Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
2005-09-20
2005-09-20
Vu, Kim (Department: 2135)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S152000, C713S187000, C713S193000, C380S028000
Reexamination Certificate
active
06948064
ABSTRACT:
Public key security control (PKSC) is provided for a cryptographic module by means of digitally signed communications between the module and one or more authorities with whom it interacts. Authorities interact with the crypto module by means of unsigned queries seeking nonsecret information or signed commands for performing specified operations. Each command signed by an authority also contains a transaction sequence number (TSN), which must match a corresponding number stored by the crypto module for the authority. The TSN for each authority is initially generated randomly and is incremented for each command accepted from that authority. A signature requirement array (SRA) controls the number of signatures required to validate each command type. Upon receiving a signed command from one or more authorities, the SRA is examined to determine whether a required number of authorities permitted to sign the command have signed the command for each signature requirement specification defined for that command type. A command requiring multiple signatures is held in a pending command register (PCR) while awaiting the required cosignatures. The crypto module also stores a single crypto module signature sequence number (CMSSN) which it increments for each reply to any authority to enable one authority to determine whether any other authority has communicated with the module.
REFERENCES:
patent: 4405829 (1983-09-01), Rivest et al.
patent: 4747139 (1988-05-01), Taaffe
patent: 4755940 (1988-07-01), Brachtl et al.
patent: 5537642 (1996-07-01), Glowny et al.
patent: 5572590 (1996-11-01), Chess
Bruce Schneier, Applied CryptographyJohn Wiley Oct. 1995, pp. 34-37, 58-59.
“Applied Cryptography” Second Edition, Protocols, Algorithms and Source Code in C, by B. Schneier, 1996, pp. 466-471.
“Efficient Methods for Two Party Entity Authentication and Key Exchange in a High Speed Environment” by E. Basturk et al., IBM Technical Disclosure Bulletin, vol. 38, No. 03, Mar. 1995.
“Message Replay Prevention Using A Previously Transmitted Random Number To Sequence The Messages” by W. C. Martin, IBM Technical Disclosure Bulletin, vol. 27, No. 3, Aug. 1984.
“Personal Verification and Message Authentication Using Personal Keys” by R. E. Lennon et al., IBM Technical Disclosure Bulletin, vol. 24, No. 12, May 1982.
“SNA Bind Security Enhancement” by R. E. Lennon et al., IBM Technical Disclosure Bulletin, vol. 26, No. 10A, Mar. 1984.
“Transaction Incrementing Message Authentication Key” by W. D. Hopkins, IBM Technical Disclosure Bulletin, vol. 26, No. 1, Jun. 1983.
D'Avignon Edward J.
DeBellis Robert S.
Easter Randall J.
Green Lucina L.
Kelly Michael J.
Kinnaman, Jr. William A.
Truong Thanhnga
Vu Kim
LandOfFree
Method and apparatus for providing public key security... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for providing public key security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for providing public key security... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3410092