Method for improved key management for ATMs and other remote devices
First Claim
1. A computer implemented method for securely transferring symmetric cryptographic keys to other devices, wherein said method utilizes a data structure comprising instructions that are cryptographically protected against alteration or misuse, wherein said instructions further comprise a trusted block that defines specific key management policies that are permitted when applications employ said trusted block to generate or export said symmetric cryptographic keys, and wherein said applications comprise:
- application programming interfaces (API);
embedded firmware;
operating system code;
and hardware configured operations; and
wherein said applications further comprise;
a Trusted_Block_Create (TBC) function;
a Remote_Key_Export (RKX) function;
wherein said TBC function creates said trusted block; and
wherein said RKX function uses said Trusted Block to generate or export symmetric keys according to a set of parameters in said Trusted Block; and
wherein said trusted block has a number of fields containing rules that provide an ability to limit how said trusted block is used, thereby reducing the risk of said trusted block being employed in unintended ways or with unintended keys; and
wherein said method comprises;
receiving instructions from at least two separate individuals in order to create said trusted block.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, article, and system for providing an effective implementation of a data structure comprising instructions that are cryptographically protected against alteration or misuse, wherein the instructions further comprise a trusted block that defines specific key management policies that are permitted when an application program employs the trusted block in application programming interface (API) functions to generate or export symmetric cryptographic keys. The trusted block has a number of fields containing rules that provide an ability to limit how the trusted block is used, thereby reducing the risk of the trusted block being employed in unintended ways or with unintended keys.
-
Citations
5 Claims
-
1. A computer implemented method for securely transferring symmetric cryptographic keys to other devices, wherein said method utilizes a data structure comprising instructions that are cryptographically protected against alteration or misuse, wherein said instructions further comprise a trusted block that defines specific key management policies that are permitted when applications employ said trusted block to generate or export said symmetric cryptographic keys, and wherein said applications comprise:
-
application programming interfaces (API); embedded firmware; operating system code; and hardware configured operations; and wherein said applications further comprise; a Trusted_Block_Create (TBC) function; a Remote_Key_Export (RKX) function; wherein said TBC function creates said trusted block; and wherein said RKX function uses said Trusted Block to generate or export symmetric keys according to a set of parameters in said Trusted Block; and wherein said trusted block has a number of fields containing rules that provide an ability to limit how said trusted block is used, thereby reducing the risk of said trusted block being employed in unintended ways or with unintended keys; and wherein said method comprises; receiving instructions from at least two separate individuals in order to create said trusted block. - View Dependent Claims (2, 3, 4, 5)
-
Specification