Enabling use of a certificate stored in a smart card

US 8,341,411 B2
Filed: 08/16/2006
Issued: 12/25/2012
Est. Priority Date: 08/16/2006
Status: Active Grant

First Claim

Patent Images

1. A method in a computerized device coupled to a smart card reader, the method comprising:

identifying that a smart card that is coupled to said smart card reader stores one or more certificates that are not assigned to a particular purpose for which a certificate requirement exists;

enabling selection for said particular purpose, via a user input interface of said computerized device, of a certificate from said one or more certificates;

importing said selected certificate to said computerized device for said particular purpose;

sending a challenge to said smart card;

receiving a signed version of said challenge from said smart card;

using said imported certificate to verify that said signed version is signed using a private key paired to said imported certificate; and

permitting said particular purpose on said computerized device if said signed version is verified.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

If a smart card is to be used for a particular purpose, and there is no certificate initialized on the smart card for this purpose, a computerized device enables a user to select one of the certificates already installed in the smart card for the particular purpose. The selected certificate may be imported into the computerized device.

40 Citations

View as Search Results

25 Claims

1. A method in a computerized device coupled to a smart card reader, the method comprising:
- identifying that a smart card that is coupled to said smart card reader stores one or more certificates that are not assigned to a particular purpose for which a certificate requirement exists;
  
  enabling selection for said particular purpose, via a user input interface of said computerized device, of a certificate from said one or more certificates;
  
  importing said selected certificate to said computerized device for said particular purpose;
  
  sending a challenge to said smart card;
  
  receiving a signed version of said challenge from said smart card;
  
  using said imported certificate to verify that said signed version is signed using a private key paired to said imported certificate; and
  
  permitting said particular purpose on said computerized device if said signed version is verified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - storing said imported certificate in said computerized device.
  - 3. The method of claim 1, wherein said particular purpose is unlocking said computerized device.
  - 4. The method of claim 1, wherein said particular purpose is accessing information via said computerized device.
  - 5. The method of claim 1, wherein said particular purpose is accessing a network via said computerized device.
  - 6. The method of claim 1, further comprising:
    - enabling receipt of a password;
      
      comparing said received password to an authentication password stored in said smart card; and
      
      importing said selected certificate only if said received password and said authentication password stored in said smart card are identical.
  - 7. The method of claim 1, further comprising:
    - calculating a hash of said imported certificate; and
      
      storing said hash in said computerized device.
  - 8. The method of claim 7, in the event that said imported certificate is no longer stored in said computerized device, the method further comprising:
    - importing another certificate to said computerized device;
      
      calculating a hash of said other imported certificate; and
      
      comparing said hash of said other imported certificate to said stored hash.
  - 9. The method of claim 8, further comprising:
    - if said hash of said other imported certificate and said stored hash are identical, using said other imported certificate for said particular purpose in said computerized device.
  - 10. The method of claim 1, further comprising:
    - identifying said imported certificate to said smart card in conjunction with sending said challenge to said smart card.

11. A non-transitory computer-readable medium having computer-executable instructions thereon which, when executed by a computerized device that is coupled to a smart card reader, result in:
- identifying that a smart card that is coupled to said smart card reader stores one or more certificates that are not assigned to a particular purpose for which a certificate requirement exists;
  
  enabling selection for said particular purpose, via a user input interface of said computerized device, of a certificate from said one or more certificates;
  
  importing said selected certificate to said computerized device for said particular purpose;
  
  sending a challenge to said smart card;
  
  receiving a signed version of said challenge from said smart card;
  
  using said imported certificate to verify that said signed version is signed using a private key paired to said imported certificate; and
  
  permitting said particular purpose on said computerized device if said signed version is verified.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer-readable medium of claim 11, wherein said instructions, when executed by said computerized device, further result in:
    - storing said imported certificate in said computerized device.
  - 13. The non-transitory computer-readable medium of claim 11, wherein said instructions, when executed by said computerized device, further result in:
    - enabling receipt of a password;
      
      comparing said received password to an authentication password stored in said smart card; and
      
      importing said selected certificate only if said received password and said authentication password stored in said smart card are identical.
  - 14. The non-transitory computer-readable medium of claim 11, wherein said instructions, when executed by said computerized device, further result in:
    - calculating a hash of said imported certificate; and
      
      storing said hash in said computerized device.
  - 15. The non-transitory computer-readable medium of claim 11, wherein said instructions, when executed by said computerized device, further result in:
    - identifying said imported certificate to said smart card in conjunction with sending said challenge to said smart card.

16. A computerized device comprising:
- a communication interface through which said computerized device is able to couple to a smart card reader;
  
  a user input interface;
  
  a processor coupled to said communication interface and to said user input interface; and
  
  a memory coupled to said processor, said memory arranged to store code which, when executed by said processor, is arranged;
  
  to identify that a smart card coupled to said smart card reader stores one or more certificates that are not assigned to a particular purpose for which a certificate requirement exists;
  
  to enable selection for said particular purpose, via said user input interface, of a certificate from said one or more certificates;
  
  to import said selected certificate to said computerized device for said particular purpose;
  
  to send a challenge to said smart card;
  
  to receive a signed version of said challenge from said smart card;
  
  to use said imported certificate to verify that said signed version is signed using a private key paired to said imported certificate; and
  
  to permit said particular purpose on said computerized device if said signed version is verified.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. The computerized device of claim 16, wherein said code, when executed by said processor, is further arranged:
    - to store said imported certificate in said computerized device.
  - 18. The computerized device of claim 16, wherein said code, when executed by said processor, is further arranged:
    - to identify said imported certificate to said smart card in conjunction with sending said challenge to said smart card.
  - 19. The computerized device of claim 16, wherein said particular purpose is unlocking said computerized device.
  - 20. The computerized device of claim 16, wherein said particular purpose is accessing information via said computerized device.
  - 21. The computerized device of claim 16, wherein said particular purpose is accessing a network via said computerized device.
  - 22. The computerized device of claim 16, wherein said code, when executed by said processor, is further arranged:
    - to enable receipt of a password;
      
      to compare said received password to an authentication password stored in said smart card; and
      
      to import said selected certificate only if said received password and said authentication password stored in said smart card are identical.
  - 23. The computerized device of claim 16, wherein said code, when executed by said processor, is further arranged:
    - to calculate a hash of said imported certificate; and
      
      to store said hash in said computerized device.
  - 24. The computerized device of claim 23, wherein said code, when executed by said processor, is further arranged, in the event that said imported certificate is no longer stored in said computerized device:
    - to import another certificate to said computerized device;
      
      to calculate a hash of said other imported certificate; and
      
      to compare said hash of said other imported certificate to said stored hash.
  - 25. The computerized device of claim 24, wherein said code, when executed by said processor, is further arranged:
    - if said hash of said other imported certificate and said stored hash are identical, to use said other imported certificate for said particular purpose in said computerized device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Brown, Michael K., Adams, Neil, Little, Herbert
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Ambaye, Samuel

Application Number

US11/464,896
Publication Number

US 20080072048A1
Time in Patent Office

2,323 Days
Field of Search

713/171, 713/172, 713/173, 713/176, 713/180, 713/185, 726/4, 726/26
US Class Current

713/173
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Enabling use of a certificate stored in a smart card

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Enabling use of a certificate stored in a smart card

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links