Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
1998-10-13
2002-05-14
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C713S166000, C713S193000
Reexamination Certificate
active
06389535
ABSTRACT:
TECHNICAL FIELD
This invention relates to systems and methods that provide central services for encrypting core data secrets such as passwords, cryptographic keys, and sensitive personal or financial codes.
BACKGROUND OF THE INVENTION
Increasingly, financial and other sensitive transactions are being performed by personal computers. This has increased the need for secure storage of data. Modem cryptography techniques are often used to protect such data from unauthorized access.
New security methods, however, have brought about a need to store and protect “core” data secrets, such as private cryptographic keys, credit card numbers, and other small pieces of secret data. In many cases, this responsibility is left to individual application programs or to personal computer users themselves. Although programs are available that allow users to encrypt and store data, such programs cannot typically be used by other application programs. Currently, each application program has to devise a safe and secure method to store such data.
The invention described below solves this problem by providing a set of services that encrypt supplied data with minimal supervision by calling application programs, and with minimal participation by users.
SUMMARY OF THE INVENTION
The invention described below provides central data protection services that can be called by application programs to encrypt core secrets. An embodiment of the invention is implemented as a server process and an associated interface that can be invoked by application programs to store and retrieve small data items. One or more encryption providers can be installed for operation in conjunction with the server process. Each encryption provider is adapted to encrypt data in accordance with some predefined method, potentially utilizing newly-developed security-related hardware such as smart cards. Details of the encryption mechanism and process are hidden from the calling application programs.
A default encryption provider is provided. The default encryption provider uses cryptographic services provided by the Win32 API which is part of the Windows brand operating systems. In addition, the default provider authenticates users based on a previous network logon. Furthermore, actual encryption is based on the user's logon password or some other secret supplied during network logon. Because of this, the user is not required to enter any further password when actual encryption or decryption takes place.
Application programs interact with the storage server through well-defined interfaces. A data item can be stored with a simple call to the storage server, and can be retrieved later with a similar call. All encryption, decryption, item integrity checks, and user authentication are performed by the server and its associated providers. Because of this, application programs can take advantage of advanced security features without adding complexity to the application programs themselves.
The default encryption provider implements a multi-level key encryption scheme to minimize the amount of encryption that has to be re-done when the user changes a password. Each data item is encrypted using an item key that is generated randomly by the system. The item key is in turn encrypted with a master key that is itself encrypted (as described below) with a key derived from the user-supplied password (such as the user's logon password). Information required to reconstruct these keys is escrowed between the local computer and a domain controller, for recovery of the keys in the case that the user's password is lost or is changed.
The default encryption provider implements functions in addition to basic encryption and decryption. For example, the provider accepts an optional userreadable data description which is encrypted and packaged with the encrypted data itself.
The default encryption provider also has a high-security mode that can be requested by application programs. In this mode, the encryption provider prompts the user to enter a special key combination to invoke a secure operating system mode. This operating system mode cannot be initiated programmatically, and therefore cannot be invoked by hostile application programs. Once in the secure operating system mode, the user is given another prompt. A response by the user exits the secure operating system mode and serves to authorize the requested encryption or decryption. Both of these prompts have customizable visual characteristics so that a user can detect when a hostile program attempts to emulate such prompts.
REFERENCES:
patent: 4747139 (1988-05-01), Taafe
patent: 5689565 (1997-11-01), Spies et al.
patent: 5841870 (1998-11-01), Fieres et al.
patent: 6011847 (2000-01-01), Follendore
patent: 6023506 (2000-02-01), Ote et al.
patent: 0 442 839 (1991-01-01), None
patent: 0 456 386 (1991-04-01), None
patent: 0 717 339 (1995-11-01), None
patent: 0 820 017 (1997-03-01), None
The Open Group, Common Security: CDSA and CSSM, 1997, Document No.: C707, Chs. 1 and 2.*
John H. Wilson, CDSA Update (Common Data Security Architecture), Intel, p. 12.
Cooper Allan
Field Scott
Thomlinson Matthew W.
Lee & Hayes PLLC
Microsoft Corporation
Peeso Thomas R.
LandOfFree
Cryptographic protection of core data secrets does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Cryptographic protection of core data secrets, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Cryptographic protection of core data secrets will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2850641