Information security – Access control or authentication – Network
Reexamination Certificate
2011-06-28
2011-06-28
Gee, Jason K (Department: 2434)
Information security
Access control or authentication
Network
C726S007000, C713S168000
Reexamination Certificate
active
07971234
ABSTRACT:
The invention provides an authentication scheme that allows networked devices to establish trust in connection with the exchange of keys pursuant to an asymmetrical cryptographic technique, such as Diffie-Hellman. The invention provides a technique, referred to as offline key establishment, that establishes a trust relationship between two networked devices that use Diffie-Helman. Offline key sharing provides for the exchange of authentication information using a separate channel which, in the preferred embodiment does not constitute an IP connection. Thus, while communications between networked devices may ultimately proceed via a network connection, trust between the networked devices is established via a separate, offline channel, such as a telephone call or email message. The use of offline key establishment allows for such features as one way key sharing; and addresses situations where one party to the exchange does not want to share all of his keys, but just one or two keys.
REFERENCES:
patent: 1310719 (1919-07-01), Vernam
patent: 4262329 (1981-04-01), Bright et al.
patent: 4558176 (1985-12-01), Arnold et al.
patent: 4757533 (1988-07-01), Allen et al.
patent: 5185717 (1993-02-01), Mori
patent: 5235641 (1993-08-01), Nozawa
patent: 5265159 (1993-11-01), Kung
patent: 5677952 (1997-10-01), Blakley, III et al.
patent: 5687237 (1997-11-01), Naclerio
patent: 5870468 (1999-02-01), Harrison
patent: 5931947 (1999-08-01), Burns
patent: 5933498 (1999-08-01), Schneck et al.
patent: 5940507 (1999-08-01), Cane
patent: 6073237 (2000-06-01), Ellison
patent: 6134660 (2000-10-01), Boneh et al.
patent: 6212600 (2001-04-01), Friedman et al.
patent: 6249866 (2001-06-01), Brundrett
patent: 6345101 (2002-02-01), Shukla
patent: 6356941 (2002-03-01), Cohen
patent: 6405315 (2002-06-01), Burns et al.
patent: 6414884 (2002-07-01), DeFelice et al.
patent: 6507911 (2003-01-01), Langford
patent: 6550011 (2003-04-01), Sims, III
patent: 6625734 (2003-09-01), Marvit et al.
patent: 6735693 (2004-05-01), Hamlin
patent: 6754827 (2004-06-01), Cane et al.
patent: 6839437 (2005-01-01), Crane et al.
patent: 6857076 (2005-02-01), Klein
patent: 6915435 (2005-07-01), Merriam
patent: 6993661 (2006-01-01), Garfinkel
patent: 7003674 (2006-02-01), Hamlin
patent: 7020779 (2006-03-01), Sutherland
patent: 7093127 (2006-08-01), McNulty et al.
patent: 7096355 (2006-08-01), Marvit et al.
patent: 7215771 (2007-05-01), Hamlin
patent: 7240197 (2007-07-01), Yamagami et al.
patent: 7260724 (2007-08-01), Dickinson et al.
patent: 2002/0019935 (2002-02-01), Andrew et al.
patent: 2003/0028765 (2003-02-01), Cromer et al.
patent: 2004/0030668 (2004-02-01), Pawlowski et al.
patent: 2004/0073795 (2004-04-01), Jablon
patent: 2006/0090067 (2006-04-01), Edmonds et al.
Anderson et al., “The Steganographic File System,” Information Hiding, Second International Workshop, IH '98 Portland, Oregon. USA, Apr. 14-17, 1998, Proceedings, pp. 73-82, 1998.
Antonelli, et al., “The Packet Vault: Secure Storage of Network Data,” CITI Technical Report 98-5, pp. 1-15, Jun. 25, 1998.
Blaze, “Oblivious Key Escrow,” Information Hiding, First International Workshop, Cambridge, UK, May 3D-Jun. 1, 1996, Proceedings, pp. 335-343, 1996.
Blaze, “A cryptographic File System for Unix,” Proceedings of the First ACM Conference on Computer and Communications Security, pp. 9-16 (1993).
Blaze, “Key Management in an Encrypting File System,” USENIX Summer 1994 Technical Conference, pp. 27-35, (Jun. 6-10, 1994).
Boneh, et al., “A Revocable Backup System,” In Proceedings 6th USENIX Security Conference, pp. 91-96, 1996.
Cattaneo, et al. “The Design and Implementation of a Transparent Cryptographic Filesystem for UNIX,” Proceedings of The FREENIX Track: 2001 UNIX Annual Technical Conference. pp. 199-212 (Jun. 25-30, 2001).
Christy, et al., “Mechanism for Secure Off-Site Computer Access,” IBM Technical Disclosure Bulletin. pp. 6754-6756. Apr. 1985.
Clark, “Physical Protection of Cryptographic Devices,” Lecture Notes in Computer Science. Advances in Cryptology—Eurocrypt '87, pp. 83-93 (Apr. 13-15, 1987).
Coleman et al., “Mass Storage System Reference Manual: Version 4,” Technical Committee on Mass Storage Systems and Technology, IEEE, pp. 1-38, May 1990.
Comba, “Approaches to Cryptographic Key Management,” Symposium on Applied Computing. Proceedings of the Northeast ACM Symposium on Personal Computer Security, pp. 38-45 (1986).
Denning, “Cryptography and Data Security,” Addison-Wesley Publishing Co., pp. 164-169 and 179, 1982.
Di Crescenzo, et al., “How to Forget a Secret (Extended Abstract),” 16th Annual Symposium on Theoretical Aspects of Computer Science, pp. 500-509 (Mar. 4-6, 1999).
Dietrich, “Security Enclosure With Elastomeric Contact Stripes,” IBM Technical Disclosure Bulletin, pp. 444-445, Feb. 1991.
“Disappearing Inc. Makes Old Email Vanish Everywhere; Reduces Corporate Liability as well as Improves Corporate Productivity by Enabling Sensitive Communications via Email-Company Business and Marketing,” Edge: Work-Group Computing Report, http://findarticles.com/p/articJes/mLmOWUB/is—1999—0cU 1/aL 56260487/print (Oct. 11, 1999).
Double, “Encryption Key Security by Electric Field Destruction of Memory Cells,” IBM Technical Disclosure Bulletin, pp. 8-11, Jan. 1989.
FIPS Pub 74, “Federal Information Processing Standards Publication 1981 Guidelines for Implementing and Using the NBS Data Encryption Standard,” Federal Information Processing Standards Publication 74, National Institute of Standards and Technology, Apr. 1, 1981, 39 pages.
FIPS Pub 140-1, “Security Requirements for Cryptographic Modules,” Federal Information Processing Standards Publication 140-1, National Institute of Standards and Technology, Jan. 11, 1994, 44 pages.
Flavin, et al., “Data Protection on Magnetic Media Via an Encrypting Controller,” IBM Technical Disclosure Bulletin, vol. 3D, No. 3, pp. 1284-1285 (Aug. 1987).
Garfinkel, S., “PGP: Pretty Good Privacy,” O'Reilly & Associates, pp. 43 and 65-67, Jan. 1995.
Garfinkel, S., “PGP: Pretty Good Privacy,” O'Reilly & Associates, pp. 54-55, 151-153, Jan. 1995.
Garfinkel, S., “Omniva's Self-Destructing Email,” Web Security, Privacy and Commerce, Second Edition, O'Reilly & Associates, Inc., Sebastopol, CA, pp. 280-283, Jan. 2002.
Gobioff, Howard, et al., “Security for Networked Attached Storage Devices,” Carnegie Mellon University Computer Science Technical Report CMU-CS-97-185, Oct. 1997, 20 pages.
Gobioff, Howard, “Security for a High Performance Commodity Storage Subsystem,” Carnegie Mellon University Computer Science Technical Report CMU-CS-99-160, Jul. 1999, 222 pages.
Gobioff, Howard, et al., “Smart Cards in Hostile Environments,” Proceedings of the Second USENIX Workshop on Electronic Commerce, pp. 23-28 (Nov. 18-21. 1996).
Graham, et al, “Data Protection at the Volume Level,” IBM Technical Disclosure Bulletin, pp. 146-148, Oct. 1988.
Gutmann, “Secure Deletion of Data from Magnetic and Solid-State Memory,” Proceedings of the Sixth Annual USENIX Security Symposium: Focusing on Applications of Cryptography, pp. 7-89 (Jul. 22-25, 1996).
Hwang, et al., “An Access Control Scheme Based On Chinese Remainder Theorem and Time Stamp Concept,” Computers & Security, vol. 15. No. 1. pp. 73-81, 1996.
IBM Crypto Server Management General Information Manual, First Edition (May 2000), 16 pages.
IBM SecureWay Cryptographic Products IBM 4758 PCI Cryptographic Coprocessor Installation Manual, Security Solutions and Technology Department, Second Edition (Mar. 2000), 34 pages.
IBM Integrated Cryptographic Coprocessors for IBM eServer zSeries 900 and for IBM S/390 Servers (Data sheet), 2000, 4 pages.
IBM SecureWay, UltraCypher Cryptographic Engine (Datas
Chang Lawrence
Silberman Joshua
Subramanian Ananthan
Sussland Robert
Cesari and McKenna LLP
Gee Jason K
NetApp, Inc.
LandOfFree
Method and apparatus for offline cryptographic key... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for offline cryptographic key..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for offline cryptographic key... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2670145