Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
2002-03-28
2008-03-11
Sheikh, Ayaz (Department: 2131)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
C713S164000, C713S165000, C713S190000, C380S044000, C726S026000, C711S163000
Reexamination Certificate
active
07343493
ABSTRACT:
A method for restricting access to an encryption key of an encrypted file system (EFS), whereby access is provided only when a computer system is booted in a trusted state. The EFS encrypts the files within a TPM chip according to TCPA specifications and simultaneously creates the encryption key, which is also stored in the TPM. The key is sealed to one or more platform control register (PCR) states (i.e., the TPM will export the key only when the PCRs are in a pre-defined state.). The original PCR states are modified during boot up of the computer system via a secure hashing algorithm, which extends a value of one PCR to a next PCR at each stage of the boot process and then hashes the value with the remaining content of the next PCR. When the system boot process is completed and before control passes to the user, the values within the PCRs are compared to values stored in a PCR table within the TPM, and the encryption key is exported to the OS kernel only when the PCR values match the table values. The control code of the TPM chip decrypts and exports the key only if the value of each and every PCR matches its corresponding table value. A complete match indicates that the computer system has completed a trusted boot sequence.
REFERENCES:
patent: 5319705 (1994-06-01), Halter et al.
patent: 5495533 (1996-02-01), Linehan et al.
patent: 5533125 (1996-07-01), Bensimon et al.
patent: 5721777 (1998-02-01), Blaze
patent: 5937063 (1999-08-01), Davis
patent: 6012145 (2000-01-01), Mathers et al.
patent: 6141774 (2000-10-01), Mattheis
patent: 6144744 (2000-11-01), Smith et al.
patent: 6249866 (2001-06-01), Brundrett et al.
patent: 7082615 (2006-07-01), Ellison et al.
patent: 2002/0019935 (2002-02-01), Andrew et al.
Trusted Computing Platform Alliance (FCPA), Main Specification Version 1.0, 2000, Campaq, HP, IBM, Intel, Microsoft.
Challener David Carroll
Safford David Robert
Abrishamkar Kaveh
Dillon & Yudell LLP
Lenovo ( Singapore) Pte. Ltd.
Munoz-Bustamante Carlos
Sheikh Ayaz
LandOfFree
Encrypted file system using TCPA does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Encrypted file system using TCPA, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Encrypted file system using TCPA will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3975169