Secure repository with layers of tamper resistance and system and method for providing same
First Claim
1. A method of generating a computer program storable on a computer-readable medium, said method comprising the acts of:
- identifying a set of actions that are performed in the course of using a cryptographic algorithm to apply a cryptographic key to first data;
identifying attributes of said cryptographic key corresponding to said set of actions;
generating a first set of computer-executable instructions which includes instructions to perform actions functionally equivalent to said set of actions using said attributes but not said cryptographic key;
including said first set of computer-executable instructions in said computer program, wherein said computer program is operable to perform said functionally equivalent actions without access to, storing in memory, or exposing a whole or segment of said cryptographic key.
2 Assignments
0 Petitions
Accused Products
Abstract
A secure repository individualized for a hardware environment and a method and system for providing the same. The secure repository includes a hidden cryptographic key and code that applies the key without requiring access to a copy of the key. The code that implements the secure repository is generated in a manner that is at least partly based on a hardware ID associated with the hardware environment in which the secure repository is to be installed, and may also be based on a random number. Cryptographic functions implemented by the secure repository include decryption of encrypted information and validation of cryptographically signed information. The secure repository may be coupled to an application program, which uses cryptographic services provided by the secure repository, by way of a decoupling interface that provides a common communication and authentication interface for diverse types of secure repositories. The decoupling interface may take the form of a single application programmer interface (API) usable with multiple dynamically linkable libraries.
117 Citations
21 Claims
-
1. A method of generating a computer program storable on a computer-readable medium, said method comprising the acts of:
-
identifying a set of actions that are performed in the course of using a cryptographic algorithm to apply a cryptographic key to first data; identifying attributes of said cryptographic key corresponding to said set of actions; generating a first set of computer-executable instructions which includes instructions to perform actions functionally equivalent to said set of actions using said attributes but not said cryptographic key; including said first set of computer-executable instructions in said computer program, wherein said computer program is operable to perform said functionally equivalent actions without access to, storing in memory, or exposing a whole or segment of said cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification