Secure repository with layers of tamper resistance and system and method for providing same

US 7,958,373 B2
Filed: 05/14/2009
Issued: 06/07/2011
Est. Priority Date: 06/27/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method implemented at least in part by a computing device of securely decrypting data with a cryptographic key, said method comprising:

identifying attributes of said cryptographic key corresponding to a set of actions;

performing a first set of actions functionally equivalent to the actions corresponding to said cryptographic key using said attributes but without access to, storing in memory, or exposing a whole or segment of said cryptographic key; and

performing a diversionary second set of actions different from said first set of actions;

wherein said first and said second sets of actions are implemented by way of a set of computer-executable instructions executable on a computing device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure repository individualized for a hardware environment and a method and system for providing the same. The secure repository includes a hidden cryptographic key and code that applies the key without requiring access to a copy of the key. The code that implements the secure repository is generated in a manner that is at least partly based on a hardware ID associated with the hardware environment in which the secure repository is to be installed, and may also be based on a random number. Cryptographic functions implemented by the secure repository include decryption of encrypted information and validation of cryptographically signed information. The secure repository may be coupled to an application program, which uses cryptographic services provided by the secure repository, by way of a decoupling interface that provides a common communication and authentication interface for diverse types of secure repositories. The decoupling interface may take the form of a single application programmer interface (API) usable with multiple dynamically linkable libraries.

86 Citations

View as Search Results

10 Claims

1. A method implemented at least in part by a computing device of securely decrypting data with a cryptographic key, said method comprising:
- identifying attributes of said cryptographic key corresponding to a set of actions;
  
  performing a first set of actions functionally equivalent to the actions corresponding to said cryptographic key using said attributes but without access to, storing in memory, or exposing a whole or segment of said cryptographic key; and
  
  performing a diversionary second set of actions different from said first set of actions;
  
  wherein said first and said second sets of actions are implemented by way of a set of computer-executable instructions executable on a computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein performance of said first set of actions does not depend on performance of said diversionary second set of actions.
  - 3. The method of claim 1, wherein either of said first or second sets of actions in some manner relies for its performance on retrieval or derivation from said computing device of hardware identification data which identifies or in some way relates to hardware associated with said computing device.
  - 4. The method of claim 1, further comprises the acts of:
    - detecting a modification or deletion of at least a portion of said set of computer-executable instructions; and
      
      restoring said set of instructions to its state prior to said modification or deletion.
  - 5. The method of claim 1, further comprises the act of decrypting at least a portion of said set of computer-executable instructions prior to executing said portion.
  - 6. The method of claim 5, further comprising the act of re-encrypting said portion subsequent to executing said portion.
  - 7. The method of claim 1, further comprising the acts of:
    - deriving a value based on at least a portion of said set of computer-executable instructions; and
      
      comparing the derived value to a stored value.
  - 8. The method of claim 7, wherein said act of deriving comprises the act of hashing said portion.
  - 9. The method of claim 1, further comprising the act of moving at least some of said computer-executable instructions to a randomly or pseudo-randomly selected memory location on said computing device prior to execution of the moved instructions.

10. A computer-readable storage medium, wherein the computer-readable storage medium is not a signal, encoded with computer-executable instructions to perform the acts comprising:
- identifying attributes of said cryptographic key corresponding to a set of actions;
  
  performing a first set of actions functionally equivalent to the actions corresponding to said cryptographic key using said attributes but without access to, storing in memory, or exposing a whole or segment of said cryptographic key; and
  
  performing a diversionary second set of actions different from said first set of actions;
  
  wherein said first and said second sets of actions are implemented by way of a set of computer-executable instructions executable on a computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Marr, Michael David, Manferdelli, John L., Krishnaswamy, Vinay, Jakubowski, Mariusz H.
Primary Examiner(s)
Brown; Christopher J

Application Number

US12/466,295
Publication Number

US 20090228718A1
Time in Patent Office

754 Days
Field of Search

713/189, 380/277
US Class Current

713/189
CPC Class Codes

G06F 21/1066   Hiding content

G06F 21/14   against software analysis o...

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2107   File encryption

Secure repository with layers of tamper resistance and system and method for providing same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

86 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Secure repository with layers of tamper resistance and system and method for providing same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

86 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links