Method and system for securing data utilizing redundant secure key storage
First Claim
1. A data processing device, comprising:
- a processor, comprising;
a key generating module adapted to generate a first encryption key from a first password, a key seed, and a current key; and
at least one redundant encryption key from the first password, the key seed, and the current key; and
a module adapted to encrypt data using the first encryption key, and to decrypt the data thus encrypted using a selected key,wherein the selected key is selected from;
the first encryption key;
orupon determination that a particular event has occurred, one of the at least one redundant encryption key.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method which protects a data processing system against encryption key errors by providing redundant encryption keys stored in different locations, and providing the software with the ability to select an alternate redundant key if there is any possibility that the encryption key being used may be corrupted. In the preferred embodiment, a memory control module in the data processing device is configured to accommodate the storage of multiple (for example up to four or more) independent password/key pairs, and the control module duplicates a password key at the time of creation. The redundant passwords and encryption keys are forced into different memory slots for later retrieval if necessary. The probability of redundant keys being corrupted simultaneously is infinitesimal, so the system and method of the invention ensures that there is always an uncorrupted encryption key available.
23 Citations
25 Claims
-
1. A data processing device, comprising:
a processor, comprising; a key generating module adapted to generate a first encryption key from a first password, a key seed, and a current key; and
at least one redundant encryption key from the first password, the key seed, and the current key; anda module adapted to encrypt data using the first encryption key, and to decrypt the data thus encrypted using a selected key, wherein the selected key is selected from; the first encryption key;
orupon determination that a particular event has occurred, one of the at least one redundant encryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method of securing data in a data processing device, comprising:
-
generating a first encryption key from a first password, a key seed, and a current key; generating at least one redundant encryption key from the first password, the key seed, and the current key; encrypting data using the first encryption key; and decrypting the data thus encrypted using a selected key, wherein the selected key is selected from; the first encryption key;
orupon determination that a particular event has occurred, one of the at least one redundant encryption key. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A data processing device, comprising:
a processor, comprising; at least one key generator for generating a first encryption key from a first password, a key seed, and a current key and at least one redundant encryption key from the first password, the key seed, and the current key; an encryptor for encrypting data using the first encryption key; and a decryptor for decrypting the data thus encrypted using a selected key, wherein the selected key is selected from; the first encryption key;
orupon determination that a particular event has occurred, one of the at least one redundant encryption key. - View Dependent Claims (20, 21, 22, 23, 24, 25)
Specification