Small form-factor cryptographic expansion device

US 9,762,551 B2
Filed: 07/21/2016
Issued: 09/12/2017
Est. Priority Date: 05/02/2012
Status: Active Grant

First Claim

Patent Images

1. A device comprising:

a first set of electrical contacts for interfacing to a communication device;

a second set of electrical contacts for interfacing to a communication component; and

a substrate including a hardware security module coupled to the first set of electrical contacts and the second set of electrical contacts,wherein the hardware security module includes a secure processing unit and a public processing unit,wherein the public processing unit includes a communication device interface coupled to the first set of electrical contacts, and a communication component interface coupled to the second set of electrical contacts, andwherein the public processing unit is configured to;

process messages received at the communication device interface and the communication component interface;

send requests to perform cryptographic operations to the secure processing unit in response to receiving messages on the communication device interface that are associated with secure operations; and

pass through messages that are associated with non-secure operations between the communication device interface and the communication component interface.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cryptographic expansion device that can be attached to a communication component of a communication device to enable the communication device to perform cryptographic operations on communications sent to and from the communication device is described. The cryptographic expansion device can be a small-form factor cryptographic expansion device that can be used with a small-form factor communication component such as a micro-SIM (subscriber identity module) card. When used with a communication device, the cryptographic expansion device enables the communication device to send and received end-to-end secure encrypted communications. The end-to-end secure communications enabled by the cryptographic expansion device can be utilized by a user of the communication device to perform financial and/or banking transactions.

45 Citations

View as Search Results

19 Claims

1. A device comprising:
- a first set of electrical contacts for interfacing to a communication device;
  
  a second set of electrical contacts for interfacing to a communication component; and
  
  a substrate including a hardware security module coupled to the first set of electrical contacts and the second set of electrical contacts,wherein the hardware security module includes a secure processing unit and a public processing unit,wherein the public processing unit includes a communication device interface coupled to the first set of electrical contacts, and a communication component interface coupled to the second set of electrical contacts, andwherein the public processing unit is configured to;
  
  process messages received at the communication device interface and the communication component interface;
  
  send requests to perform cryptographic operations to the secure processing unit in response to receiving messages on the communication device interface that are associated with secure operations; and
  
  pass through messages that are associated with non-secure operations between the communication device interface and the communication component interface.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The device of claim 1, wherein the secure processing unit responds to encryption and decryption requests only when the encryption and decryption requests are from the public processing unit.
  - 3. The device of claim 1, wherein the secure processing unit is accessible to both the communication component and the communication device only through the public processor unit.
  - 4. The device of claim 1, wherein the secure processing unit includes a secure memory, and the public processing unit includes a memory that is separate from the secure memory.
  - 5. The device of claim 1, wherein the secure processing unit enables the communication device to perform cryptographic operations that are otherwise not available to the communication device.
  - 6. The device of claim 1, wherein the secure processing unit includes a cryptographic key storage that is provisioned during manufacturing of the device.
  - 7. The device of claim 6, wherein the cryptographic key storage cannot be altered by an external source without a master key.
  - 8. The device of claim 6, wherein contents of the cryptographic key storage are not transmitted outside of the secure processing unit.
  - 9. The device of claim 1, further comprising a coupling element to couple the device to the communication component.
  - 10. The device of claim 9, wherein the coupling element is an adhesive.
  - 11. The device of claim 9, wherein the coupling element is configured to mechanically couple the device to the communication component.
  - 12. The device of claim 1, wherein the communication component is a subscriber identity card.
  - 13. The device of claim 1, wherein the communication component is a memory card.

14. A system comprising:
- a communication component; and
  
  a cryptographic expansion device coupled to the communication component, the cryptographic expansion device comprising;
  
  a first set of electrical contacts for interfacing to a communication device;
  
  a second set of electrical contacts for interfacing to the communication component; and
  
  a substrate including a hardware security module coupled to the first set of electrical contacts and the second set of electrical contacts,wherein the hardware security module includes a processor and a cryptoprocessor,wherein the processor includes a communication device interface coupled to the first set of electrical contacts, and a communication component interface coupled to the second set of electrical contacts, andwherein the processor is configured to;
  
  process messages received at the communication device interface and the communication component interface;
  
  send requests to perform cryptographic operations to the cryptoprocessor in response to receiving messages on the communication device interface that are associated with encryption or decryption operations; and
  
  pass through messages that are associated with non-secure operations between the communication device interface and the communication component interface.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The system of claim 14, wherein the cryptoprocessor is configured to respond only to the requests to perform the cryptographic operations that are received from the processor of the cryptographic expansion device.
  - 16. The system of claim 14, wherein the communication component is a communication card.
  - 17. The system of claim 16, wherein the system including the communication component and the cryptographic expansion device is insertable into a communication card receiving slot of a communication device.
  - 18. The system of claim 17, wherein the cryptographic expansion device is configured to use a communication interface of the communication device to transmit encrypted data.
  - 19. The system of claim 14, wherein the cryptographic expansion device is configured to destroy cryptographic keys stored in the cryptographic expansion device when the cryptographic expansion device is removed from the communication component.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
Huxham, Horatio Nelson, O'Regan, Alan Joseph
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
ALMEIDA, DEVIN E

Application Number

US15/216,386
Publication Number

US 20170099265A1
Time in Patent Office

418 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0853   using an additional device,...

H04L 9/0625   with splitting of the data ...

H04L 9/0631   Substitution permutation ne...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/06   Authentication

H04W 88/02   Terminal devices

Small form-factor cryptographic expansion device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

45 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Small form-factor cryptographic expansion device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

45 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links