Methods and systems for secure key delivery
First Claim
Patent Images
1. A method of generating keys for a token, the method comprising:
- generating, by a processor, a subject key pair wherein the subject key pair includes a subject public key and a subject private key;
encrypting the subject private key with a storage session key to generate a wrapped storage private key;
retrieving a storage key associated with a data recovery manager, wherein the storage key is a private key;
encrypting the storage session key with the storage key to generate a wrapped storage session key; and
archiving the wrapped storage private key and the wrapped storage session key in the data recovery manager.
1 Assignment
0 Petitions
Accused Products
Abstract
An embodiment pertains generally to a method of delivering keys in a server. The method includes generating a subject key pair, where the subject key pair includes a subject public key and a subject private key. The method also includes retrieving a storage key and encrypting the subject private key with the storage key as a wrapped storage private key. The method further includes storing the wrapped storage private key.
210 Citations
27 Claims
-
1. A method of generating keys for a token, the method comprising:
-
generating, by a processor, a subject key pair wherein the subject key pair includes a subject public key and a subject private key; encrypting the subject private key with a storage session key to generate a wrapped storage private key; retrieving a storage key associated with a data recovery manager, wherein the storage key is a private key; encrypting the storage session key with the storage key to generate a wrapped storage session key; and archiving the wrapped storage private key and the wrapped storage session key in the data recovery manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for generating keys, the system comprising:
-
a security client configured to manage a token; and a security server comprising a processor and configured to interface with the security client, wherein the security server is configured to generate a subject key pair, wherein the subject key pair includes a subject public key and a subject private key, encrypt the subject private key with a storage session key to generate a wrapped storage private key, retrieve a storage key associated with a data recovery manager module, wherein the storage key is a private key, encrypt the storage session key with the storage key to generate a wrapped storage session key, and archive the wrapped storage private key and the wrapped storage session key. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification