Resilient cryptographic scheme

US 8,233,617 B2
Filed: 07/20/2010
Issued: 07/31/2012
Est. Priority Date: 01/20/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method of enabling a symmetric key to be derived, the method comprising:

a processor obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key;

the processor encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value;

the processor encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and

the processor providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key.

Citations

24 Claims

1. A method of enabling a symmetric key to be derived, the method comprising:
- a processor obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key;
  
  the processor encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value;
  
  the processor encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and
  
  the processor providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, wherein the obtaining comprises obtaining the symmetric key and dividing the symmetric key into the plurality of key parts.
  - 3. The method according to claim 1, wherein applying a symmetric key derivation function to the plurality of key parts derives the symmetric key.
  - 4. The method according to claim 1, wherein the different cryptographic algorithms are chosen from the group comprising:
    - an elliptic curve (EC) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, and a discrete logarithm (DL) algorithm.
  - 5. The method according to claim 4, wherein the different cryptographic algorithms correspond to different ones in the group.
  - 6. The method according to claim 1, wherein XORing the plurality of key parts derives the symmetric key.

7. A non-transitory computer readable medium comprising computer executable instructions that when executed by a computing device, operate the computing device to:
- obtain a plurality of key parts, wherein the plurality of key parts when combined equal a symmetric key;
  
  encrypt a first of the key parts using a first cryptographic algorithm to generate a first encrypted value;
  
  encrypt one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and
  
  provide the first encrypted value and the one or more additional encrypted values to another entity to enable the other entity to derive the symmetric key.

8. A cryptographic unit comprising:
- a processor operable to;
  
  obtain a plurality of key parts, wherein the plurality of key parts when combined equal a symmetric key;
  
  encrypt a first of the key parts using a first cryptographic algorithm to generate a first encrypted value;
  
  encrypt one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and
  
  provide the first encrypted value and the one or more additional encrypted values to another entity to enable the other entity to derive the symmetric key.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The cryptographic unit according to claim 8, wherein the plurality of key parts are obtained by obtaining the symmetric key and dividing the symmetric key into the plurality of key parts.
  - 10. The cryptographic unit according to claim 8, wherein applying a symmetric key derivation function to the plurality of key parts derives the symmetric key.
  - 11. The cryptographic unit according to claim 8, wherein the different cryptographic algorithms are chosen from the group comprising:
    - an elliptic curve (EC) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, and a discrete logarithm (DL) algorithm.
  - 12. The cryptographic unit according to claim 11, wherein the different cryptographic algorithms correspond to different ones in the group.
  - 13. The cryptographic unit according to claim 8, wherein XORing the plurality of key parts derives the symmetric key.

14. A method of deriving a symmetric key, the method comprising:
- a processor obtaining a first encrypted value and one or more additional encrypted values;
  
  the processor decrypting the first encrypted value and the one or more additional encrypted values to obtain a plurality of key parts, wherein each key part decrypted is decrypted from a respective encrypted value using a different cryptographic algorithm; and
  
  the processor combining the plurality of key parts in deriving the symmetric key.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The method according to claim 14, wherein the plurality of key parts correspond to respective shared secrets, and wherein applying a symmetric key derivation function to the plurality of key parts derives the symmetric key.
  - 16. The method according to claim 14, wherein the different cryptographic algorithms are chosen from the group comprising:
    - an elliptic curve (EC) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, and a discrete logarithm (DL) algorithm.
  - 17. The method according to claim 16, wherein the different cryptographic algorithms correspond to different ones in the group.
  - 18. The method according to claim 14, wherein XORing the plurality of key parts derives the symmetric key.

19. A non-transitory computer readable medium comprising computer executable instructions that when executed by a computing device, operate the computing device to:
- obtain a first encrypted value and one or more additional encrypted values;
  
  decrypt the first encrypted value and the one or more additional encrypted values to obtain a plurality of key parts, wherein each key part decrypted is decrypted from a respective encrypted value using a different cryptographic algorithm; and
  
  combine the plurality of key parts in deriving the symmetric key.

20. A cryptographic unit comprising:
- a processor operable to;
  
  obtain a first encrypted value and one or more additional encrypted values;
  
  decrypt the first encrypted value and the one or more additional encrypted values to obtain a plurality of key parts, wherein each key part decrypted is decrypted from a respective encrypted value using a different cryptographic algorithm; and
  
  combine the plurality of key parts in deriving the symmetric key.
- View Dependent Claims (21, 22, 23, 24)
- - 21. The cryptographic unit according to claim 20, wherein the plurality of key parts correspond to respective shared secrets, and wherein applying a symmetric key derivation function to the plurality of key parts derives the symmetric key.
  - 22. The cryptographic unit according to claim 20, wherein the different cryptographic algorithms are chosen from the group comprising:
    - an elliptic curve (EC) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, and a discrete logarithm (DL) algorithm.
  - 23. The cryptographic unit according to claim 22, wherein the different cryptographic algorithms correspond to different ones in the group.
  - 24. The cryptographic unit according to claim 20, wherein XORing the plurality of key parts derives the symmetric key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Johnson, Donald B., Vanstone, Scott Alexander
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US12/840,008
Publication Number

US 20100284540A1
Time in Patent Office

742 Days
Field of Search

None
US Class Current

380/28
CPC Class Codes

H04L 9/3242 involving keyed hash functi...

H04L 9/3249 using RSA or related signat...

Resilient cryptographic scheme

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Resilient cryptographic scheme

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links