Method and apparatus for secure cryptographic key generation, certification and use
First Claim
1. A digital wallet, secured with a user'"'"'s access code, comprising:
- (a) a computer-implemented input for receiving an input access code;
(b) a seed derivation module operatively connected to said computer-implemented input, for deriving a seed using the input access code; and
(c) a seed-based data generation module that receives said seed and generates at least an output datum,wherein said seed-based data generation module is configured such that said output datum corresponds to at least a portion of a confidential datum of said user if said input access code equals said user'"'"'s access code and said output datum corresponds to a data sequence that is not usable as said at least a portion of said confidential datum of said user if said input access code equals any one of a plurality of access codes not equal to said user'"'"'s access code, andwherein said data sequence has the appearance of said at least a portion of said confidential datum.
3 Assignments
0 Petitions
Accused Products
Abstract
A confidential datum, such as a private key used in public key signature systems, is secured in a digital wallet using a “generation camouflaging” technique. With this technique, the private key is not necessarily stored in the digital wallet, not even in an encrypted form. Instead, the wallet contains a private key generation function that reproduces the correct private key when the user inputs his or her pre-selected PIN. If the user inputs an incorrect PIN, an incorrect private key is outputted. Such private key can be configured so that it cannot be readily distinguished from the correct private key through the use of private key formatting, and/or the use of pseudo-public keys corresponding to the private key. The techniques described herein are also applicable to other forms of regeneratable confidential data besides private keys.
63 Citations
20 Claims
-
1. A digital wallet, secured with a user'"'"'s access code, comprising:
-
(a) a computer-implemented input for receiving an input access code; (b) a seed derivation module operatively connected to said computer-implemented input, for deriving a seed using the input access code; and (c) a seed-based data generation module that receives said seed and generates at least an output datum, wherein said seed-based data generation module is configured such that said output datum corresponds to at least a portion of a confidential datum of said user if said input access code equals said user'"'"'s access code and said output datum corresponds to a data sequence that is not usable as said at least a portion of said confidential datum of said user if said input access code equals any one of a plurality of access codes not equal to said user'"'"'s access code, and wherein said data sequence has the appearance of said at least a portion of said confidential datum. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer-readable storage medium having a computer-readable program embodied therein for directing operation of a computer system comprising a communication system, a processor, and a storage device, wherein the computer-readable program comprises instructions for operating the computer system to create an output datum based on an identifier supplied by a user, the instructions further comprising instructions for:
-
receiving, from the user, the identifier, wherein the identifier is either a correct identifier or an incorrect identifier of a plurality of incorrect identifiers; creating, using the identifier, a seed, wherein; the seed is created regardless of the identifier being the correct identifier or the incorrect identifier of the plurality of incorrect identifiers; and the value of the seed when the correct identifier is received as the identifier is different from the value of the seed when the incorrect identifier of the plurality of incorrect identifiers is received; and creating, using the seed, the output datum, wherein; the output datum is created regardless of the correct identifier or incorrect identifier of the plurality of incorrect identifiers being received; and the value of the output datum when the correct identifier is received as the identifier is different from the value of the output datum when the incorrect identifier of the plurality of incorrect identifiers is received. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A non-transitory computer-readable storage medium having a computer-readable program embodied therein for directing operation of a computer system comprising a communication system, a processor, and a storage device, wherein the computer-readable program comprises instructions for operating the computer system to create an output datum based on an identifier supplied by a user, the instructions further comprising instructions for:
-
receiving, from the user, the identifier, wherein the identifier is either a correct identifier or an incorrect identifier of a plurality of incorrect identifiers; creating, using the identifier, a seed, wherein; the seed is created regardless of the identifier being the correct identifier or the incorrect identifier of the plurality of incorrect identifiers; and the value of the seed when the correct identifier is received as the identifier is different from the value of the seed when the incorrect identifier of the plurality of incorrect identifiers is received; and creating, using the seed, the output datum, wherein; the output datum is created regardless of the correct identifier or incorrect identifier of the plurality of incorrect identifiers being received; and the value of the output datum when the correct identifier is received as the identifier is different from the value of the output datum when the incorrect identifier of the plurality of incorrect identifiers is received, wherein; the instructions for creating, using the identifier, the seed, comprise instructions for using a masked representation of the seed to create the seed; and the seed was previously used to create the masked representation of the seed.
-
-
15. A method for operating an access control system to create a correct output datum when a correct identifier is supplied, but create an incorrect output datum when an incorrect identifier is received, the method comprising:
-
receiving, by a computer system, an identifier, wherein the identifier may be the correct identifier or one of a plurality of incorrect identifiers; creating, by the computer system, a seed using the identifier, wherein the value of the seed varies depending on whether the identifier is the correct identifier or one of the plurality of incorrect identifiers; creating, by the computer system, using the seed, an output datum, wherein the output datum is the correct output datum when the correct identifier is received, and the output datum is one of a plurality of incorrect output datum when one of the plurality of incorrect identifiers is received. - View Dependent Claims (16, 17, 18)
-
-
19. A method for operating an access control system to create a correct output datum when a correct identifier is supplied, but create an incorrect output datum when an incorrect identifier is received, the method comprising:
-
receiving, by a computer system, an identifier, wherein the identifier may be the correct identifier or one of a plurality of incorrect identifiers; creating, by the computer system, a seed using the identifier, wherein the value of the seed varies depending on whether the identifier is the correct identifier or one of the plurality of incorrect identifiers; and creating, by the computer system, using the seed, an output datum, wherein the output datum is the correct output datum when the correct identifier is received, and the output datum is one of a plurality of incorrect output datum when one of the plurality of incorrect identifiers is received, wherein; creating the seed using the identifier comprises using a masked representation of the seed; and the seed was previously used to create the masked representation of the seed. - View Dependent Claims (20)
-
Specification