Decryption of a protected resource on a cryptographic device using wireless communication
First Claim
Patent Images
1. A method comprising:
- decrypting encoded information under a first cryptographic key from a collection of multiple cryptographic keys on a first cryptographic device to access a protected resource, wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag, wherein each cryptographic key in the collection is associated with one or more sub-keys, and wherein the first cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys associated with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the first cryptographic key to one or more maintained sub-keys;
rendering null all of the one or more sub-keys associated with the first cryptographic key;
erasing the first cryptographic key;
transmitting, to the first cryptographic device, a command to modify each of the one or more sub-keys associated with each remaining cryptographic key in the collection of cryptographic keys;
selecting a second cryptographic key from the collection of multiple cryptographic keys on the first cryptographic device; and
encrypting the protected resource under the second cryptographic key, wherein the second cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more modified sub-keys associated with the second cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the second cryptographic key to one or more maintained sub-keys.
9 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatus and articles of manufacture for decrypting a protected resource on a cryptographic device are provided herein. A method includes decrypting encoded information under a first cryptographic key to access a protected resource, wherein the first cryptographic key is read from a first cryptographic device subsequent to authenticating to the first cryptographic device using a first authentication key, randomly selecting a second cryptographic key, encrypting the protected resource under the second cryptographic key, and writing the second cryptographic key onto the first cryptographic device subsequent to authenticating to the first cryptographic device.
15 Citations
20 Claims
-
1. A method comprising:
-
decrypting encoded information under a first cryptographic key from a collection of multiple cryptographic keys on a first cryptographic device to access a protected resource, wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag, wherein each cryptographic key in the collection is associated with one or more sub-keys, and wherein the first cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys associated with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the first cryptographic key to one or more maintained sub-keys; rendering null all of the one or more sub-keys associated with the first cryptographic key; erasing the first cryptographic key; transmitting, to the first cryptographic device, a command to modify each of the one or more sub-keys associated with each remaining cryptographic key in the collection of cryptographic keys; selecting a second cryptographic key from the collection of multiple cryptographic keys on the first cryptographic device; and encrypting the protected resource under the second cryptographic key, wherein the second cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more modified sub-keys associated with the second cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the second cryptographic key to one or more maintained sub-keys. - View Dependent Claims (2, 3, 4)
-
-
5. An article of manufacture comprising a processor-readable storage memory having processor-readable instructions tangibly embodied thereon which, when implemented, cause a processor to carry out steps comprising:
-
decrypting encoded information under a first cryptographic key from a collection of multiple cryptographic keys on a first cryptographic device to access a protected resource, wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag, wherein each cryptographic key in the collection is associated with one or more sub-keys, and wherein the first cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys associated with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the first cryptographic key to one or more maintained sub-keys; rendering null all of the one or more sub-keys associated with the first cryptographic key; erasing the first cryptographic key; transmitting, to the first cryptographic device, a command to modify each of the one or more sub-keys associated with each remaining cryptographic key in the collection of cryptographic keys; selecting a second cryptographic key from the collection of multiple cryptographic keys on the first cryptographic device; and encrypting the protected resource under the second cryptographic key, wherein the second cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more modified sub-keys associated with the second cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the second cryptographic key to one or more maintained sub-keys.
-
-
6. A method comprising:
-
selecting a first cryptographic key from a first set of cryptographic keys on a first cryptographic device, wherein each cryptographic key in the first set includes one or more sub-keys, and wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag; decrypting encoded information under the first cryptographic key to access a protected resource, wherein said decrypting comprises receiving the selected first cryptographic key from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys included with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys included with the first cryptographic key to one or more maintained sub-keys; rendering null all of the one or more sub-keys included with the first cryptographic key, thereby rendering the number of unused sub-keys included in the first set of cryptographic keys, excluding the first cryptographic key, to be in a range from 1 to e−
1, wherein e represents the number of cryptographic keys in the first set of cryptographic keys;generating an additional sub-key to be included in each respective cryptographic key of the first set of cryptographic keys, thereby rendering the number of unused sub-keys included in the first set of cryptographic keys to be in a range from 1 to e; transmitting the generated set of sub-keys to the first cryptographic device; selecting a second cryptographic key from the first set of cryptographic keys, said second cryptographic key including at least one sub-key from the generated sub-keys and at least one pre-existing sub-key; and encrypting the protected resource under the second cryptographic key and/or a key related to the second cryptographic key, wherein said encrypting comprises receiving the selected second cryptographic key from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the two or more sub-keys included with the second cryptographic key from the first cryptographic device and (ii) matching all of the two or more sub-keys included with the second cryptographic key to two or more maintained sub-keys. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. An article of manufacture comprising a processor-readable storage memory having processor-readable instructions tangibly embodied thereon which, when implemented, cause a processor to carry out steps comprising:
-
selecting a first cryptographic key from a first set of cryptographic keys on a first cryptographic device, wherein each cryptographic key in the first set includes one or more sub-keys, and wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag; decrypting encoded information under the first cryptographic key to access a protected resource, wherein said decrypting comprises receiving the selected first cryptographic key from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys included with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys included with the first cryptographic key to one or more maintained sub-keys; rendering null all of the one or more sub-keys included with the first cryptographic key, thereby rendering the number of unused sub-keys included in the first set of cryptographic keys, excluding the first cryptographic key, to be in a range from 1 to e−
1, wherein e represents the number of cryptographic keys in the first set of cryptographic keys;generating an additional sub-key to be included in each respective cryptographic key of the first set of cryptographic keys, thereby rendering the number of unused sub-keys included in the first set of cryptographic keys to be in a range from 1 to e; transmitting the generated sub-keys to the first cryptographic device; selecting a second cryptographic key from the first set of cryptographic keys, said second cryptographic key including at least one sub-key from the generated sub-keys and at least one pre-existing sub-key; and encrypting the protected resource under the second cryptographic key and/or a key related to the second cryptographic key, wherein said encrypting comprises receiving the selected second cryptographic key from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the two or more sub-keys included with the second cryptographic key from the first cryptographic device and (ii) matching all of the two or more sub-keys included with the second cryptographic key to two or more maintained sub-keys.
-
-
13. An apparatus comprising a cryptographic device, comprising:
-
a memory; and at least one processor coupled to the memory and configured to; decrypt encoded information under a first cryptographic key from a collection of multiple cryptographic keys on a first cryptographic device to access a protected resource, wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag, wherein each cryptographic key in the collection is associated with one or more sub-keys, and wherein the first cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys associated with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the first cryptographic key to one or more maintained sub-keys; render null all of the one or more sub-keys associated with the first cryptographic key; erase the first cryptographic key; transmit, to the first cryptographic device, a command to modify each of the one or more sub-keys associated with each remaining cryptographic key in the collection of cryptographic keys; select a second cryptographic key from the collection of multiple cryptographic keys on the first cryptographic device; and encrypt the protected resource under the second cryptographic key, wherein the second cryptographic key is read from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more modified sub-keys associated with the second cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys associated with the second cryptographic key to one or more maintained sub-keys. - View Dependent Claims (15, 16, 17)
-
-
14. An apparatus comprising a cryptographic device, comprising:
-
a memory; and at least one processor coupled to the memory and configured to; select a first cryptographic key from a first set of cryptographic keys on a first cryptographic device, wherein each cryptographic key in the first set includes one or more sub-keys, and wherein the first cryptographic device comprises one of a radio-frequency identification tag and a near-field communication tag; decrypt encoded information under the first cryptographic key to access a protected resource, wherein said decrypting comprises receiving the selected first cryptographic key from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the one or more sub-keys included with the first cryptographic key from the first cryptographic device and (ii) matching all of the one or more sub-keys included with the first cryptographic key to one or more maintained sub-keys; render null all of the one or more sub-keys included with the first cryptographic key, thereby rendering the number of unused sub-keys included in the first set of cryptographic keys, excluding the first cryptographic key, to be in a range from 1 to e−
1, wherein e represents the number of cryptographic keys in the first set of cryptographic keys;generate an additional sub-key to be included in each respective cryptographic key of the first set of cryptographic keys, thereby rendering the number of unused sub-keys included in the first set of cryptographic keys to be in a range from 1 to e; transmit the generated sub-keys to the first cryptographic device; select a second cryptographic key from the first set of cryptographic keys, said second cryptographic key including at least one sub-key from the generated set of sub-keys and at least one pre-existing sub-key; and encrypt the protected resource under the second cryptographic key and/or a key related to the second cryptographic key, wherein said encrypting comprises receiving the selected second cryptographic key from the first cryptographic device subsequent to authenticating to the first cryptographic device by (i) reading all of the two or more sub-keys included with the second cryptographic key from the first cryptographic device and (ii) matching all of the two or more sub-keys included with the second cryptographic key to two or more maintained sub-keys. - View Dependent Claims (18, 19, 20)
-
Specification