Mobile device key management
First Claim
1. A method, comprising:
- securing a master key using a password-based key to generate a first encryption information, the password-based key generated based at least in part on a password associated with a mobile device;
securing the master key using an unlock key to generate a second encryption information, wherein the unlock key is stored at a server;
deleting the master key from the mobile device after generating the first encryption information and the second encryption information, wherein deleting the master key from the mobile device renders secured data on the mobile device inaccessible; and
storing the first encryption information and the second encryption information on the mobile device, wherein the mobile device is configured to;
extract the master key from the first encryption information using the password; and
in the event that the master key is not extracted using the password, extract the master key from the second encryption information using the unlock key received from the server, wherein to receive the unlock key from the server, the server is configured to authenticate an identity associated with a user of the mobile device.
4 Assignments
0 Petitions
Accused Products
Abstract
Mobile device key management is disclosed. A master key is secured using a password-based key to generate a first encryption information. The password-based key is generated based at least in part on a password associated with a mobile device. The master key is also secured using an unlock key to generate a second encryption information. The unlock key is stored at a server, and in certain cases is not stored on the mobile device. The first encryption information and the second encryption information are stored on the mobile device. The mobile device is configured to extract the master key from the first encryption information using the password. In the event that the master key is not extracted using the password, the mobile device is configured to extract the master key from the second encryption information using the unlock key received from the server.
27 Citations
20 Claims
-
1. A method, comprising:
-
securing a master key using a password-based key to generate a first encryption information, the password-based key generated based at least in part on a password associated with a mobile device; securing the master key using an unlock key to generate a second encryption information, wherein the unlock key is stored at a server; deleting the master key from the mobile device after generating the first encryption information and the second encryption information, wherein deleting the master key from the mobile device renders secured data on the mobile device inaccessible; and storing the first encryption information and the second encryption information on the mobile device, wherein the mobile device is configured to; extract the master key from the first encryption information using the password; and in the event that the master key is not extracted using the password, extract the master key from the second encryption information using the unlock key received from the server, wherein to receive the unlock key from the server, the server is configured to authenticate an identity associated with a user of the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system, comprising:
-
a processor; and a memory coupled with the processor, wherein the memory is configured to provide the processor with instructions which when executed cause the processor to; secure a master key using a password-based key to generate a first encryption information, the password-based key generated based at least in part on a password associated with a mobile device; secure the master key using an unlock key to generate a second encryption information, wherein the unlock key is stored at a server; delete the master key from the mobile device after generating the first encryption information and the second encryption information, wherein deleting the master key from the mobile device renders secured data on the device inaccessible; and store the first encryption information and the second encryption information on the mobile device, wherein the mobile device is configured to; extract the master key from the first encryption information using the password; and in the event that the master key is not extracted using the password, extract the master key from the second encryption information using the unlock key received from the server, wherein to receive the unlock key from the server, the server is configured to authenticate an identity associated with a user of the mobile device.
-
-
20. A computer program product, the computer program product being embodied in a tangible non-transitory computer readable storage medium and comprising computer instructions for:
-
securing a master key using a password-based key to generate a first encryption information, the password-based key generated based at least in part on a password associated with a mobile device; securing the master key using an unlock key to generate a second encryption information, wherein the unlock key is stored at a server; deleting the master key from the mobile device after generating the first encryption information and the second encryption information, wherein deleting the master key from the mobile device renders secured data on the device inaccessible; and storing the first encryption information and the second encryption information on the mobile device wherein the mobile device is configured to; extract the master key from the first encryption information using the password; and in the event that the master key is not extracted using the password, extract the master key from the second encryption information using the unlock key received from the server, wherein to receive the unlock key from the server, the server is configured to authenticate an identity associated with a user of the mobile device.
-
Specification