relationship with the metrics of the first seal record, andunsealing the sealed second portion using a second private key of the second token and providing the second portion only if the metrics recorded by the second token have a predetermined relationship with the metrics of the second seal record.
  - 38. The machine readable medium of claim 37 wherein the plurality of instructions further result in the computing deviceproviding the first portion only if the first digest value obtained from the sealed encrypted object has a predetermined relationship to a first value computed from the encrypted object and the first seal record, andproviding the second portion only if the second digest value obtained from the sealed key has a predetermined relationship to a second value computed from the key and the second seal record.
  - 39. The machine readable medium of claim 34 wherein the plurality of instructions further result in the computing deviceunsealing the sealed first portion using a first private key of the first token and providing the first portion object only if a current device environment satisfies the first environment criteria, andunsealing the sealed second portion using a second private key of the second token and providing the second portion only if the current device environment satisfies the second environment criteria.

40. A device comprisinga chipset,a processor coupled to the chipset,memory coupled to the chipset, the memory comprising a plurality of instructions that, when executed by the processor, result in the processor implementing a virtual token that records metrics of a device environment, that receives a first key used to generate a decryption key, and that seals the first key to one or more metrics recorded by the virtual token in response to receiving a seal operation request, anda physical token coupled to the chipset, the physical token to record metrics of the device environment, to receive a second key used to generate the decryption key, and to seal the second key to one or more metrics recorded by the physical token in response to receiving a seal operation request.
- View Dependent Claims (41, 42, 43)
- - 41. The device of claim 40 wherein the one or more metrics recorded by the physical token comprises a virtual token metric and the physical token seals the key to at least the virtual token metric.
  - 42. The device of claim 40 wherein the one or more metrics recorded by the physical token comprises a metric of the plurality of instructions that result in the processor implementing the virtual token and the physical token seals the key to at least the metric of the plurality of instructions.
  - 43. The device of claim 40 whereinthe plurality of instructions, in response to execution, result in the processor generating a scaled first key that comprises the first key and a unique first identifier for the virtual token, andthe physical token generates a sealed second key that comprises the second key and a unique second identifier for the physical token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Grawrock, David W.
Primary Examiner(s)
Sheikh; Ayaz R
Assistant Examiner(s)
Sherkat; Arezoo

Application Number

US10/082,600
Publication Number

US 20030163711A1
Time in Patent Office

2,524 Days
Field of Search

None
US Class Current

713/189
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

H04L 63/123 received data contents, e.g...

Multi-token seal and unseal

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

237 Citations

43 Claims

Specification

Solutions

Use Cases

Quick Links

Multi-token seal and unseal

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

237 Citations

43 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links