Method and apparatus for secure cryptographic key generation, certification and use

US 8,559,639 B2
Filed: 01/22/2008
Issued: 10/15/2013
Est. Priority Date: 03/29/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A digital wallet, secured with a user'"'"'s access code, comprising:

(a) a computer-implemented input for receiving an input access code;

(b) a seed derivation module operatively connected to said computer-implemented input, for deriving a seed using the input access code; and

(c) a seed-based data generation module that receives said seed and generates at least an output datum,wherein said seed-based data generation module is configured such that said output datum corresponds to at least a portion of a confidential datum of said user if said input access code equals said user'"'"'s access code and said output datum corresponds to a data sequence that is not usable as said at least a portion of said confidential datum of said user if said input access code equals any one of a plurality of access codes not equal to said user'"'"'s access code, andwherein said data sequence has the appearance of said at least a portion of said confidential datum.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A confidential datum, such as a private key used in public key signature systems, is secured in a digital wallet using a “generation camouflaging” technique. With this technique, the private key is not necessarily stored in the digital wallet, not even in an encrypted form. Instead, the wallet contains a private key generation function that reproduces the correct private key when the user inputs his or her pre-selected PIN. If the user inputs an incorrect PIN, an incorrect private key is outputted. Such private key can be configured so that it cannot be readily distinguished from the correct private key through the use of private key formatting, and/or the use of pseudo-public keys corresponding to the private key. The techniques described herein are also applicable to other forms of regeneratable confidential data besides private keys.

63 Citations

View as Search Results

20 Claims

1. A digital wallet, secured with a user'"'"'s access code, comprising:
- (a) a computer-implemented input for receiving an input access code;
  
  (b) a seed derivation module operatively connected to said computer-implemented input, for deriving a seed using the input access code; and
  
  (c) a seed-based data generation module that receives said seed and generates at least an output datum,wherein said seed-based data generation module is configured such that said output datum corresponds to at least a portion of a confidential datum of said user if said input access code equals said user'"'"'s access code and said output datum corresponds to a data sequence that is not usable as said at least a portion of said confidential datum of said user if said input access code equals any one of a plurality of access codes not equal to said user'"'"'s access code, andwherein said data sequence has the appearance of said at least a portion of said confidential datum.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The digital wallet of claim 1, wherein the value of the output datum varies based on the input access code.
  - 3. The digital wallet of claim 1, wherein generation of said output datum occurs without dependence on any storage of any form of said at least a portion of said confidential datum.
  - 4. The digital wallet of claim 1, wherein the output datum comprises a key.
  - 5. The digital wallet of claim 1, wherein the input access code comprises a PIN.
  - 6. The digital wallet of claim 1, wherein the seed derivation module comprises an exclusive or (XOR) module.

7. A non-transitory computer-readable storage medium having a computer-readable program embodied therein for directing operation of a computer system comprising a communication system, a processor, and a storage device, wherein the computer-readable program comprises instructions for operating the computer system to create an output datum based on an identifier supplied by a user, the instructions further comprising instructions for:
- receiving, from the user, the identifier, wherein the identifier is either a correct identifier or an incorrect identifier of a plurality of incorrect identifiers;
  
  creating, using the identifier, a seed, wherein;
  
  the seed is created regardless of the identifier being the correct identifier or the incorrect identifier of the plurality of incorrect identifiers; and
  
  the value of the seed when the correct identifier is received as the identifier is different from the value of the seed when the incorrect identifier of the plurality of incorrect identifiers is received; and
  
  creating, using the seed, the output datum, wherein;
  
  the output datum is created regardless of the correct identifier or incorrect identifier of the plurality of incorrect identifiers being received; and
  
  the value of the output datum when the correct identifier is received as the identifier is different from the value of the output datum when the incorrect identifier of the plurality of incorrect identifiers is received.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The non-transitory computer-readable storage medium of claim 7, wherein the instructions for creating, using the identifier, the seed, comprise instructions for padding the identifier to create the seed.
  - 9. The non-transitory computer-readable storage medium of claim 7, wherein the identifier and the seed comprise different numbers of bytes.
  - 10. The non-transitory computer-readable storage medium of claim 7, wherein the instructions for creating, using the identifier, the seed, comprise instructions for using an exclusive or (XOR) function to create the seed using the identifier and a second piece of information.
  - 11. The non-transitory computer-readable storage medium of claim 7, wherein the output datum comprises a private key.
  - 12. The non-transitory computer-readable storage medium of claim 11, the computer program further comprising instructions for verifying a signature created using the private key.
  - 13. The non-transitory computer-readable storage medium of claim 11, the computer program further comprising instructions for certifying a public key corresponding to the private key.

14. A non-transitory computer-readable storage medium having a computer-readable program embodied therein for directing operation of a computer system comprising a communication system, a processor, and a storage device, wherein the computer-readable program comprises instructions for operating the computer system to create an output datum based on an identifier supplied by a user, the instructions further comprising instructions for:
- receiving, from the user, the identifier, wherein the identifier is either a correct identifier or an incorrect identifier of a plurality of incorrect identifiers;
  
  creating, using the identifier, a seed, wherein;
  
  the seed is created regardless of the identifier being the correct identifier or the incorrect identifier of the plurality of incorrect identifiers; and
  
  the value of the seed when the correct identifier is received as the identifier is different from the value of the seed when the incorrect identifier of the plurality of incorrect identifiers is received; and
  
  creating, using the seed, the output datum, wherein;
  
  the output datum is created regardless of the correct identifier or incorrect identifier of the plurality of incorrect identifiers being received; and
  
  the value of the output datum when the correct identifier is received as the identifier is different from the value of the output datum when the incorrect identifier of the plurality of incorrect identifiers is received, wherein;
  
  the instructions for creating, using the identifier, the seed, comprise instructions for using a masked representation of the seed to create the seed; and
  
  the seed was previously used to create the masked representation of the seed.

15. A method for operating an access control system to create a correct output datum when a correct identifier is supplied, but create an incorrect output datum when an incorrect identifier is received, the method comprising:
- receiving, by a computer system, an identifier, wherein the identifier may be the correct identifier or one of a plurality of incorrect identifiers;
  
  creating, by the computer system, a seed using the identifier, wherein the value of the seed varies depending on whether the identifier is the correct identifier or one of the plurality of incorrect identifiers;
  
  creating, by the computer system, using the seed, an output datum, wherein the output datum is the correct output datum when the correct identifier is received, and the output datum is one of a plurality of incorrect output datum when one of the plurality of incorrect identifiers is received.
- View Dependent Claims (16, 17, 18)
- - 16. The method of claim 15, wherein the output datum comprises a private key.
  - 17. The method of claim 15, wherein creating the seed using the identifier comprises padding the identifier.
  - 18. The method of claim 16, further comprising certifying a public key corresponding to the private key.

19. A method for operating an access control system to create a correct output datum when a correct identifier is supplied, but create an incorrect output datum when an incorrect identifier is received, the method comprising:
- receiving, by a computer system, an identifier, wherein the identifier may be the correct identifier or one of a plurality of incorrect identifiers;
  
  creating, by the computer system, a seed using the identifier, wherein the value of the seed varies depending on whether the identifier is the correct identifier or one of the plurality of incorrect identifiers; and
  
  creating, by the computer system, using the seed, an output datum, wherein the output datum is the correct output datum when the correct identifier is received, and the output datum is one of a plurality of incorrect output datum when one of the plurality of incorrect identifiers is received, wherein;
  
  creating the seed using the identifier comprises using a masked representation of the seed; and
  
  the seed was previously used to create the masked representation of the seed.
- View Dependent Claims (20)
- - 20. The method of claim 19, wherein creating the seed using the identifier comprises using an exclusive or (XOR) function to create the seed using the masked representation of the seed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Inventors
Hird, Geoffrey R.
Primary Examiner(s)
Hirl, Joseph P.
Assistant Examiner(s)
King, John B

Application Number

US12/018,059
Publication Number

US 20080181408A1
Time in Patent Office

2,093 Days
Field of Search

380277-283
US Class Current

380/277
CPC Class Codes

G06F 21/62   Protecting access to data v...

H04L 2209/046   of operations, operands or ...

H04L 2209/20   Manipulating the length of ...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0869   involving random numbers or...

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

Method and apparatus for secure cryptographic key generation, certification and use

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for secure cryptographic key generation, certification and use

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others