Information security – Prevention of unauthorized use of data including prevention... – Access control
Reexamination Certificate
2011-01-18
2011-01-18
Korzuch, William R (Department: 2431)
Information security
Prevention of unauthorized use of data including prevention...
Access control
C380S030000, C380S264000, C380S277000, C380S278000, C380S279000, C380S281000, C380S282000, C380S286000, C726S029000, C726S031000, C709S207000, C709S204000, C709S206000, C713S171000, C713S172000, C713S168000, C713S176000
Reexamination Certificate
active
07874010
ABSTRACT:
One embodiment of the present invention provides a system that manages secret keys for messages. During operation, the system receives a desired expiration time T from an encrypter, and possibly a nonce N, at a server that manages keys. If N is not sent by the encrypter, it is generated by a key managing server. Next, the system chooses a secret ST, with an expiration time close to T, and an identifier IDSfrom a database for which secret STcan be retrieved using the identifier IDS. If such an STis not already in the database, the server generates a new STand IDS. The system then calculates a hash H=h(N,ST), and sends H and IDSfrom the server to the encrypter. The encrypter then encrypts M with H to form {M}H, and communicates ({M}H, N, IDS) to a message reader. The message reader then sends N and IDSto the server. The server then uses IDSto lookup ST, recalculates H=h(N,ST), and sends H to the message reader, thereby enabling the message reader to decrypt {M}H to obtain M. Note that by using the secret STassociated with the expiration time T and the nonce N, the server is able to reconstruct the secret key H for the message M without having to maintain per-message state information.
REFERENCES:
patent: 6363480 (2002-03-01), Perlman
patent: 6539479 (2003-03-01), Wu
patent: 6625734 (2003-09-01), Marvit et al.
patent: 6948065 (2005-09-01), Grawrock
patent: 7240214 (2007-07-01), Gazzetta et al.
patent: 2001/0055388 (2001-12-01), Kaliski, Jr.
patent: 2002/0136410 (2002-09-01), Hanna
patent: 2002/0191797 (2002-12-01), Perlman
patent: 2003/0200433 (2003-10-01), Stirbu
patent: 2003/0233541 (2003-12-01), Fowler et al.
patent: 2004/0083297 (2004-04-01), Gazzetta et al.
Omniva Policy Systems “Electronic Document Retention: Reducing Potential Liability for Email” by Michael R. Overly.
Omniva Policy Manager “Technical White Paper” Jan. 2004.
Korzuch William R
Oracle America Inc.
Park Vaughan Fleming & Dowler LLP
Wright Bryan
LandOfFree
Method and apparatus for using secret keys to make data... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for using secret keys to make data..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for using secret keys to make data... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2702952