Electronic information and cryptographic key management system

US 20040151318A1
Filed: 12/01/2003
Published: 08/05/2004
Est. Priority Date: 06/01/2001
Status: Active Grant

First Claim

Patent Images

1. A method of securing electronic information, comprising the steps of:

associating at least one cryptographic key with electronic information;

securing said at least one cryptographic key;

confirming said step of securing;

enabling a function responsive to said step of confirming; and

securing electronic information.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A systems and method of electronic information securement. The invention provides for the securement of electrical information and cryptographic keys through cryptographic key management systems (52) providing for the confirmation that one or a plurality of cryptographic keys (58) have been secured to the key management system. Confirmation provided by the key management system enables other systems to perform cryptographic and electronic information functions such as encryption, decryption, saving, and transferring of information. Further systems are provided having at least one client system (54), at least one cryptographic key management system (52), and at least one electronic information storage system (56), whereby the key management system enables functionality of the system after providing securement confirmation of keys and data.

38 Citations

View as Search Results

220 Claims

1. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling a function responsive to said step of confirming; and
  
  securing electronic information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99)
- - 2. A method of securing electronic information as described in claim 1 further comprising the step of generating said at least one cryptographic key.
  - 3. A method of securing electronic information as described in claim 2 wherein said step of generating said at least one cryptographic key comprises generating said at least one cryptographic key by at least one client system.
  - 4. A method of securing electronic information as described in claim 3 wherein said step of generating said at least one cryptographic key by at least one client system comprises generating said at least one cryptographic key by at least one client system selected from the group consisting of:
    - a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a rom, a chip, software, and firmware.
  - 5. A method of securing electronic information as described in claim 2 wherein said step of generating said at least one cryptographic key comprises generating said at least one cryptographic key by at least one cryptographic key management system.
  - 6. A method of securing electronic information as described in claim 2 wherein said step of generating said at least one cryptographic key comprises generating said at least one cryptographic key by at least one electronic information storage system.
  - 7. A method of securing electronic information as described in claim 6 wherein said step of generating said at least one cryptographic key by said at least one electronic information storage system comprises generating said at least one cryptographic key by at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 8. A method of securing electronic information as described in claim 6 wherein said step of generating said at least one cryptographic key comprises generating said at least one cryptographic key by at least one cryptographic key management system responsive to said at least one electronic information storage system.
  - 9. A method of securing electronic information as described in claim 2 further comprising the step of confirming generation of said at least one cryptographic key.
  - 10. A method of securing electronic information as described in claim 9 wherein said step of confirming generation comprises confirming generation of at least one valid key.
  - 11. A method of securing electronic information as described in claim 10 further comprising the step of defining a cryptosystem and wherein said step of confirming generation of at least one valid key comprises confirming generation of a key of said defined cryptosystem.
  - 12. A method of securing electronic information as described in claim 10 further comprising the step of defining a cryptographic key-based algorithm and wherein said step of confirming generation of at least one valid key comprises confirming generation of a key of said defined cryptographic key-based algorithm.
  - 13. A method of securing electronic information as described in claim 10 further comprising the step of providing said at least one cryptographic key in a read-only format and wherein said step of confirming generation of at least one valid key comprises confirming generation of said crypto key in a read-only format.
  - 14. A method of securing electronic information as described in claim 1 wherein said step of securing at least one cryptographic key comprises saving said at least one cryptographic key to at least one cryptographic key management system.
  - 15. A method of securing electronic information as described in claim 1 wherein said step of securing at least one cryptographic key comprises encrypting said at least one cryptographic key and saving said at least one cryptographic key to at least one cryptographic key management system.
  - 16. A method of securing electronic information as described in claim 15 wherein said step of encrypting said at least one cryptographic key comprises encrypting said at least one cryptographic key by at least one client system.
  - 17. A method of securing electronic information as described in claim 16 wherein said step of encrypting said at least one cryptographic key by at least one client system comprises encrypting by at least one client system selected from the group consisting of:
    - a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a rom, a chip, software, and firmware.
  - 18. A method of securing electronic information as described in claim 15 wherein said step of encrypting said at least one cryptographic key comprises encrypting said at least one cryptographic key by said at least one cryptographic key management system.
  - 19. A method of securing electronic information as described in claim 15 wherein said step of encrypting said at least one cryptographic key comprises encrypting said at least one cryptographic key by at least one electronic information storage system.
  - 20. A method of securing electronic information as described in claim 19 wherein said step of encrypting said at least one cryptographic key by at least one electronic information storage system comprises encrypting said at least one cryptographic key by at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 21. A method of securing electronic information as described in claim 15 wherein said step of encrypting comprises partially encrypting said at least one cryptographic key.
  - 22. A method of securing electronic information as described in claim 15 wherein said step of encrypting comprises encrypting said at least one cryptographic key in a plurality of encryption states.
  - 23. A method of securing electronic information as described in claims 15 or 22 wherein said step of encrypting comprises encrypting said at least one cryptographic key during transmission of said at least one cryptographic key.
  - 24. A method of securing electronic information as described in claim 23 wherein said step of encrypting said at least one cryptographic key comprises encrypting said at least one cryptographic key in a secure socket layer.
  - 25. A method of securing electronic information as described in claim 15 wherein said at least one cryptographic key comprises a plurality of key portions and wherein said step of encrypting comprises encrypting said plurality of key portions.
  - 26. A method of securing electronic information as described in claims 14 or 15 wherein said step of saving to at least one cryptographic key management system comprises saving at least a portion of said at least one cryptographic key to at least one cryptographic key management system.
  - 27. A method of securing electronic information as described in claims 14 or 15 wherein said at least one cryptographic key comprises a plurality of key portions and wherein said step of saving to at least one cryptographic key management system comprises saving each key portion of said at least one cryptographic key to at least one cryptographic key management system.
  - 28. A method of securing electronic information as described in claim 27 wherein said step of saving each key portion comprises saving each key portion to one of said at least one cryptographic key management system.
  - 29. A method of securing electronic information as described in claim 1 wherein said step of associating at least one cryptographic key with electronic information comprises associating at least one cryptographic key with at least one system identification.
  - 30. A method of securing electronic information as described in claim 29 wherein said step of associating at least one cryptographic key with at least one system identification comprises associating at least one cryptographic key with at least one user identification and password.
  - 31. A method of securing electronic information as described in claim 29 wherein said step of associating at least one cryptographic key with at least one system identification comprises associating at least one cryptographic key with at least one system identification selected from the group consisting of:
    - a ticket, a pointer, a certificate, an add-on module, user information, and a random number.
  - 32. A method of securing electronic information as described in claims 30 or 31 further comprising the step of generating said at least one system identification by at least one client system.
  - 33. A method of securing electronic information as described in claim 32 wherein said step of generating said at least one system identification by at least one client system comprises generating by at least one client system selected from the group consisting of:
    - a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a rom, a chip, software, and firmware.
  - 34. A method of securing electronic information as described in claims 30 or 31 further comprising the step of generating said at least one user identification by at least one electronic information storage system.
  - 35. A method of securing electronic information as described in claim 34 wherein said step of generating said at least one system identification by at least one electronic information storage system comprises generating by at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 36. A method of securing electronic information as described in claims 30 or 31 further comprising the step of generating said at least one system identification by at least one cryptographic key management system.
  - 37. A method of securing electronic information as described in claim 29 further comprising the step of securing said at least one system identification.
  - 38. A method of securing electronic information as described in claim 37 wherein said step of securing said at least one cryptographic key comprises saving said at least one cryptographic key to at least one cryptographic key management system and said step of securing said at least one system identification comprises saving said at least one system identification to at least one cryptographic key management system.
  - 39. A method of securing electronic information as described in claim 38 wherein said step of securing said at least one system identification further comprises encrypting said at least one system identification.
  - 40. A method of securing electronic information as described in claim 38 wherein said step of securing said at least one cryptographic key further comprises encrypting said at least one cryptographic key.
  - 41. A method of securing electronic information as described in claims 38, 39, or 40 wherein said steps of securing further comprise restricting access of a user to said at least one cryptographic key to access selected from the group consisting of:
    - user identification and password access, ticket access, pointer access, certificate access, add-on module access, user information access, and random number access.
  - 42. A method of securing electronic information as described in claims 38, 39, or 40 further comprising the step of confirming securing said at least one system identification and wherein said step of enabling a function comprises enabling a function responsive to said steps of confirming securing said at least one cryptographic key and said at least one system identification.
  - 43. A method of securing electronic information as described in claim 42 wherein said step of enabling a function comprises enabling a function selected from the group consisting of:
    - enabling the encryption of electronic information, enabling the decryption of electronic information, enabling the transfer of electronic information, enabling the saving of electronic information, enabling electronic information to be read, enabling electronic information to be rewritten, enabling electronic information to be created, and enabling electronic information to be manipulated.
  - 44. A method of securing electronic information as described in claim 29 wherein said step of associating said at least one cryptographic key comprises compartmentally associating said at least one cryptographic key with electronic information.
  - 45. A method of securing electronic information as described in claim 44 further comprising the step of compartmentally associating said at least one system identification with electronic information.
  - 46. A method of securing electronic information as described in claim 1 further comprising the step of providing acknowledgment to at least one electronic information storage system of said step of securing said at least one cryptographic key in response to said step of confirming.
  - 47. A method of securing electronic information as described in claim 46 wherein said step of providing acknowledgment to at least one electronic information storage system comprises providing acknowledgment to at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 48. A method of securing electronic information as described in claim 1 further comprising the step of providing acknowledgment to at least one client system of said step of securing of said at least one cryptographic key in response to said step of confirming.
  - 49. A method of securing electronic information as described in claim 48 wherein said step of providing acknowledgment to at least one client system comprises providing acknowledgment to at least one client system selected from the group consisting of:
    - a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a rom, a chip, software, and firmware.
  - 50. A method of securing electronic information as described in claims 46 or 48 wherein said steps of confirming said step of securing said at least one cryptographic key and providing acknowledgment of said step of securing said at least one cryptographic key are provided by at least one cryptographic key management system.
  - 51. A method of securing electronic information as described in claims 46 or 48 wherein said step of providing acknowledgment comprises providing at least one signal representative of said step of confirming.
  - 52. A method of securing electronic information as described in claim 1 wherein said step of enabling a function comprises enabling a function selected from the group consisting of:
    - enabling the encryption of electronic information, enabling the decryption of electronic information, enabling the transfer of electronic information, enabling the saving of electronic information, enabling electronic information to be read, enabling electronic information to be rewritten, enabling electronic information to be created, and enabling electronic information to be manipulated.
  - 53. A method of securing electronic information as described in claim 52 wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, cyphertext, at least one user identification, at least one password, and at least one random number.
  - 54. A method of securing electronic information as described in claim 52 wherein said step of enabling a function further comprising generating at least one cryptographic key.
  - 55. A method of securing electronic information as described in claims 52, 53, or 54 wherein said step of enabling a function comprises enabling a function of at least one electronic information storage system.
  - 56. A method of securing electronic information as described in claims 52, 53, or 54 wherein said step of enabling a function comprises enabling a function of at least one client system.
  - 57. A method of securing electronic information as described in claims 1 or 52 wherein said step of enabling a function comprises enabling a function in response to said step of providing acknowledgment as recited in claim 46.
  - 58. A method of securing electronic information as described in claims 1 or 52 wherein said step of enabling a function comprises enabling a function in response to said step of providing acknowledgment as recited in claim 48.
  - 59. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises encrypting electronic information.
  - 60. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises decrypting electronic information.
  - 61. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises transferring electronic information.
  - 62. A method of securing electronic information as described in claim 61 further comprising the step of encrypting said electronic information during transferring.
  - 63. A method of securing electronic information as described in claim 62 wherein said step of encrypting said electronic information comprises encrypting said electronic information in a secure socket layer.
  - 64. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises saving electronic information.
  - 65. A method of securing electronic information as described in claim 64 wherein said step of saving electronic information comprises saving electronic information to at least one electronic information storage system.
  - 66. A method of securing electronic information as described in claim 65 wherein said step of saving electronic information to at least one electronic information storage system comprises saving electronic information to at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 67. A method of securing electronic information as described in claim 65 wherein said step of saving electronic information to at least one electronic information storage system comprises saving electronic information to at least one cryptographic key management system responsive to said electronic information storage system.
  - 68. A method of securing electronic information as described in claim 1, 59, 60, 61, or 64 wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, cyphertext, at least one user identification, at least one password, and at least one random number.
  - 69. A method of securing electronic information as described in claims 1, 59, 60, 61, or 64 wherein said step of securing electronic information comprises securing electronic information in response to said step of providing acknowledgment as recited in claim 46.
  - 70. A method of securing electronic information as described in claims 1, 59, 6061, or 64 wherein said step of securing electronic information comprises securing electronic information in response to said step of providing acknowledgment as recited in claim 48.
  - 71. A method of securing electronic information as described in claim 1 wherein said step of securing said at least one cryptographic key comprises restricting access to said at least one cryptographic key to physical access.
  - 72. A method of securing electronic information as described in claim 71 wherein said step of restricting access to said key to physical access comprises restricting access to at least one cryptographic key management system.
  - 73. A method of securing electronic information as described in claim 71 wherein said step of restricting access to said key to physical access comprises restricting access to at least one electronic information storage system.
  - 74. A method of securing electronic information as described in claim 73 wherein said step of restricting access to at least one electronic information storage system comprises restricting access to at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 75. A method of securing electronic information as described in claim 71 wherein said step of restricting access comprises restricting access to said at least one cryptographic key to physical access by a client.
  - 76. A method of securing electronic information as described in claim 71 wherein said step of restricting access comprises restricting access to said key to physical access by at least one administrator.
  - 77. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to physical access.
  - 78. A method of securing electronic information as described in claim 77 wherein said step of restricting access to electronic information to physical access comprises restricting access to at least one cryptographic key management system.
  - 79. A method of securing electronic information as described in claim 77 wherein said step of restricting access to electronic information to physical access comprises restricting access to at least one electronic information storage system.
  - 80. A method of securing electronic information as described in claim 79 wherein said step of restricting access to at least one electronic information storage system comprises restricting access to at least one electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 81. A method of securing electronic information as described in claim 77 wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, cyphertext, at least one user identification, at least one password, and at least one random number.
  - 82. A method of securing electronic information as described in claim 81 wherein said step of restricting access comprises restricting access to electronic information to physical access by a client.
  - 83. A method of securing electronic information as described in claim 81 wherein said step of restricting access comprises restricting access to electronic information to physical access by at least one administrator.
  - 84. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to substantially simultaneous access requests.
  - 85. A method of securing electronic information as described in claim 84 wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, cyphertext, at least one user identification, at least one password, and at least one random number.
  - 86. A method of securing electronic information as described in claim 84 wherein said step of restricting access to electronic information to substantially simultaneous access requests comprises restricting access to substantially simultaneous access requests of a plurality of administrators.
  - 87. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to access requests providing system identification access.
  - 88. A method of securing electronic information as described in claim 87 wherein said step of restricting access to electronic information to access requests providing system identification access comprises restricting access to said electronic information to requests providing system identification selected from the group consisting of:
    - ticket, pointer, certificate, add-on module, and user information.
  - 89. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to an access request configured to at least two cryptographic keys.
  - 90. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to an access request identifying at least two cryptographic keys.
  - 91. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to an access request providing at least two cryptographic keys.
  - 92. A method of securing electronic information as described in claim 1 wherein said step of securing electronic information comprises restricting access to electronic information to an access request requesting at least two cryptographic keys.
  - 93. A method of securing electronic information as described in claims 89, 90, 91, or 92 wherein said step of restricting access to electronic information to an access request comprises restricting access to an access request of at least two substantially identical keys.
  - 94. A method of securing electronic information as described in claim 2 wherein said step of generating said at least one cryptographic key comprises generating at least one cryptographic key of at least one public-key algorithm.
  - 95. A method of securing electronic information as described in claim 94 wherein said step of generating at least one cryptographic key of at least one public-key algorithm comprises generating at least one public key and at least one private key.
  - 96. A method of securing electronic information as described in claim 2 wherein said step of generating said at least one cryptographic key comprises generating at least one cryptographic key of at least one symmetric algorithm.
  - 97. A method of securing electronic information as described in claim 96 wherein said step of generating at least one cryptographic key of at least one symmetric algorithm comprises generating at least one session key.
  - 98. Electronic information corresponding to said at least one cryptographic key according to the method of claim 1.
  - 99. Electronic information corresponding to said at least one cryptographic key according to the method of claim 1, wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, cyphertext, at least one user identification, at least one password, and at least one random number.

100. An electronic information securement system, comprising:
- at least one cryptographic key management system configured to confirm securing of a cryptographic key;
  
  wherein said electronic information securement system is enabled to perform a function in response to a confirmation from said at least one cryptographic key management system and is configured to secure electronic information.
- View Dependent Claims (101, 102, 103, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, 145, 146, 147, 148, 149, 150, 151, 152, 153, 154, 155, 156, 157, 158, 159, 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, 170, 171, 172, 184)
- - 101. An electronic information securement system as described in claim 100 wherein said at least one cryptographic key management system comprises at least one cryptographic key management system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 102. An electronic information securement system as described in claim 100 further comprising at least one client system communicatively coupled to said at least one cryptographic key management system.
  - 103. An electronic information securement system as described in claim 102 wherein said at least one client system comprises client system selected from the group consisting of:
    - a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a rom, a chip, software, and firmware.
  - 104. An electronic information securement system as described in claims 100 further comprising at least one electronic information storage system communicatively coupled to said at least one cryptographic key management system.
  - 105. An electronic information securement system as described in claim 104 wherein said at least one electronic information storage system comprises an electronic information storage system selected from the group consisting of:
    - a key management system, a key backup system, a key escrow, a key escrow agent, a cryptographic library, a key certification authority, a key distribution center, a key management center, a key arbitration center, a directory service, a database, a computer system, a terminal, a server, a network, a random number generator, a memory, a domain, a smart card, a read-only memory, a chip, software, and firmware.
  - 106. An electronic information securement system as described in claim 100 wherein said at least one cryptographic key management system is configured to generate at least one cryptographic key.
  - 107. An electronic information securement system as described in claim 102 wherein said at least one client system is configured to generate cryptographic keys.
  - 108. An electronic information securement system as described in claim 104 wherein said at least one electronic information storage system is configured to generate cryptographic keys.
  - 109. An electronic information securement system as described in claims 106, 107, or 108 wherein said at least one cryptographic key comprises at least one cryptographic key of at least one public key algorithm.
  - 110. An electronic information securement system as described in claim 109 wherein said at least one cryptographic key comprises at least one public key and at least one private key.
  - 111. An electronic information securement system as described in claims 106, 107, or 108 wherein said at least one cryptographic key comprises at least one cryptographic key of at least one symmetric algorithm.
  - 112. An electronic information securement system as described in claim 111 wherein said at least one cryptographic key comprises at least one session key.
  - 113. An electronic information securement system as described in claim 106 wherein said at least one cryptographic key management system is configured to confirm the generation of valid keys.
  - 114. An electronic information securement system as described in claim 107 wherein said at least one client system is configured to confirm the generation of valid keys.
  - 115. An electronic information securement system as described in claim 108 wherein said at least one electronic information storage system is configured to confirm the generation of valid keys.
  - 116. An electronic information securement system as described in claim 113 further comprising at least one defined cryptosystem to which said at least one cryptographic key management system is responsive, wherein said at least one cryptographic key management system is configured to confirm the generation of a key of said defined cryptosystem.
  - 117. An electronic information securement system as described in claim 114 further comprising at least one defined cryptosystem to which said at least one client system is responsive, wherein said at least one client system is configured to confirm the generation of a key of said defined cryptosystem.
  - 118. An electronic information securement system as described in claim 115 further comprising at least one defined cryptosystem to which said at least one electronic information storage system is responsive, wherein said at least one electronic information storage system is configured to confirm the generation of a key of said defined cryptosystem.
  - 119. An electronic information securement system as described in claim 100 wherein said at least one cryptographic key management system is configured to secure cryptographic keys.
  - 120. An electronic information securement system as described in claim 102 wherein said at least one client system is configured to secure cryptographic keys.
  - 121. An electronic information securement system as described in claim 104 wherein said at least one electronic information storage system is configured to secure cryptographic keys.
  - 122. An electronic information securement system as described in claim 100 further comprising at least one system identification to which said at least one cryptographic key management system is responsive and wherein said at least one cryptographic key management system is configured to associate said at least one system identification with at least one cryptographic key.
  - 123. An electronic information securement system as described in claim 122 wherein said at least one system identification comprises at least one user identification and password.
  - 124. An electronic information securement system as described in claim 122 wherein said at least one system identification comprises at least one system identification selected from the group consisting of:
    - a ticket, a pointer, a certificate, an add-on module, user information, and a random number.
  - 125. An electronic information securement system as described in claim 122 wherein said at least one system identification is generated by said at least one cryptographic key management system.
  - 126. An electronic information securement system as described in claim 122 wherein said at least one cryptographic key management system is configured to secure said at least one system identification.
  - 127. An electronic information securement system as described in claim 126 wherein said at least one cryptographic key management system is configured to save said at least one system identification.
  - 128. An electronic information securement system as described in claim 126 wherein said at least one cryptographic key management system is configured to encrypt said at least one system identification.
  - 129. An electronic information securement system as described in claims 122 or 126 wherein said at least one cryptographic key management system is user accessible to said at least one cryptographic key to a user providing said system identification.
  - 130. An electronic information securement system as described in claim 126 wherein said at least one cryptographic key management system is configured to confirm securing said at least one system identification and said electronic information securement system is enabled to perform a function in response to a confirmation from said at least one cryptographic key management system of securing said at least one system identification.
  - 131. An electronic information securement system as described in claim 130 wherein said function comprises a function selected from the group consisting of:
    - enabling the encryption of electronic information, enabling the decryption of electronic information, enabling the transfer of electronic information, enabling the saving of electronic information, enabling electronic information to be read, enabling electronic information to be rewritten, enabling electronic information to be created, and enabling electronic information to be manipulated.
  - 132. An electronic information securement system as described in claim 123 wherein said at least one cryptographic key management system compartmentally associates said at least one cryptographic key with electronic information.
  - 133. An electronic information securement system as described in claim 123 wherein said at least one cryptographic key management system compartmentally associates said at least one system identification with electronic information.
  - 134. An electronic information securement system as described in claim 102 wherein said at least one cryptographic key management system is configured to provide an acknowledgment of confirmation in response to said confirmation to said at least one client system.
  - 135. An electronic information securement system as described in claim 104 wherein said at least one cryptographic key management system is configured to provide an acknowledgment of confirmation in response to said confirmation to said at least one electronic information storage system.
  - 136. An electronic information securement system as described in claims 134 or 135 wherein said acknowledgment comprises at least one signal.
  - 137. An electronic information securement system as described in claim 100 wherein said function comprises a function selected from the group consisting of:
    - enabling the encryption of electronic information, enabling the decryption of electronic information, enabling the transfer of electronic information, enabling the saving of electronic information, enabling electronic information to be read, enabling electronic information to be rewritten, enabling electronic information to be created, and enabling electronic information to be manipulated.
  - 138. An electronic information securement system as described in claim 137 wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, ciphertexts, at least one user identification, at least one password, and at least one random number.
  - 139. An electronic information securement system as described in claim 137 wherein said function further comprises generating at least one cryptographic key.
  - 140. An electronic information securement system as described in claims 137, 138, or 139 wherein said function is a function of said at least one cryptographic key management system.
  - 141. An electronic information securement system as described in claims 137, 138, or 139 further comprising at least one client system and wherein said function is a function of said at least one client system.
  - 142. An electronic information securement system as described in claims 137, 138, or 139 further comprising at least one electronic information storage system and wherein said function is a function of said at least one electronic information storage system.
  - 143. An electronic information securement system as described in claims 100 or 137 wherein said at least one cryptographic key management system is configured to provide an acknowledgment of confirmation in response to said confirmation and wherein said system is enabled to perform said function in response to said acknowledgment.
  - 144. An electronic information securement system as described in claim 100 wherein said at least one cryptographic key management system is configured to secure electronic information.
  - 145. An electronic information securement system as described in claim 102 wherein said at least one client system is configured to secure electronic information.
  - 146. An electronic information securement system as described in claim 104 wherein said at least one electronic information storage system is configured to secure electronic information.
  - 147. An electronic information securement system as described in claims 144, 145, or 146 wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, ciphertexts, at least one user identification, at least one password, and at least one random number.
  - 148. An electronic information securement system as described in claim 145 wherein said at least one electronic information storage system is configured to secure electronic information to at least one cryptographic key management system responsive to said at least one electronic information storage system.
  - 149. An electronic information securement system as described in claim 119 wherein access to cryptographic keys secured to said at least one cryptographic key management system is restricted to physical access.
  - 150. An electronic information securement system as described in claim 120 wherein access to cryptographic keys secured to said at least one client system is restricted to physical access.
  - 151. An electronic information securement system as described in claim 121 wherein access to cryptographic keys secured to said at least one electronic information storage system is restricted to physical access.
  - 152. An electronic information securement system as described in claims 149, 150, or 151 wherein access to secured cryptographic keys is restricted to physical access by a client.
  - 153. An electronic information securement system as described in claims 149, 150, or 151 wherein access to secured cryptographic keys is restricted to physical access by an administrator.
  - 154. An electronic information securement system as described in claim 144 wherein access to electronic information secured to said at least one cryptographic key management system is restricted to physical access.
  - 155. An electronic information securement system as described in claim 145 wherein access to electronic information secured to said at least one client system is restricted to physical access.
  - 156. An electronic information securement system as described in claim 146 wherein access to electronic information secured to said at least one electronic information storage system is restricted to physical access.
  - 157. An electronic information securement system as described in claims 154, 155, or 156 wherein access to secured electronic information is restricted to physical access by a client.
  - 158. An electronic information securement system as described in claims 154, 155, or 156 wherein access to secured electronic information is restricted to physical access by an administrator.
  - 159. An electronic information securement system as described in claim 144 wherein access to electronic information secured to said at least one cryptographic key management system is restricted to substantially simultaneous access requests.
  - 160. An electronic information securement system as described in claim 145 wherein access to electronic information secured to said at least one client system is restricted to substantially simultaneous access requests.
  - 161. An electronic information securement system as described in claim 146 wherein access to electronic information secured to said at least one electronic information storage system is restricted to substantially simultaneous access requests.
  - 162. An electronic information securement system as described in claims 159, 160, or 161 wherein access to secured electronic information is restricted to substantially simultaneous access requests of a plurality of administrators.
  - 163. An electronic information securement system as described in claim 144 wherein access to electronic information secured to said at least one cryptographic key management system is restricted to system identification access.
  - 164. An electronic information securement system as described in claim 145 wherein access to electronic information secured to said at least one client system is restricted to system identification access.
  - 165. An electronic information securement system as described in claim 146 wherein access to electronic information secured to said at least one electronic information storage system is restricted to system identification access.
  - 166. An electronic information securement system as described in claims 163, 164, or 165 wherein system identification access comprises access selected from the group consisting of:
    - user identification and password access, ticket access, pointer access, certificate access, add-on module access, user information access, and random number access.
  - 167. An electronic information securement system as described in claim 144 wherein access to electronic information secured to said at least one cryptographic key management system is restricted to an access request providing at least two cryptographic keys.
  - 168. An electronic information securement system as described in claim 145 wherein access to electronic information secured to said at least one client system is restricted to an access request providing at least two cryptographic keys.
  - 169. An electronic information securement system as described in claim 146 wherein access to electronic information secured to said at least one client system is restricted to an access request providing at least two cryptographic keys.
  - 170. An electronic information securement system as described in claims 167, 168, or 169 wherein said at least two cryptographic keys comprises at least two substantially identical keys.
  - 171. Electronic information corresponding to said at least one cryptographic key according to the system of claim 100.
  - 172. Electronic information corresponding to said at least one cryptographic key according to the system of claim 100, wherein electronic information comprises information selected from the group consisting of:
    - data, at least one signal, electronic communication, at least one computer file, at least one cryptographic key, plaintext, cyphertext, at least one user identification, at least one password, and at least one random number.
  - 184. A method of cryptographic key management as described in claims 171 wherein said step of enabling a function responsive to said step of confirming comprises enabling a function selected from the group consisting of:
    - enabling the encryption of electronic information, enabling the decryption of electronic information, enabling the transfer of electronic information, enabling the saving of electronic information, enabling electronic information to be read, enabling electronic information to be rewritten, enabling electronic information to be created, and enabling electronic information to be manipulated.

173. A method of cryptographic key management, comprising the steps of:
- securing at least one cryptographic key;
  
  confirming said step of securing; and
  
  enabling a function responsive to said step of confirming.
- View Dependent Claims (174, 175, 176, 177, 178, 179, 180, 181, 182, 183)
- - 174. A method of cryptographic key management as described in claim 173 wherein said step of confirming said step of securing is provided by at least one cryptographic key management system.
  - 175. A method of cryptographic key management as described in claim 173, further comprising the steps of associating said at least one cryptographic key with electronic information and securing said electronic information.
  - 176. A method of cryptographic key management as described in claim 175 wherein securing electronic information comprises encrypting electronic information.
  - 177. A method of cryptographic key management as described in claim 175 wherein said step of securing electronic information comprises transferring electronic information.
  - 178. A method of cryptographic key management as described in claim 175 wherein said step of securing electronic information comprises saving electronic information.
  - 179. A method of cryptographic key management as described in claim 175 wherein said step of securing electronic information comprises restricting access to electronic information to physical access.
  - 180. A method of cryptographic key management as described in claims 173 or 175 wherein said step of securing said at least one cryptographic key comprises encrypting said key.
  - 181. A method of cryptographic key management as described in claims 173 or 175 wherein said step of securing said at least one cryptographic key comprises transferring said key.
  - 182. A method of cryptographic key management as described in claims 173 or 175 wherein said step of securing said at least one cryptographic key comprises saving said key.
  - 183. A method of cryptographic key management as described in claims 173 or 175 wherein said step of securing said at least one cryptographic key comprises restricting access to said key to physical access.

185. A cryptographic key management system configured to confirm the securing of at least one cryptographic key;
- wherein said cryptographic key management system is configured to enable a function in response to a confirmation of the securing of said at least one cryptographic key.

186. A method of cryptography, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing; and
  
  securing said electronic information.
- View Dependent Claims (187, 188, 189, 190, 191, 192, 193, 194, 195, 196, 197)
- - 187. A method of cryptography as described in claim 186 wherein said step of confirming said step of securing is provided by at least one cryptographic key management system.
  - 188. A method of cryptography as described in claim 186, further comprising the steps of associating said at least one cryptographic key with electronic information and securing said electronic information.
  - 189. A method of cryptography as described in claim 188 wherein securing electronic information comprises encrypting electronic information.
  - 190. A method of cryptography as described in claim 188 wherein said step of securing electronic information comprises transferring electronic information.
  - 191. A method of cryptography as described in claim 188 wherein said step of securing electronic information comprises saving electronic information.
  - 192. A method of cryptography as described in claim 188 wherein said step of securing electronic information comprises restricting access to electronic information to physical access.
  - 193. A method of cryptography as described in claims 186 or 188 wherein said step of securing said at least one cryptographic key comprises encrypting said key.
  - 194. A method of cryptography as described in claims 186 or 188 wherein said step of securing said at least one cryptographic key comprises transferring said key.
  - 195. A method of cryptography as described in claims 186 or 188 wherein said step of securing said at least one cryptographic key comprises saving said key.
  - 196. A method of cryptography as described in claims 186 or 188 wherein said step of securing said at least one cryptographic key comprises restricting access to said key to physical access.
  - 197. A method of cryptography as described in claims 186 further comprising the step of enabling a function in response to said step of confirming, wherein said step of enabling a function responsive to said step of confirming comprises enabling a function selected from the group consisting of:
    - enabling the encryption of electronic information, enabling the decryption of electronic information, enabling the transfer of electronic information, enabling the saving of electronic information, enabling electronic information to be read, enabling electronic information to be rewritten, enabling electronic information to be created, and enabling electronic information to be manipulated.

198. A cryptography system, comprising:
- at least one cryptographic key management system configured to confirm securing at least one cryptographic key;
  
  wherein said cryptography system is enabled to secure electronic information in response to a confirmation from said at least one cryptographic key management system.

199. An electronic information securement system, comprising:
- a client system;
  
  a cryptographic key management system communicatively coupled to said client system and configured to confirm securing of at least one cryptographic key; and
  
  an electronic information storage system communicatively coupled to said client system and said cryptographic key management system;
  
  wherein at least one of said client system and said electrical information storage system are responsive to a confirmation from said cryptographic key management system.

200. A method of securing electronic information, comprising the steps of:
- securing at least one cryptographic key;
  
  confirming by a cryptographic key management system said step of securing;
  
  providing a response of at least one of said client system and said electronic information storage system responsive to said step of confirming; and
  
  securing electrical information.
- View Dependent Claims (201, 202, 203, 204, 205, 206)
- - 201. A method of securing electronic information as described in claim 200 wherein said step of securing said at least one key is provided by said cryptographic key management system.
  - 202. A method of securing electronic information as described in claims 200 or 201 wherein said step of providing a response comprises securing electronic information.
  - 203. A method of securing electronic information as described in claims 200 or 201 wherein said step of providing a response comprises securing said at least one cryptographic key.
  - 204. A method of securing electronic information as described in claim 203 wherein said step of providing a response comprises securing said at least one cryptographic key.
  - 205. A method of securing electronic information as described in claim 200 wherein said step of confirming c confirming by a separate cryptographic key management system said step of securing.
  - 206. A method of securing electronic information as described in claim 205 wherein said step of confirming c confirming by a remote cryptographic key management system said step of securing.

207. An electronic information securement system, comprising:
- a client system;
  
  a electronic information storage system communicatively coupled to said client system; and
  
  a separate cryptographic key management system communicatively coupled to said client system and said electronic information storage system.
- View Dependent Claims (208, 209)
- - 208. An electronic information securement system as described in claim 207 wherein said separate cryptographic key management system comprises a remote cryptographic key management system.
  - 209. An electronic information securement system as described in claim 207 wherein said separate cryptographic key management system is configured to restrict access to cryptographic keys to physical access.

210. A method of securing electronic information, comprising the steps of:
- securing at least one cryptographic key;
  
  separately confirming said step of securing; and
  
  securing electronic information responsive to said step of confirming.
- View Dependent Claims (211, 212)
- - 211. A method of securing electronic information as described in claim 210 wherein said step of separately confirming said step of securing comprises remotely confirming said step of confirming.
  - 212. A method of securing electronic information as described in claim 210 wherein said step of securing comprises restricting access to said at least one cryptographic key to physical access.

213. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling the encryption of electronic information responsive to said step of confirming; and
  
  securing electronic information.

214. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling the decryption of electronic information responsive to said step of confirming; and
  
  securing electronic information.

215. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling the transfer of electronic information responsive to said step of confirming; and
  
  securing electronic information.

216. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling the saving of electronic information responsive to said step of confirming; and
  
  securing electronic information.

217. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling electronic information to be read responsive to said step of confirming; and
  
  securing electronic information.

218. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling electronic information to be rewritten responsive to said step of confirming; and
  
  securing electronic information.

219. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling electronic information to be created responsive to said step of confirming; and
  
  securing electronic information.

220. A method of securing electronic information, comprising the steps of:
- associating at least one cryptographic key with electronic information;
  
  securing said at least one cryptographic key;
  
  confirming said step of securing;
  
  enabling electronic information to be manipulated responsive to said step of confirming, and securing electronic information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SaveItSafe, LLC
Original Assignee
No Magic Incorporated (Dassault Systemes SA)
Inventors
Duncanson, Paul T Jr.

Granted Patent

US 8,929,552 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 21/6209   to a single file or object,...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 9/083   involving central third par...

H04L 9/0861   Generation of secret inform...

Electronic information and cryptographic key management system

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

220 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic information and cryptographic key management system

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

220 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links