Method and apparatus for secure validation of tokens

US 8,307,210 B1
Filed: 05/02/2008
Issued: 11/06/2012
Est. Priority Date: 05/02/2008
Status: Active Grant

First Claim

Patent Images

1. A machine for verifying that a cryptographic token has been properly configured, the cryptographic token having been produced by a manufacturer in possession of the machine, the machine comprising:

tamper-resistant non-volatile memory, the non-volatile memory storing a first secret code;

an input/output device;

a processor, the processor being configured to;

receive a test value through the input/output device;

receive a precursor value through the input/output device;

calculate an expected cryptographic seed uniquely associated with the cryptographic token by using the precursor value and the first secret code stored in tamper-resistant non-volatile memory;

calculate an expected pseudo-random number by using the expected cryptographic seed and calculation parameters;

compare the expected pseudo-random number and the test value; and

if the expected pseudo-random number equals the test value, then output a signal verifying that the cryptographic token has been properly configured, otherwise output a signal to the manufacturer in possession of the machine indicating that the cryptographic token has not been properly configured;

wherein;

the precursor value received through the input/output device is received from the cryptographic token, the precursor value having been calculated by the cryptographic token; and

the test value received through the input/output device is received from the cryptographic token, the test value having been calculated by the cryptographic token using a secret cryptographic seed stored on the cryptographic token;

calculation of the precursor value by the cryptographic token includes;

the cryptographic token receiving a serial number uniquely assigned to the cryptographic token by the manufacturer not in possession of the first secret code; and

the cryptographic token mathematically combining the serial number with the first secret code; and

calculation of the test value by the cryptographic token includes the cryptographic token mathematically combining the precursor value with the secret cryptographic seed.

View all claims

23 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for validating a cryptographic token includes (a) operating the cryptographic token to generate a pseudo-random number for authentication purposes by using a cryptographic seed uniquely associated with the cryptographic token, the cryptographic seed having been cryptographically generated using a precursor value, (b) receiving a first value from the cryptographic token, the first value being the pseudo-random number generated by the cryptographic token, (c) inputting the first value and the precursor value into a trusted computing platform, and (d) operating the trusted computing platform to generate a validation signal if the first value can be derived using a specified algorithm from the precursor value, but to generate a failure signal if the first value cannot be derived using the specified algorithm from the precursor value. Accompanying methods and apparatus are also provided.

Citations

14 Claims

1. A machine for verifying that a cryptographic token has been properly configured, the cryptographic token having been produced by a manufacturer in possession of the machine, the machine comprising:
- tamper-resistant non-volatile memory, the non-volatile memory storing a first secret code;
  
  an input/output device;
  
  a processor, the processor being configured to;
  
  receive a test value through the input/output device;
  
  receive a precursor value through the input/output device;
  
  calculate an expected cryptographic seed uniquely associated with the cryptographic token by using the precursor value and the first secret code stored in tamper-resistant non-volatile memory;
  
  calculate an expected pseudo-random number by using the expected cryptographic seed and calculation parameters;
  
  compare the expected pseudo-random number and the test value; and
  
  if the expected pseudo-random number equals the test value, then output a signal verifying that the cryptographic token has been properly configured, otherwise output a signal to the manufacturer in possession of the machine indicating that the cryptographic token has not been properly configured;
  
  wherein;
  
  the precursor value received through the input/output device is received from the cryptographic token, the precursor value having been calculated by the cryptographic token; and
  
  the test value received through the input/output device is received from the cryptographic token, the test value having been calculated by the cryptographic token using a secret cryptographic seed stored on the cryptographic token;
  
  calculation of the precursor value by the cryptographic token includes;
  
  the cryptographic token receiving a serial number uniquely assigned to the cryptographic token by the manufacturer not in possession of the first secret code; and
  
  the cryptographic token mathematically combining the serial number with the first secret code; and
  
  calculation of the test value by the cryptographic token includes the cryptographic token mathematically combining the precursor value with the secret cryptographic seed.
- View Dependent Claims (2, 3, 4, 5, 6, 10)
- - 2. A machine as in claim 1 wherein:
    - the input/output device is a serial bus port for connecting to the cryptographic token; and
      
      the output signal is sent over the serial bus port.
  - 3. A machine as in claim 1 wherein:
    - the input/output device includes;
      
      a keypad; and
      
      a display screen; and
      
      the processor is configured to;
      
      receive the test value through the keypad, the test value being copied from a display of the cryptographic token upon the cryptographic token generating the test value;
      
      receive the precursor value through the keypad, the precursor value being copied from a display of the cryptographic token upon the cryptographic token generating the precursor value;
      
      output the signal verifying that the cryptographic token has been properly configured by displaying a verification signal on the display screen; and
      
      output the signal indicating that the cryptographic token has not been properly configured by displaying a failure signal on the display screen.
  - 4. A machine as in claim 1 wherein the machine is housed within a sealed flexible card.
  - 5. A machine as in claim 1 wherein the processor is configured to calculate the expected cryptographic seed by encrypting the precursor value with the first secret code as encryption key according to a specified algorithm.
  - 6. A machine as in claim 5 wherein:
    - the precursor value is a serial number associated with the cryptographic token; and
      
      the specified algorithm is a secret cryptographic algorithm.
  - 10. A machine as in claim 1 wherein:
    - the cryptographic token mathematically combining the serial number with the first secret code includes the cryptographic token;
      
      internally generating a first random number;
      
      performing a bitwise exclusive-or operation on the first secret code, the serial number, and the first random number to generate a revised secret code;
      
      receiving, from the manufacturer, a second random number; and
      
      encrypting the second random number using the revised secret code as an encryption key, yielding the precursor value;
      
      the cryptographic token mathematically combining the precursor value with the secret cryptographic seed includes the cryptographic token;
      
      encrypting the precursor value using the first secret code as an encryption key, yielding the secret cryptographic seed;
      
      storing the secret cryptographic seed on the cryptographic token; and
      
      generating a pseudo-random number using the secret cryptographic seed as a seed value and a time value as a calculation parameter.

7. A method of validating a cryptographic token at a trusted computing module, the cryptographic token having been produced by a manufacturer in possession of the trusted computing module, the method comprising:
- receiving a test value through an input/output device;
  
  receiving a precursor value through the input/output device;
  
  calculating an expected cryptographic seed uniquely associated with the cryptographic token by using the precursor value and a first secret code stored in tamper-resistant non-volatile memory;
  
  calculating an expected pseudo-random number by using the expected cryptographic seed and calculation parameters;
  
  comparing the expected pseudo-random number and the test value; and
  
  if the expected pseudo-random number equals the test value, then outputting a signal verifying that the cryptographic token has been properly configured, otherwise outputting a signal to the manufacturer in possession of the trusted computing module indicating that the cryptographic token has not been properly configured;
  
  whereinreceiving the precursor value through the input/output device includes receiving the precursor value from the cryptographic token, the precursor value having been calculated by the cryptographic token;
  
  receiving the test value through the input/output device includes receiving the test value from the cryptographic token, the test value having been calculated by the cryptographic token using a secret cryptographic seed stored on the cryptographic token;
  
  calculation of the precursor value by the cryptographic token includes;
  
  the cryptographic token receiving a serial number uniquely assigned to the cryptographic token by the manufacturer not in possession of the first secret code; and
  
  the cryptographic token mathematically combining the serial number with the first secret code; and
  
  calculation of the test value by the cryptographic token includes the cryptographic token mathematically combining the precursor value with the secret cryptographic seed.
- View Dependent Claims (8, 9, 11)
- - 8. A method as in claim 7 wherein calculating the expected cryptographic seed includes encrypting the precursor value with the first secret code as encryption key according to a specified algorithm.
  - 9. A method as in claim 8 wherein:
    - the precursor value is a serial number associated with the cryptographic token; and
      
      the specified algorithm is a secret cryptographic algorithm.
  - 11. A method as in claim 7 wherein:
    - the cryptographic token mathematically combining the serial number with the first secret code includes the cryptographic token;
      
      internally generating a first random number;
      
      performing a bitwise exclusive-or operation on the first secret code, the serial number, and the first random number to generate a revised secret code;
      
      receiving, from the manufacturer, a second random number; and
      
      encrypting the second random number using the revised secret code as an encryption key, yielding the precursor value;
      
      the cryptographic token mathematically combining the precursor value with the secret cryptographic seed includes the cryptographic token;
      
      encrypting the precursor value using the first secret code as an encryption key, yielding the secret cryptographic seed;
      
      storing the secret cryptographic seed on the cryptographic token; and
      
      generating a pseudo-random number using the secret cryptographic seed as a seed value and a time value as a calculation parameter.

12. A method of validating, at a trusted computing module (TCM), a cryptographic token produced by a manufacturer in possession of the trusted computing module, the method comprising:
- receiving, at the TCM, a precursor value from the cryptographic token, the precursor value being an intermediate value produced by the cryptographic token while internally generating a token cryptographic seed (TCS) from a secret code stored in the cryptographic token, the TCS and the secret code remaining unknown to the manufacturer;
  
  receiving, at the TCM, a pseudo-randomly generated value under test (PRGVUT) from the cryptographic token, the PRGVUT being a number generated by the cryptographic token by applying a pseudo-random number generation algorithm to the TCS and another parameter, the other parameter being known to both the cryptographic token and the TCM;
  
  calculating, at the TCM, a best-guess cryptographic seed (BGCS) by encrypting the precursor value using the secret code as an encryption key, the secret code being securely stored within tamper-resistant non-volatile memory of the TCM such that the secret code is not accessible to the manufacturer;
  
  generating, at the TCM, a best-guess pseudo-randomly generated value (BGPRGV) by applying the pseudo-random number generation algorithm to the BGCS and the other parameter;
  
  comparing, at the TCM, the BGPRGV to the PRGVUT; and
  
  if and only if the BGPRGV is equal to the PRGVUT, then outputting a validation signal from the TCM to the manufacturer in possession of the TCM to inform the manufacturer that the cryptographic token has been properly configured.
- View Dependent Claims (13)
- - 13. The method of claim 12 wherein internally generating the TCS from the secret code stored in the cryptographic token includes:
    - generating a first random number at the cryptographic token;
      
      receiving, at the cryptographic token, a second random number from the manufacturer, the second random number having been generated by the manufacturer;
      
      receiving, at the cryptographic token, a unique serial number from the manufacturer, the unique serial number having been generated by the manufacturer;
      
      mathematically combining, at the cryptographic token, the secret code, the first random number, and the serial number, to yield another secret code;
      
      encrypting, at the cryptographic token, the second random number using the other secret code as an encryption key, to yield the intermediate value; and
      
      encrypting, at the cryptographic token, the intermediate value using the secret code as an encryption key, to yield the TCS.

14. A method of producing cryptographic tokens, the method comprising:
- providing, from a central encryption authority, a manufacturer with a machine for verifying that a cryptographic token has been properly configured with a secret cryptographic seed;
  
  assigning, by the central encryption authority, a first secret code to the manufacturer, the first secret code being securely embedded in tamper-resistant pre-fabricated chips sent to the manufacturer, the first secret code being kept a secret unknown to the manufacturer;
  
  receiving, at the central encryption authority, for each of a plurality of cryptographic tokens produced by the manufacturer using the pre-fabricated chips, a serial number uniquely assigned to that cryptographic token and a precursor value produced by that cryptographic token;
  
  calculating, using a computer, at the central encryption authority, the secret cryptographic seed for each of the plurality of cryptographic tokens using the first secret code assigned to the manufacturer and the serial number and precursor value received for that cryptographic token;
  
  wherein the machine for verifying that a cryptographic token has been properly configured with a secret cryptographic seed includes;
  
  tamper-resistant non-volatile memory, the non-volatile memory storing the first secret code;
  
  an input/output device;
  
  a processor, the processor being configured to;
  
  receive a test value through the input/output device;
  
  receive the precursor value produced by the cryptographic token through the input/output device;
  
  calculate an expected cryptographic seed uniquely associated with the cryptographic token by using the precursor value and the first secret code stored in tamper-resistant non- volatile memory;
  
  calculate an expected pseudo-random number by using the expected cryptographic seed and calculation parameters;
  
  compare the expected pseudo-random number and the test value; and
  
  if the expected pseudo-random number equals the test value, then output a signal verifying that the cryptographic token has been properly configured, otherwise output a signal to the manufacturer in possession of the machine indicating that the cryptographic token has not been properly configured;
  
  wherein;
  
  the precursor value received through the input/output device is received from the cryptographic token, the precursor value having been calculated by the cryptographic token; and
  
  the test value received through the input/output device is received from the cryptographic token, the test value having been calculated by the cryptographic token using a secret cryptographic seed stored on the cryptographic token;
  
  calculation of the precursor value by the cryptographic token includes;
  
  the cryptographic token receiving the serial number uniquely assigned to the cryptographic token by the manufacturer not in possession of the first secret code; and
  
  the cryptographic token mathematically combining the serial number with the first secret code; and
  
  calculation of the test value by the cryptographic token includes the cryptographic token mathematically combining the precursor value with the secret cryptographic seed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
RSA Security LLC (Symphony Technology Group LLC)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Duane, William M.
Primary Examiner(s)
Arani, Taghi
Assistant Examiner(s)
Jeudy, Josnel

Application Number

US12/114,245
Time in Patent Office

1,649 Days
Field of Search

713/159, 713/172, 713/194, 713182-186, 709/225, 709/229, 726/9, 726/20, 380 42- 44
US Class Current

713/172
CPC Class Codes

H04L 2209/127   Trusted platform modules [TPM]

H04L 9/0897   involving additional device...

H04L 9/321   involving a third party or ...

H04L 9/3271   using challenge-response

Method and apparatus for secure validation of tokens

First Claim

23 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for secure validation of tokens

First Claim

23 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links