Method and system for securing data utilizing redundant secure key storage
First Claim
1. A data processing device, comprising:
- an encryption device for encrypting and decrypting data using an encryption key;
a key generating device adapted to generate a first encryption key associated with a first password using the first password, a first key seed, and a current key, and to generate a second encryption key associated with a second password, wherein the first encryption key is used to encrypt or decrypt a first set of data, and wherein the second encryption key is used to encrypt or decrypt a second set of data; and
at least one memory adapted to store the first set of data and the second set of data.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method which protects a data processing system against encryption key errors by providing redundant encryption keys stored in different locations, and providing the software with the ability to select an alternate redundant key if there is any possibility that the encryption key being used may be corrupted. In the preferred embodiment, a memory control module in the data processing device is configured to accommodate the storage of multiple (for example up to four or more) independent password/key pairs, and the control module duplicates a password key at the time of creation. The redundant passwords and encryption keys are forced into different memory slots for later retrieval if necessary. The probability of redundant keys being corrupted simultaneously is infinitesimal, so the system and method of the invention ensures that there is always an uncorrupted encryption key available.
23 Citations
14 Claims
-
1. A data processing device, comprising:
-
an encryption device for encrypting and decrypting data using an encryption key; a key generating device adapted to generate a first encryption key associated with a first password using the first password, a first key seed, and a current key, and to generate a second encryption key associated with a second password, wherein the first encryption key is used to encrypt or decrypt a first set of data, and wherein the second encryption key is used to encrypt or decrypt a second set of data; and at least one memory adapted to store the first set of data and the second set of data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A data processing device, comprising:
-
means adapted to encrypt and decrypt data using an encryption key; means adapted to generate a first encryption key for a first set of data, the first encryption key being associated with a first password and being generated from the first password, a first key seed, and a current key, and to generate a second encryption key for a second set of data, the second encryption key being associated with a second password and being generated from the second password, a second key seed, and the current key; and means adapted to store the first encryption key and the associated first password, the second encryption key and the second associated password, the first set of data, and the second set of data. - View Dependent Claims (11, 12, 13, 14)
-
Specification