Signing key log management

US 9,992,027 B1
Filed: 09/14/2015
Issued: 06/05/2018
Est. Priority Date: 09/14/2015
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

at least one processor; and

memory including instructions that, when executed by the at least one processor, cause the system to;

receive a first request to generate a cryptographic key, the first request associated with a user and indicating a type of logging to be performed for use of the cryptographic key;

authenticate an identity of the user;

generate the cryptographic key, the cryptographic key including private parameters for a cryptographic signing function, information indicating the identity of the user, and metadata specifying a logging value and a mutability value, the logging value specifying the type of logging, the mutability value specifying how the logging value is changeable over a lifecycle of the cryptographic key;

provide the user with access to the cryptographic key;

receive a second request to sign data using the cryptographic key;

determine the logging value of the cryptographic key;

determine that the type of logging specified by the logging value is able to be enforced by the system;

sign the data using the cryptographic key;

perform the type of logging specified by the logging value for signing the data; and

transmit the signed data to a destination specified by the second request.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Cryptographic keys can include logging properties that enable those keys to be used only if the properties can be enforced by the cryptographic system requested to perform one or more actions using the keys. The logging property can specify how to log use of a respective key. A key can also include a mutability property for specifying whether the logging property can be changed, and if so under what circumstances or in which way(s). The ability to specify and automatically enforce logging can be important for environments where audit logs are essential. These can include, for example, public certificate authorities that must provide accurate and complete audit trails. In cases where the data is not to be provided outside a determined secure environment, the key can be generated with a property indicating not to log any of the usage.

Citations

12 Claims

1. A system, comprising:
- at least one processor; and
  
  memory including instructions that, when executed by the at least one processor, cause the system to;
  
  receive a first request to generate a cryptographic key, the first request associated with a user and indicating a type of logging to be performed for use of the cryptographic key;
  
  authenticate an identity of the user;
  
  generate the cryptographic key, the cryptographic key including private parameters for a cryptographic signing function, information indicating the identity of the user, and metadata specifying a logging value and a mutability value, the logging value specifying the type of logging, the mutability value specifying how the logging value is changeable over a lifecycle of the cryptographic key;
  
  provide the user with access to the cryptographic key;
  
  receive a second request to sign data using the cryptographic key;
  
  determine the logging value of the cryptographic key;
  
  determine that the type of logging specified by the logging value is able to be enforced by the system;
  
  sign the data using the cryptographic key;
  
  perform the type of logging specified by the logging value for signing the data; and
  
  transmit the signed data to a destination specified by the second request.
- View Dependent Claims (2, 3, 4)
- - 2. The system of claim 1, wherein the instructions when executed further cause the system to perform the type of logging by:
    - writing, to an audit log and in response to the logging value indicating to always log use data, the information about the signing including at least one of the data or a transformation of the data; and
      
      writing, to the audit log, at most information about the signing without any of the data of the message in response to the logging value indicating to never log data signed with the cryptographic key.
  - 3. The system of claim 1, wherein the instructions when executed further cause the system to:
    - receive a request to modify the logging value of the cryptographic key;
      
      modify the logging value in response to the mutability value enabling the logging value to be modified and an identity of a user associated with the request is authenticated; and
      
      deny the request in response to the mutability value indicating that the logging value is unable to be modified.
  - 4. The system of claim 3, wherein the instructions when executed further cause the system to:
    - generate a corresponding set of public verification parameters for a second cryptographic key; and
      
      provide the user with access to the set of public verification parameters.

5. A method, comprising:
- receiving a first request to generate a cryptographic key, the first request associated with a user and indicating a type of logging to be performed for use of the cryptographic key;
  
  authenticating an identity of the user;
  
  generating the cryptographic key, the cryptographic key including private parameters for a cryptographic signing function, information indicating the identity of the user, and metadata specifying a logging value and a mutability value, the logging value specifying the type of logging, the mutability value specifying how the logging value is changeable over a lifecycle of the cryptographic key;
  
  providing the user with access to the cryptographic key;
  
  receiving a second request to sign data using the cryptographic key;
  
  determining the logging value of the cryptographic key;
  
  determining that the type of logging specified by the logging value is able to be enforced by the system;
  
  signing the data using the cryptographic key;
  
  performing the type of logging specified by the logging value for signing the data; and
  
  transmitting the signed data to a destination specified by the second request.
- View Dependent Claims (6, 7, 8)
- - 6. The method of claim 5, wherein the type of logging is performed by:
    - writing, to an audit log and in response to the logging value indicating to always log use data, the information about the signing including at least one of the data or a transformation of the data; and
      
      writing, to the audit log, at most information about the signing without any of the data of the message in response to the logging value indicating to never log data signed with the cryptographic key.
  - 7. The method of claim 5, further comprising:
    - receiving a request to modify the logging value of the cryptographic key;
      
      modifying the logging value in response to the mutability value enabling the logging value to be modified and an identity of a user associated with the request is authenticated; and
      
      denying the request in response to the mutability value indicating that the logging value is unable to be modified.
  - 8. The method of claim 7, further comprising:
    - generating a corresponding set of public verification parameters for a second cryptographic key; and
      
      providing the user with access to the set of public verification parameters.

9. Non-transitory computer-readable storage media having stored therein instructions which, when executed by at least one computing device, cause the at least one computing device to:
- receive a first request to generate a cryptographic key, the first request associated with a user and indicating a type of logging to be performed for use of the cryptographic key;
  
  authenticate an identity of the user;
  
  generate the cryptographic key, the cryptographic key including private parameters for a cryptographic signing function, information indicating the identity of the user, and metadata specifying a logging value and a mutability value, the logging value specifying the type of logging, the mutability value specifying how the logging value is changeable over a lifecycle of the cryptographic key;
  
  provide the user with access to the cryptographic key;
  
  receive a second request to sign data using the cryptographic key;
  
  determine the logging value of the cryptographic key;
  
  determine that the type of logging specified by the logging value is able to be enforced by the system;
  
  sign the data using the cryptographic key;
  
  perform the type of logging specified by the logging value for signing the data; and
  
  transmit the signed data to a destination specified by the second request.
- View Dependent Claims (10, 11, 12)
- - 10. The non-transitory computer-readable storage media of claim 9, wherein the instructions when executed further cause the at least one computing device to perform the type of logging by:
    - writing, to an audit log and in response to the logging value indicating to always log use data, the information about the signing including at least one of the data or a transformation of the data; and
      
      writing, to the audit log, at most information about the signing without any of the data of the message in response to the logging value indicating to never log data signed with the cryptographic key.
  - 11. The non-transitory computer-readable storage media of claim 9, wherein the instructions when executed further cause the at least one computing device to:
    - receive a request to modify the logging value of the cryptographic key;
      
      modify the logging value in response to the mutability value enabling the logging value to be modified and an identity of a user associated with the request is authenticated; and
      
      deny the request in response to the mutability value indicating that the logging value is unable to be modified.
  - 12. The non-transitory computer-readable storage media of claim 11, wherein the instructions when executed further cause the at least one computing device to:
    - generate a corresponding set of public verification parameters for a second cryptographic key; and
      
      provide the user with access to the set of public verification parameters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Rubin, Gregory Alan, Roth, Gregory Branchek
Primary Examiner(s)
Wang, Harris C

Application Number

US14/853,605
Time in Patent Office

995 Days
Field of Search

713176
US Class Current
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/64   Protecting data integrity, ...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/72   Signcrypting, i.e. digital ...

H04L 9/0819   Key transport or distributi...

H04L 9/3247   involving digital signatures

Signing key log management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Signing key log management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links