WO1996005673A1 - System and method for key escrow and data escrow encryption - Google Patents
System and method for key escrow and data escrow encryption Download PDFInfo
- Publication number
- WO1996005673A1 WO1996005673A1 PCT/US1995/010221 US9510221W WO9605673A1 WO 1996005673 A1 WO1996005673 A1 WO 1996005673A1 US 9510221 W US9510221 W US 9510221W WO 9605673 A1 WO9605673 A1 WO 9605673A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- user
- drc
- ari
- access
- drf
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 97
- 238000012795 verification Methods 0.000 claims abstract description 34
- 238000011084 recovery Methods 0.000 claims abstract description 22
- 238000004891 communication Methods 0.000 claims description 46
- 238000013475 authorization Methods 0.000 claims description 12
- 102100038509 E3 ubiquitin-protein ligase ARIH1 Human genes 0.000 claims description 11
- 101150021453 ARI1 gene Proteins 0.000 claims description 3
- 101150107506 ARIH2 gene Proteins 0.000 claims description 3
- 102100038513 E3 ubiquitin-protein ligase ARIH2 Human genes 0.000 claims description 3
- 101150076105 ari-2 gene Proteins 0.000 claims description 3
- 101150009632 prx2 gene Proteins 0.000 claims description 3
- 239000003795 chemical substances by application Substances 0.000 description 45
- 208000019300 CLIPPERS Diseases 0.000 description 31
- 208000021930 chronic lymphocytic inflammation with pontine perivascular enhancement responsive to steroids Diseases 0.000 description 31
- 230000008569 process Effects 0.000 description 28
- 230000004044 response Effects 0.000 description 16
- 238000012360 testing method Methods 0.000 description 15
- 229920003266 Leaf® Polymers 0.000 description 13
- 241000962514 Alosa chrysochloris Species 0.000 description 11
- 238000010586 diagram Methods 0.000 description 11
- 238000013478 data encryption standard Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 239000000284 extract Substances 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 8
- 238000004590 computer program Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 7
- 230000008901 benefit Effects 0.000 description 6
- 238000013461 design Methods 0.000 description 6
- 238000007726 management method Methods 0.000 description 6
- 230000003993 interaction Effects 0.000 description 5
- 150000001875 compounds Chemical class 0.000 description 4
- 238000010276 construction Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 3
- 238000001514 detection method Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000015654 memory Effects 0.000 description 3
- 238000004366 reverse phase liquid chromatography Methods 0.000 description 3
- 230000009471 action Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000008520 organization Effects 0.000 description 2
- 230000035755 proliferation Effects 0.000 description 2
- 238000012552 review Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000003111 delayed effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 238000003306 harvesting Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000000973 laser-enhanced atomic fluorescence spectroscopy Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- ZRHANBBTXQZFSP-UHFFFAOYSA-M potassium;4-amino-3,5,6-trichloropyridine-2-carboxylate Chemical compound [K+].NC1=C(Cl)C(Cl)=NC(C([O-])=O)=C1Cl ZRHANBBTXQZFSP-UHFFFAOYSA-M 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000000135 prohibitive effect Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Definitions
- the present invention relates generally to data encryption, and more particularly to key escrow and data escrow encryption.
- Skipjack The Presidential announcement characterized the Skipjack algorithm as being “significantly stronger than those currently available to the public. " The hardware implementation of Skipjack would also include a capability called “key escrow” which allows the government to recover the keys used for data encryption.
- the integrated circuit chip which implements the Skipjack algorithm is called the “Clipper chip” and/or the “Capstone chip” .
- the Clipper initiative attempts to preserve the ability of law enforcement and national security to intercept and exploit the contents of communications while providing law-abiding citizens with an encryption system much stronger than any now available to them.
- Key escrow adds to products that implement cryptography features that allow authorized parties to retrieve the keys for encrypted communications and then decrypt the communications using such keys.
- keys for each encryption device are mathematically divided into two halves (each equal in length to the original key) and the halves are held by two separate escrow agents. Both escrow agents must cooperate (to regenerate the original key) before the communications from a given device can be decrypted.
- the escrow agents are government agencies who require assurance that the law enforcement agency requesting the keys has a court order authorizing a wiretap for the communications in question.
- Law enforcement and national security agencies are concerned that growing use of encrypted communications will impair their ability to use court-ordered wiretapping to solve crimes and prevent acts of terrorism. Widespread use of key escrow cryptography would preserve this ability for these agencies, while providing the public with the benefits of good quality cryptography. In the case of law enforcement and national security, government escrow agents provide access to communications when authorized by a court order.
- the Clipper initiative focuses on the first of the four applications for key escrow cited above.
- the Clipper initiative couples the introduction of key escrow with the introduction of Skipjack, a new classified encryption algorithm much stronger than the unclassified DES.
- the "single rogue user” scenario constitutes a test for a key escrow system.
- a successful key escrow system (hardware or software) should prevent a single rogue user from exploiting the cryptography in the escrowed product, and from defeating or bypassing the product's key escrow features, while still enabling secure communication with other users (products) that believe that they and the rogue user are implementing the escrow features correctly.
- the "Clipper” chip addresses the "single rogue user” by embedding the key for each individual communication session in a Law Enforcement Access Field (LEAF) that is encrypted under a secret key (the Family Key) that is common to all "Clipper" chips, the embedded information includes a checksum that depends on the session key.
- LEAF Law Enforcement Access Field
- the receiving "Clipper” chip also holds the Family Key; thus, it can decrypt the LEAF and verify that the checksum is the correct one for the current session key (which both chips must share in private for communication to be successful and secure). All "Clipper" chips share the embedded Family Key and rely on the temperproof hardware of the chip to protect the Family key from disclosure.
- Classified encryption algorithms are often considered much stronger than those in the public domain since the algorithms used to protect government classified information are classified. But because they are not available for public review, suggestions that classified algorithms be used to protect unclassified information are suspect due to the possible existence of unknown deliberate trapdoors or unintentional flaws. While DES was initially viewed with suspicion by some, it was subject to intense public scrutiny and its principal strength now is that even after fifteen years, no serious flaw has been found.
- Key escrow techniques as such do not require classified algorithms and can be used with publicly available algorithms such as DES and IDEA or with proprietary but unclassified algorithms such as RSADSI's RC2 and RC4. If a publicly available or proprietary unclassified algorithm were used in a product that embodied key escrow cryptography, it would not be necessary to have a hardware implementation for the purpose of protecting the encryption algorithm from disclosure (although there are other reasons for implementing key escrow cryptography in hardware, as the above list indicates).
- encryption systems that have been used to protect sensitive information have been implemented as separate hardware devices, usually outboard "boxes" between a computer or communications system and a communications circuit.
- Such devices are designed with a high level of checking for operational integrity in the face of failures or malicious attack, and with especially careful measures for the protection of cryptographic functions and keys.
- PCMCIA cards or similar devices and then pay the price for adding a device interface to their computing systems or dedicating an existing interface to encryption rather than another function such as that performed by a modem or disk.
- a second major advantage of software implementations is simplicity of operation. Software solutions can be readily integrated into a wide variety of applications. Generally, the mass market software industry, which attempts to sell products in quantities of hundreds of thousands or millions, seeks to implement everything it can in software so as to reduce dependencies on hardware variations and configurations and to provide users with a maximum of useful product for minimum cost.
- the present invention is directed to a system and method for key escrow cryptography for use in a system comprising a sender and a receiver.
- the sender encrypts a message using a secret session key (KS), and generates a leaf verification string (LVS) by combining an unique program identifier (UIP), a public portion of a program unique key (KUpub), and a signature.
- UIP unique program identifier
- KUpub public portion of a program unique key
- KEPFpriv key escrow programming facility
- ELVS is formed by encrypting LVS using KS.
- the sender encrypts the KS using the KUpub to generate a first encrypted session key (EKS), and generates a first law enforcement access field (LEAF) by encrypting a combination of the first EKS and the UIP with a copy of a public portion of a family key (KFpub) stored in the sender.
- EKS encrypted session key
- LEAF law enforcement access field
- the encrypted message, the ELVS, and the first LEAF are transmitted from the sender to the receiver.
- the receiver operates as follows.
- the receiver stores therein a public portion of the KEPF key (KEPFpub) and a public portion of the Family Key (KFpub).
- the receiver decrypts ELVS using KS and extracts the UIP, KUpub, and the signature from the LVS, and verifies the signature using KEPFpub. If the verification succeeds, the receiver then encrypts the KS using the extracted KUpub to generate a second encrypted session key (EKS).
- EKS encrypted session key
- the receiver generates a second LEAF by encrypting a combination of the second EKS and the extracted UIP with a copy of the KFpub stored in the receiver. The receiver then compares the first LEAF to the second LEAF.
- the receiver decrypts the encrypted message using the KS.
- This embodiment of the present invention operates so that, with neither tamper resistance nor secrecy of the hardware or software of the sender or the receiver, no party having modified the hardware or software of either the sender or receiver can communicate successfully with an unmodified receiver or sender and, at the same time, prevent law enforcement from gaining authorized access to the communication.
- An ELVS is formed by encrypting LVS using KS.
- the sender encrypts KS, and KS 2 using the public key (KEApub, and KEApub 2 ) of each escrow agent to generate EKS, and
- the sender generates a first LEAF by concatenating EKS, and EKS 2 .
- the encrypted message, the ELVS, and the LEAF are transmitted from the sender to the receiver.
- the receiver in the second embodiment operates as follows.
- the receiver stores therein KEApub, and KEApub 2 .
- the receiver decrypts ELVS using KS and extracts KS, and KS 2 .
- the receiver then generates a trial KS by exclusive-OR'ing KS, and KS 2 . If the trial KS is equal to KS, then the receiver uses its copies of KEApub, and KEApub 2 to compute a second LEAF. If the second LEAF is equal to the first LEAF, then the receiver decrypts the encrypted message using KS.
- an encrypting user encrypts a file using a secret storage key (KS) and generates a data recovery field (DRF) comprising an access rule index (ARI) and KS encrypted by a data recovery center (DRC) public key (DRCpub).
- DRCpub is acquired in an initial registration phase wherein the
- AR defining user defines a set of access rules (ARs) that control potential later accesses to the DRF contents.
- ARs access rules
- the DRC After the DRC receives the AR from the AR defining user, the DRC returns the ARI to be included in one or more DRFs attached to subsequent encrypted files.
- KS access rules
- a normal decrypting user uses whatever mechanism is customary for specifying or accessing a storage key, KS. Failing that, emergency access is achieved via the DRF.
- the emergency decrypting user extracts the DRF attached to the encrypted message and sends the DRF to the DRC.
- the DRC challenges the emergency decrypting user according to the ARs defined by the AR defining user and sends a message containing KS to the emergency decrypting user if the emergency decrypting user meets the challenge.
- KS is not an encryption key but rather any piece of confidential information that can fit inside the DRF.
- the DRC limits access to emergency decrypting users who can meet the challenge defined by the AR indicated by the ARI in the DRF.
- FIG. 1 is a block diagram of a key escrow cryptographic system according to a first embodiment of the present invention
- FIGS. 2-9 and 17 are flowcharts depicting the key escrow cryptographic system according to the first embodiment of the present invention.
- FIG. 10 is a block diagram of a key escrow cryptographic system according to a second embodiment of the present invention.
- FIGS. 11-16 are flowcharts depicting the key escrow cryptographic system according to the second embodiment of the present invention.
- FIG. 18 is a block diagram of a data processor according to an embodiment of the present invention.
- FIG. 19 is a block diagram of a data escrow cryptographic system according to a third embodiment of the present invention.
- FIGS. 20, 24 and 26 are data flow diagrams depicting the process of access rule definitions
- FIGS. 21-23 and 25 are flow charts depicting access rule definitions
- FIG. 27 is a preferred embodiment of the construction of a data recovery field
- FIG. 28 is a flow chart depicting the processing of emergency access requests
- FIG. 29 is a flow chart of an exemplary challenge-response cycle
- FIG. 30 is a data flow diagram depicting a challenge-response cycle embedded within an emergency access request
- FIG. 31 is a data flow diagram depicting a retrieval of an access rule from a data recovery field.
- the present invention is directed to a system and method for key escrow and data escrow cryptography.
- the present invention is implemented in software.
- the present invention works equally well when implemented using hardware.
- the present invention preferably employs an unclassified data encryption algorithm.
- the objection that software cannot protect a classified encryption algorithm does not apply to the present invention.
- Another objection against software is that it cannot ensure that the key escrow software will function correctly and not be modified by a user to bypass or corrupt the escrow process. It is noted that this objection is not limited to just software, but also applies to hardware implementations which allow software to control the flow of information to and from the hardware encryption device. Another objection against software is that it is impossible to embed secret cryptographic keys in a software product without a significant risk that they would be disclosed.
- the present invention addresses and solves this problem inherent in conventional software implementations of key escrow by not embedding secret keys or private keys in the sender and receiver software modules. This feature of the present invention is discussed below.
- encryption and decryption operations are performed using any well known, unclassified, and publicly available algorithms such as DES and IDEA or with any well known, proprietary but unclassified algorithms such as RSADSI's RC2 and RC4.
- DES and IDEA any well known, proprietary but unclassified algorithms
- RSADSI's RC2 and RC4 any well known, proprietary but unclassified algorithms
- [a]b indicates that "a” is encrypted using key "b”; similarly, encrypt(e,f) indicates that “e” is encrypted using key “f” .
- ⁇ x ⁇ y indicates that "x” is digitally signed using well known procedures using key “y”; similarly, sign(a,b) indicates that "a” is digitally signed using key “b”.
- b indicates that "a” is concatenated with “b”.
- decrypt(m,n) indicates that "m” is decrypted using key "n”.
- extract(g,h) indicates that "h” is extracted using well known procedures from concatenated value "g”.
- verify(a,b,c,) indicates that the signature "b” or “a” is verified using key “c”.
- xor(o,p) indicates that "o” is bitwise exclusive-OR'ed with "p”.
- FIG. 18 A block diagram of the sending entity 124 is shown in FIG. 18.
- Control logic 1806 is preferably a computer program, such that the CPU 1804 operates in accordance with instructions contained in the computer program.
- the KEPF 106 is initialized with two public/private key pairs.
- the first is a KEPF public/private key pair, initialized in steps 206, 208, 210, and 212, which is used to sign and authenticate other components that are generated and distributed by the KEPF 106.
- the KEPF key pair is generated externally and loaded into the KEPF 106 (step 208), or generated internal to the KEPF 106 (step 210). Controls can be applied to the generation and custody of the KEPF key pair as they are to the family and seed keys that are used by the Clipper/Capstone chip programming facility.
- the KEPF public/private key pair is stored in a memory device in step 212.
- the Law Enforcement Decryptor (LED) 120 is also within the protected environment 104.
- the LED includes the Family Private Key KFpriv 122.
- the LED 120 initializes the Family Private Key 122 as shown in Figure 4.
- the LED obtains the private component of KF, KFpriv, which is stored in a memory device in step 408.
- the KEPF 106 generates or acquires a program unique identifier (UIP) and a program unique key (KU).
- KU is an asymmetric public/private key pair.
- KU is generated within the KEPF 106 and may be seeded with externally generated parameters that are loaded into the KEPF 106.
- the private component of KU (KUpriv) is split into halves (308). This is preferably done by generating a random bit string as long as KUpriv which becomes KUpriv, and calculating KUpriv 2 as the exclusive-OR of KUpriv, and KUpriv. Other procedures could alternatively be used to split
- step 310 the UIP and individual private key halves are escrowed with the two escrow agents (KEAs) 110, 114.
- the escrow agent 110 receives the UIP and KUpriv, (step 504) and stores UIP and KUpriv, (step 506). These steps are repeated for each program instance, as indicated by step 508.
- the operation of the other escrow agent 114 is identical to this.
- the KEPF 106 sends the program unique parameters, UIP and KUpub, to the software vendor 118 to be embedded into the software program product.
- the KEPF 106 uses well known procedures to digitally sign these parameters using its private key, KEPFpriv, and sends the signature along with the components to the software vendor 118 (step 314).
- the programming facility public key (KEPFpub) and the family key public component (KFpub) are also sent to the vendor 118. Steps 308-314 are repeated for each program instance, as indicated by step 316. 1.4 Generating the Software Product
- KEPFpub in the product code (step 608). It had received KFpub and KEPFpub from the KEPF 106 (step 606). Each instance of the program must be initialized with: KEPFpub KFpub
- S ⁇ KFpub, KUpub, UIP ⁇ KEPFpriv unique to that instance of the program.
- This data can reside in the code of the program or in a storage file associated with the program.
- KEPFpub, KFpub, and S must come from the KEPF.
- KUpub, KUpriv, and UIP can be generated by the KEPF, the vendor or the program itself during initialization. S must be generated by the KEPF only on receipt or generation of a valid KUpub, KUpriv, pair and the successful escrowing of KUpriv.
- the vendor 118 embeds the program unique parameters
- the sending program 124 generates a LEAF by encrypting the session key KS under the program unique public key KUpub to thereby generate [KS]KUpub.
- [KS]KUpub is also called the encrypted session key, or EKS.
- the EKS is concatenated with the program unique identifier UIP to thereby generate [KSJKUpub
- This value is encrypted with the family public key KFpub.
- the resulting LEAF is symbolized as [[KSJKUpub I UIPJKFpub. Note that in the present invention encryption of M is accomplished using symmetric encryption while encryption in the LEAF under keys KUpub and KFpub is accomplished using asymmetric, rather than symmetric cryptography.
- step 712 C, LEAF, and ELVS are sent to the receiving program 130.
- the receiving program 130 in step 806 negotiates a secret session key KS with the sending program 124 (this corresponds to step 708 in FIG. 7).
- the receiving program 130 receives C, LEAF, and ELVS from the sending program 124.
- step 810 the receiving program 130 verifies that the received copies of the sending program 124's program unique key KUpub and program unique identifier UIP (which are in the LVS) are correct and authentic. This is done in step 812 by verifying the corresponding signature S or ⁇ UIP
- the first embodiment of the software key escrow system of the present invention shares with the Clipper initiative the use of a device unique key (KUpriv) that is loaded into the law enforcement decryptor LED 120 and that must be erased when a wiretap authorization has expired.
- KUpriv device unique key
- a malicious user with a modified software product can harvest and reuse the escrow information (UIP and KUpub) for any other user with whom he or she communicates securely potential deficiency, in that it can cause the law enforcement agency to retrieve KUpriv for innocent partner.
- KEPF KEPF in the protected environment 1004 that initializes the key escrow agents 1006 and 1010.
- Such initialization is represented by a flowchart 1102 in FIG. 11 , where in step 1108 the entity obtains KEApub, and KEApub 2 from an external source (not shown).
- the entity generates KEApub, , KEApriv, , KEApub 2 , and KEApriv 2 , sends KEApriv, and KEApub, to key escrow agent 1006, sends KEApriv 2 and KEApub 2 to key escrow agent 1010, and erases KEApriv, and KEApriv 2 .
- step 1114 the entity stores KEApub, and KEApub .
- step 1116 the entity sends KEApub, and KEApub 2 to the software vendor 1014.
- KEApub, and KEApub 2 are sent to the software vendor 1014 from key escrow agents 1006 and 1010.
- the vendor 1014's sole role is to embed in each program instance the code that implements the key escrow functions and the public keys of two (or more) escrow agents (KEApub, and KEApub 2 ). These keys are represented by 1020 and 1026 in the sending program 1018 and the receiving program 1024, respectively.
- the operation of the software vendor 1014 is represented in FIG. 12, where in step 1206 the software vendor 1014 receives KEApub, and KEApub 2 from the key escrow agents 1006, 1010, in step 1208 the software vendor 1014 stores KEApub, and KEApub 2 , and in steps 1210 and 1212 the software vendor 1014 embeds KEApub, and KEApub 2 in each software program.
- the sending program 1018 operates as shown in a flowchart 1302 of FIG. 13.
- the sending program 1018 receives a message M.
- the sending program 1018 negotiates a secret session key KS with the receiving program 1024 using any well known procedure.
- the sending program 1018 encrypts the message M using the session key KS. -28-
- the LEAF need not be encrypted with KFpub, since KEApriv, are not available to anyone and presumably the only path to these decrypting services is via the LED.
- the KEApubj encryptions are enough to preserve the privacy of the LEAF contents without resorting to KFpub encryption.
- the family key, KFpub provides needed security. It should be noted that this embodiment is not limited to a 2-way split session key. In alternative embodiments, any number of splits, from 1 on up may be utilized.
- the general LEAF is represented by:
- step 1312 the sending program 1018 generates a leaf verification string LVS that is equal the concatenation of KS, and KS 2 .
- the encrypted leaf verification string ELVS is then generated and is equal to the LVS encrypted using the session key KS.
- step 1314 C, LEAF, and ELVS are sent to the receiving program 1026.
- the receiving program 1024 checks the leaf verification string LVS and then recomputes the LEAF. Specifically, in step 1410 the receiving program 1024 decrypts the encrypted leaf verification string ELVS using KS to obtain the leaf verification string LVS. The putative KS, and KS called trial_KS, and trial_KS 2 are extracted from LVS. Then, the receiving program 1024 generates the session key KS (called "trial_KS" in step 1412) by exclusive-OR' ing trial_KS, and trial_KS 2 that were just extracted from LVS. In step 1412, the receiving program 1024 compares trial KS with the negotiated session key KS. If they are not equal, then the LEAF is bad and the message is rejected (step 1418).
- step 1414 the receiving program 1024 uses its copies of KEApub, and KEApub 2 to recompute the LEAF. This is done by encrypting trial_KS, using KEApub, and encrypting trial_KS 2 using KEApub 2 to thereby generate trial EKS, and trial_EKS 2 , respectively. Then, a LEAF called test_LEAF is computed by concatenating trial_EKS, and trial_EKS 2 .
- LED 1016 discloses a proper court order to each escrow agent 1006, 1010. Each agent 1006, 1010 verifies the validity of the court order, records its effective dates, and generates a secret key half KS, or KS 2 using either KEApriv, or KEApriv 2 for that particular court order and issues it to the LED 1016. This is represented by step 1512, where the LED 1016 receives
- KS from KEA, 1006 and KS 2 from KEA 2 1010.
- the LED 1016 combines the returned KS, and KS 2 to yield KS (step 1514), and decrypts the message using KS (step 1516).
- the escrow agents 1006, 1010 delete the secret keys KS,, KS 2 on the expiration of the court order and are therefore unable to comply with any requests for keys after the expiration of the order. Since all communications with the escrow agents 1006, 1010 must be encrypted for security, this process adds no execution time to that operation.
- KEA, 1006 receives EKS, from the LED 1016.
- the KEA, 1006 decrypts EKS, using KEApriv, to obtain KS,.
- the KEA, 1006 sends KS, to the LED 1016.
- LED 1016's association of an individual targeted by a court order with a specific wiretap may be modified to include a UIP in the LEAF portions sent to the escrow agents 1006, 1010, to enable those agents 1006, 1010 to maintain a list of program instances targeted under each court order for later auditing.
- DRCs Data Recovery Centers
- This third embodiment is directed to the provision of emergency access to stored encrypted data in the event of the loss of the normal decryption key. It involves no key escrow or escrow agents and has no communications with third parties (specifically any DRCs) except during an initial, registration phase and during the process of emergency access.
- This embodiment is similar to the second embodiment where no databases of escrowed keys and therefore no escrowed keys and escrow agents exist.
- This embodiment like the second embodiment, is directed towards decryption services.
- the entities performing the decryption services were called Escrow Agents, even though they performed no escrow functions.
- the entities performing the decryption services are named the DRCs.
- FIG 19 illustrates a block diagram of an environment 1902 according to this third embodiment.
- the environment 1902 includes a data recovery center (DRC) 1910 (optionally redundant) situated in a protected environment 1904.
- the protected environment 1904 is established and maintained by any entity wishing to provide services pursuant to the third embodiment of the present invention (as described herein).
- the protected environment 1904 may be established and maintained by a public organization (such as a state division of motor vehicles) or a private organization (such as a corporation), or a plurality and/or combination of public/private entities.
- the DRC 1910 represents software executing on a suitably equipped computer system.
- Functional elements 1912 normal file decryption
- 1914 file encryption
- 1916 emergency file decryption
- 1918 AR definition
- the four elements will be referred to as the normal decrypting user, the encrypting user, the emergency decrypting user, and the AR defining user respectively. It should be understood that these users do not necessarily represent the same party.
- the AR defining user 1918 first negotiates with the DRC to obtain a DRC public key (DRCpub).
- DRCpub DRC public key
- the AR defining user 1918 then creates an access rule (AR) definition and registers that AR definition with DRC 1910.
- the DRC 1910 sends an access rule index (ARI) corresponding to that AR back to the AR defining user 1918.
- the AR defining user 1918 then stores any new DRCpub, the new ARI and an attached comment in the AR file 1920.
- the encrypting user 1914 is any entity wishing to encrypt data and store such encrypted data.
- the encrypting user 1914 may be a commercial software program (such as a word processor program, a spreadsheet program, a database program, a communication program, etc.) running on a computer.
- the encrypting user 1914 creates a data recovery field (DRF) comprising an access rule index (ARI) and the KS encrypted by DRCpub.
- DRF data recovery field
- ARI access rule index
- the ARI and DRCpub values are retrieved from the ARI file 1920.
- the ARI value is generated by the DRC 1910 during the initial set-up phase between the AR defining user 1918 and the DRC 1910.
- the DRF is attached to the encrypted message C and is sent by the encrypting user 1914 to a storage medium 1922. If it is desired to allow for reconstruction of the DRF during a later verification phase, the encrypting user 1914 also generates a DRF Verification String (DVS) and attaches it to the DRF.
- DVS DRF Verification String
- the (optional) DVS consists of the ARI which was used in the DRF, encrypted in the storage key, KS.
- the DRC 1910 responds with a challenge previously defined by the AR defining user 1918 at the registration phase and selected by the encrypting user 1914 during encryption and releases the KS contained within the associated DRF to the emergency decrypting user 1916 if the emergency decrypting user 1916 successfully meets the challenge.
- the emergency decrypting user 1916 can generally be described as a party privileged to the information originated by the encrypting user 1914 (e.g., management).
- the data recovery center 1910, the client 1918, and the user 1916 each represent a data processing device operating according to instructions or commands from a controller.
- the data processing device includes a processor, in which case the processor operates according to instructions or commands from the controller.
- the controller represents a hardware state machine.
- the controller represents a computer program in an electronic/magnetic form that is directly readable by a computer.
- the computer program is distributed as a computer program product (such as a floppy disk having control logic electronically or magnetically recorded thereon), or via a communications network.
- the third embodiment refers to a Data Recovery Field (DRF).
- DRF Data Recovery Field
- emergency access is provided only to emergency decrypting users 1916 in this embodiment (e.g., an encrypting user 1914 himself or his employer)
- the preferred mode of this embodiment avoids the splitting of KS.
- key splitting remains a possible implementation should an encrypting user 1914 desire it.
- KS need not be a storage key (i.e. , encrypting key).
- the datum inside a DRF can be any datum which the encrypting user 1914 wishes to encrypt and store.
- DRC DRCpub. If the encrypting user 1914 views the DRC 1910 as potentially hostile, an alternate embodiment implements a DRF comprising:
- n KS pieces need to be obtained to recover KS and the n DRCs 1910 are disjoint and not subject to conspiracies of more than (k-1) parties.
- This splitting of KS into shares is accomplished via any well known secret-sharing mechanism.
- An example of such a secret-sharing mechanism is described in A. Shamir, "How to Share a Secret", in the Communications of the ACM, vol. 22, no. 11 , pp. 612-613, November 1979, inco ⁇ orated herein by reference in its entirety.
- the DRF provides the encrypting user 1914 himself with a service, there is no need to strongly enforce its correct construction.
- the encrypting user 1914 is not inclined to circumvent a service he desires, uses voluntarily and possibly paid some amount of money to acquire.
- any refusal to decrypt (as in the first two embodiments) based on an incorrect DRF is an inappropriate action for storage encryption.
- the damage of a bad DRF is done at the time of encryption and detection of an incorrect DRF at decryption time is ineffective. Therefore, in a preferred embodiment, either no DRF verification or verification in the form of a background "sniffer" is implemented.
- a "sniffer” is a process which randomly selects files, checks their DRF formats (using a format-checking service provided by the DRC 1910) and in case of incorrect format, notifies the creator of the file (and possibly his manager) of the flaw. This provides moderate social or administrative pressure at or shortly after encryption time to remedy a failure to generate proper DRFs. The generation of improper DRFs can happen by accident or oversight rather than by malicious intent.
- an encrypting user 1914 without any intended malice, uses a version of software which doesn't attach DRFs to files (possibly because that option isn't enabled at the time), or which mistakenly attaches
- Disk storage can go bad without being read and a bad block is not detected until it is read. If detection is delayed for too long after the data is written, backup copies of that data might also have gone bad. A "sniffer” attempts to find such blocks before their backup copies go bad.
- this rebuilding is a time-consuming operation and since the purpose of this re-building is to make the encrypting user 1914 more vigilant about the software being used, one embodiment envisions that the decrypting software re-builds only a randomly selected percentage of all DRFs. It is expected that the knowledge that this re-building occurs occasionally is enough to increase encrypting user 1914 vigilance.
- Access rule challenge and response is not required in this case because as a method of gaining access to a file by an outsider, this method amounts to a brute force key test but one in which each test involves communications costs and is therefore slow and not subject to improvement with improvements in the speed of VLSI circuitry. It is therefore slower than alternate methods of attack and therefore not an increased security risk.
- ARs access rules
- basic authentication tests There are two kinds of access rules (ARs) defined by the present invention, basic authentication tests and compound authorization rules.
- An AR is specified by the AR defining user 1918 who defines it and sends it to the DRC 1910.
- the DRC 1910 grants the AR defining user 1918 an access rule index (ARI).
- the encrypting user 1914 can then use the ARI to include in a DRF or the AR defining user 1918 can use the ARI in the definition of other ARs.
- This interaction between the AR defining user 1918 and the DRC 1910 is called the registration phase and is described in greater detail below.
- the DRC 1910 uses an ARI to locate the associated AR and uses that rule to control challenges to the emergency decrypting user 1916 to determine the decrypter's right to access.
- An authentication test is an example of a relatively simple AR. If the emergency decrypting user 1916 passes the test, then the emergency decrypting user 1916 gains access. More generally, the emergency decrypting user 1916 receives either access or a success token, which is used to respond to other challenges.
- a compound authorization rule specifies a group of ARIs, some (or all) of which need to be satisfied in order for the AR to be satisfied.
- Additional authentication tests include multiple prompt/reply pairs.
- an AR defining user 1918 can specify a list of N prompts and their associated replies.
- the AR defining user 1918 also specifies the numbers A and K (K ⁇ A ⁇ N) such that when the DRC 1910 employs the authentication test, it randomly selects A of the N prompts to challenge the emergency decrypting user 1916.
- the emergency decrypting user 1916 attempts to provide correct replies to all selected prompts. If the emergency decrypting user 1916 gets K or more replies correct, the authentication test is satisfied.
- This variation of a shared secret test is provided for emergency decrypting users 1916 who may have trouble remembering a particular typed string but who might remember K of A of them with greater probability.
- confidentiality is provided for the reply portion. Specifically, instead of storing the reply as a readable text string, during both registration and responses to challenges a cryptographically strong hash of the prompt and reply is formed. This hash value is ASCII encoded and sent to the DRC 1910 as the reply string. This confidentiality permits an AR defining user 1918 to employ embarrassing memories as a reply on the theory that such memories are unlikely to be either forgotten or shared.
- a compound authorization rule takes the form:
- This rule is satisfied if k of the n ARIs given are satisfied.
- the ARs referenced by these ARIs may be created by the AR defining user 1918 or by other persons known to the AR defining user 1918.
- an AR can be created to represent the authorization rule for a company's corporate emergency access and the ARI can be listed as an optional emergency access method for each employee.
- the emergency access provided by a DRC 1910 does not take the place of normal access to an encrypted file. It is assumed that the normal access to a storage key (KS) proceeds without paying attention to the DRF. In this situation, the normal decrypting user 1912 is the same person as the encrypting user 1914 and has knowledge of the storage key (KS) or of a method of obtaining KS independent of the DRC 1910. Thus, in most cases the DRC 1910 will never know that the encrypting user 1914 has even created the DRF for a file. However, this invention permits a new kind of storage encryption in which the storage key is chosen randomly (e.g., by the encrypting program). Consequently, in this embodiment, the only method of access is via the emergency use of a DRF.
- this option permits an encrypting user 1914 to implement a data escrow mechanism in which the grantee of the data would hold it at all times in encrypted form, and would receive use of that encrypted data only upon the satisfaction of a potentially complex AR. No individual person, not even the data's original encrypting user 1914, would be able to decrypt it without satisfying that AR.
- a trusted DRC 1910 that would never release a decrypted DRF except upon satisfaction of the corresponding AR.
- a DRC 1910 may be encased in a tamper-resistant enclosure and have no override access defined.
- the trusted DRC 1910 is highly fault-tolerant through redundancy.
- an override access is provided. Specifically, in response to any challenge from the DRC 1910 for satisfaction of an AR, the challenged emergency decrypting user 1916 may respond "override". The emergency decrypting user 1916 is then challenged according to an override
- the override AR could require that 3 of 5 previously designated company officers agree to override.
- the definition of such a policy is via the access rule mechanism described earlier (and further described below).
- the override mechanism saves the AR defining user 1918 time in registration and provides a guarantee that a supervising entity (such as management) will be allowed access to all files, independent of any actions on the part of any employee.
- the implementation of the DRC 1910 includes encryption of all transactions between the DRC 1910 and the users 1916 and 1918.
- the DRCs public key (DRCpub) is used to communicate a randomly chosen session key from the AR defining user 1918 (or the emergency decrypting user 1916) to the DRC 1910.
- the AR defining user 1918 (or the emergency decrypting user 1916) includes inside the encrypted request to the DRC 1910, which reply key the DRC 1910 should use for the return message.
- confidentiality there is also the question of authentication. Since an AR defining user 1918 defines himself by providing AR definitions during registration, there is no further AR defining user 1918 authentication needed for the DRC 1910/AR defining user 1918 communication.
- the DRC 1910 itself, however, requires authentication by well known public key methods. This is accomplished through widespread publication of the DRCs public key using a variety of channels or signatures on the DRCs public key by a key which is either widely known or trusted (or both). If the AR defining user 1918 uses an untrusted DRC public key, then the AR defining user 1918 is vulnerable to improper behavior by the DRC 1910 and will be unable to provide convincing evidence identifying that DRC 1910 for the purposes of legal remedy.
- DRC 1910 registration involves the creation of ARs and acceptance by the AR defining user 1918 of an access rule index (ARI) for each AR.
- Figure 20 illustrates generally the AR definition process between an AR defining user 1918 and DRC 1910.
- the AR definition process comprises the following steps: (1) the AR defining user 1918 sends an AR definition to the DRC 1910, (2) the DRC 1910 sends a new ARI to the AR defining user 1918, and (3) the AR defining user 1918 files the new ARI with an optional explanatory comment in the ARI file 1920.
- the ARI is a value created by the DRC that allows the DRC to locate the AR definitions corresponding to the ARI.
- the ARI contains an address at which the AR definitions are stored.
- step 2106 the AR defining user 1918 obtains a DRC public key
- step 2108 the AR defining user 1918 chooses the desired registration interaction.
- These registration interactions include the acquisition of a new DRCpub in step 2112, creating a new AR definition in step 2114, redefining an existing AR in step 2116, and obtaining an ARI listing in step 2118.
- the acquisition of a new DRCpub is described in section 3.6.1.1
- the creation of a new AR is described in sections 3.6.1.2, 3.6.1.4, 3.6.1.5 and 3.6.1.6
- the redefinition of an existing AR is described in section 3.6.1.3
- the obtaining of an ARI listing is described in section 3.6.2.
- DRCpub(O) The initial DRC public key, here labeled DRCpub(O), is available from advertising publications or through messages from other people.
- DRCpub(O) The security of further public key distribution hinges on the trustworthiness of this initial key because public key authentication techniques can not establish absolute trust. Rather they can establish only equivalency of trust.
- the DRC 1910 generates new DRC public keys from time to time, in order to minimize the volume of data which achieves emergency access under any one key.
- the DRC 1910 retains all generated DRC public -key/private-key pairs, so that an emergency decrypting user 1916 can initiate a secure communication using any of the DRCpub keys.
- the DRC 1910 After a trusted DRC public key is obtained by an AR defining user 1918, the DRC 1910 returns a signed version of that DRC public key to the AR defining user 1918 (step 2106 in Figure 21). The most current DRC public key is returned in every DRC 1910 interaction with any AR defining user 1918 as a text block appended to the DRCs normal message. On a special request by the AR defining user 1918, wherein the AR defining user 1918 sends the number "i" (desired key number) and "k" (old key number), the DRC 1910 will return the new key, DRCpub(i), signed by a prior key, DRCpub(k), of the encrypter's choice. 3.6.1.2 Creation of a new Access Rule
- Figure 22 illustrates the process of creating a new AR that begins with step 2206 where an AR defining user 1918 sends an AR definition to the DRC 1910 which records that definition.
- the DRC 1910 returns an ARI to the AR defining user 1918.
- the AR defining user 1918 receives this ARI in step 2210 and, after attaching an optional descriptive comment provided by the AR defining user 1918, appends the ARI record to the ARI file.
- the ARI file already contains the DRCpub and any other ARIs which the AR defining user 1918 has already acquired.
- FIG 23 illustrates the process wherein an AR defining user 1918 desires to change the definition of an existing AR.
- an AR defining user 1918 is free to generate new ARs at will, a re-definition is required when there already exist files encrypted under a given ARI and the AR defining user 1918 decides to change the emergency access procedure for those existing files.
- the AR defining user 1918 in step 2306 sends to the DRC 1910 the new AR definition and also the ARI corresponding to the AR to be defined.
- the AR defining user 1918 is then challenged by the DRC 1910 in step 2308 with the ARs attached to the old ARI. If the AR defining user 1918 fails the challenge issued by the DRC 1910, the redefinition request is denied in step 2110.
- the AR defining user 1918 If the AR defining user 1918 successfully meets the challenge the AR defining user 1918 is allowed to change the AR definitions for that ARI in step 2312.
- the DRC 1910 records an AR defining user's 1914 network address with each defined ARI, the request for re-definition must come from that network address.
- an AR defining user 1918 might register with some human-staffed service to get authentication by the AR defining user's 1914 driver's license or any biometric measure (e.g., palm print, retnal scan, etc.).
- a service (1) receives the AR defining user's 1914 license number (without requiring an in-person visit) and (2) generates an AR which only the service 2404 could successfully satisfy, (3) receiving an ARI for it, in return.
- the service 2404 next (4) attaches the resulting ARI to a record of the AR defining user's 1914 license number in the service's ARI file 2406 and then (5) gives the resulting ARI to the AR defining user 1918.
- the AR defining user 1918 would (6) make an indirect AR to that ARI (the indirect AR definition is described in more detail below), (7) get an ARI for that new AR, and (8) file that ARI (now owned by the AR defining user 1918 rather than the service 2404) in the ARI file 2408.
- Figure 25 illustrates the process of generating a group authorization rule.
- an AR defining user 1918 retrieves from his own ARI file one or more ARIs to be included in the group.
- An AR defining user 1918 can also ask for a listing of the status of all ARs defined by that AR defining user 1918.
- the identification of an AR defining user 1918 is by network address. In other embodiments, it could be by way of an AR and its ARI defined only for the purpose of identifying ownership of ARs or it could be whatever identification method is normal to the network or communications connection used by the DRC 1910. However, if a DRC 1910 is designed to mask network addresses, an ARI can also serve as an owner identifier. In this embodiment, the owner presents his identifying ARI while asking for a listing. The DRC 1910, would then challenge the owner to prove their identity (using the identifying ARI) and only then provide the listing.
- Figure 27 illustrates a preferred embodiment of the construction of a
- an encrypting user's 1914 software creates a DRF 2730 by concatenating an ARI 2706 (selected by the encrypting user 1914, depending on which AR the encrypting user 1914 wants to use) and some small User's Secret [US] 2708.
- the US 2708 is often (but not limited to) a key for the symmetric encryption for a file (i.e., KS), but can be any data which the encrypting user 1914 wants to encrypt.
- This concatenation is called the DRF contents (DRFC) 2714.
- the DRFC 2714 is then encrypted using a DRCpub resulting in the Encrypted DRFC (EDRFC) 2722.
- the EDRFC 2722 is concatenated with the Key Identifier (KI) 2712 that uniquely identifies the DRCpub used to make the EDRFC 2722.
- the KI 2712 comprises a network address for the DRC [DRC
- FIG. 28 illustrates the method of obtaining emergency access.
- the emergency decrypting user 1916 extracts from the storage medium 1922 the DRF that is attached to the file of interest (or the DRF alone if that is what is of interest) and then, in step 2808, sends the extracted DRF to the DRC 1910.
- the DRC 1910 issues a challenge defined by the AR definition for the ARI in the extracted DRF.
- FIG 31 illustrates the processing steps performed by DRC 1910 in issuing the challenge to the emergency decrypting user 1916.
- the DRC 1910 uses the KI 2712 to identify DRCpub then retrieves, in step 3108, the DRC private key corresponding to that particular DRCpub.
- the DRC 1910 decrypts EDRFC 2722 to obtain DRFC 2714 and retrieves the ARI 2706 from the DRFC 2714 in step 3112.
- the DRC 1910 uses ARI 2706 to locate the corresponding AR (e.g. , AR residing at the address ARI) and challenges the emergency decrypting user 1916 in step 3116.
- step 2812 if the emergency decrypting user 1916 fails to meet the challenge in step 2812, emergency access is denied in step 2814. If the emergency decrypting user 1916 meets the challenge in step 2812, the DRC 1910 sends the DRFC 2714 to the emergency decrypting user 1916 in step 2816. The emergency decrypting user 1916 receives the
- steps 2806 and 2820 are performed by the software which initially created the file and the DRF.
- the location of the DRF within or alongside the file (or database record, or whatever item is encrypted) is under the control of some application software rather than the DRC 1910 or its encrypting user 1914.
- steps 2808 through 2818 are performed by the emergency decrypting user's 1916 software, to provide an easy, seamless interface to the DRC 1910.
- the emergency decrypting user's 1916 software writes the DRF to a file in step 2806 and retrieves the DRFC from a file in step 2820, allowing steps 2808 through 2814 to be performed by a separate application which is purely a DRC client.
- steps 2808 and 2818 involve well known methods for providing secure transmission of information.
- the preferred embodiment uses symmetric encryption with a session key chosen at random by the emergency decrypting user 1916. That key is encrypted in DRCpub and communicated (along with a KI 2712 to identify the key used) to the DRC 1910 along with the encrypted message. That message includes a command to the DRC 1910 to use a given (randomly chosen) key for communications back to the emergency decrypting user 1916 in step 2818. In this manner, the emergency decrypting user 1916 does not need to create a public key for key transmission purposes. 3.6.5 Challenge-Response Protocol
- FIG 29 shows the challenge-response cycle.
- the DRC 1910 issues a challenge (which can be thought of as a remote-procedure-call [RPC]) and the AR defining user 1918 or emergency decrypting user 1916 responds to that challenge in step 2908.
- RPC remote-procedure-call
- Figure 30 shows this cycle as it pertains to an emergency access request.
- the emergency decrypting user 1916 has all of the information to provide the correct response. However, if the ARI specifies an AR representing a group or indirect AR, then the emergency decrypting user 1916 needs to perform non-local work in order to get the correct response. This non-local work will involve further nested RPCs. If the ARI specifies an indirection, then the RPC is from one emergency decrypting user 1916 to another emergency decrypting user 1916. In various situations, the RPC could involve network communication or merely the hand-carrying of data on a floppy disk (e.g., if the indirection is for the purpose of physical authentication).
- the DRC 1910 For every challenge issued by the DRC 1910, the DRC 1910 includes a Sequence token (SEQ).
- the emergency decrypting user 1916 is then challenged with a group challenge that lists the members of the group.
- the DRC 1910 issues a challenge to a emergency decrypting user 1916.
- the emergency decrypting user 1916 submits a DRF 2730 for emergency access. This submission includes no other information and starts a new transaction. If this challenge gets a correct response, the DRC 2730 returns the DRFC 2714.
- the emergency decrypting user 1916 submits a request to be challenged as part of fulfilling a group or indirection.
- This submission includes a SEQ identifying the transaction and recursive stack of which this recursive challenge is a part.
- the emergency decrypting user 1916 submitting that request need not be the same emergency decrypting user 1916 who submitted the DRF 2730 which started this transaction. If this challenge gets a correct response, the DRC 1910 returns a SUCCESS token which includes the same information as the SEQ along with the fact of success.
- the emergency decrypting user 1916 replies with the SEQ and the correct response.
- the DRC 1910 provides either the DRFC 2714 or a SUCCESS token.
- the emergency decrypting user 1916 provides one or more SUCCESS tokens which the DRC 1910 verifies as being part of this transaction and as correctly satisfying the group or indirect AR.
- the DRC 1910 provides either the DRFC 2714 or a SUCCESS token.
- the DRC 1910 includes a state token with every RPC it initiates and the emergency decrypting user 1916 includes a state token with every RPC it initiates.
- the responder to the RPC returns that token, if any, with its response.
- Those tokens are encrypted in a key known only to the originator and include information to permit the originator to verify that the token goes with the SEQ with which it is accompanied.
- the state of the DRC 1910 and emergency decrypting user 1916 are maintained over this recursive set of RPCs in which the identity of the caller keeps changing hands.
- the successful completion of an emergency access request is the return of a DRFC 2714 to the emergency decrypting user 1916.
- the purpose of the challenge-response is to verify that the emergency decrypting user 1916 making the request is authorized to receive the DRFC 2714. Since the DRFC 2714 comprises an ARI 2706 by the AR defining user 1918, any subsequent emergency decrypting user 1916 who can satisfy that AR 2706 has, presumably, been granted authority by the AR defining user 1918 to have access.
- the emergency decrypting user's 1916 software has the responsibility for using the DRFC 2714 to provide access to the file (i.e., for extracting the US 2708 from the DRFC 2714, and perhaps for using the
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP95929479A EP0775401A1 (en) | 1994-08-11 | 1995-08-11 | System and method for key escrow and data escrow encryption |
AU33217/95A AU3321795A (en) | 1994-08-11 | 1995-08-11 | System and method for key escrow and data escrow encryption |
MX9700980A MX9700980A (en) | 1994-08-11 | 1995-08-11 | System and method for key escrow and data escrow encryption. |
BR9508548A BR9508548A (en) | 1994-08-11 | 1995-08-11 | Method to control a user's emergency decryption access to a secret encrypted by a file encryption user in a data recovery field (drf) system to control access to a user secret (us) method to control the access to a secret file encryption method for a user to control access by a user |
JP8507517A JPH10508438A (en) | 1994-08-11 | 1995-08-11 | System and method for key escrow and data escrow encryption |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/289,602 | 1994-08-11 | ||
US08/289,602 US5557346A (en) | 1994-08-11 | 1994-08-11 | System and method for key escrow encryption |
US08/390,959 | 1995-02-21 | ||
US08/390,959 US5557765A (en) | 1994-08-11 | 1995-02-21 | System and method for data recovery |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1996005673A1 true WO1996005673A1 (en) | 1996-02-22 |
Family
ID=26965728
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US1995/010221 WO1996005673A1 (en) | 1994-08-11 | 1995-08-11 | System and method for key escrow and data escrow encryption |
Country Status (9)
Country | Link |
---|---|
US (3) | US5557765A (en) |
EP (1) | EP0775401A1 (en) |
JP (1) | JPH10508438A (en) |
CN (1) | CN1158195A (en) |
AU (1) | AU3321795A (en) |
BR (1) | BR9508548A (en) |
CA (1) | CA2197206A1 (en) |
MX (1) | MX9700980A (en) |
WO (1) | WO1996005673A1 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1998005143A1 (en) * | 1996-07-29 | 1998-02-05 | International Business Machines Corporation | Cryptographic key recovery system |
WO1998047260A2 (en) * | 1997-04-11 | 1998-10-22 | Network Associates, Inc. | Publicly verifiable key recovery |
FR2763192A1 (en) * | 1996-10-18 | 1998-11-13 | Bull Sa | Data transmission using encoded data, with encoding key recovery system |
EP0891055A2 (en) * | 1997-07-07 | 1999-01-13 | Fujitsu Limited | Key recovery system |
EP1043862A2 (en) * | 1999-04-08 | 2000-10-11 | Lucent Technologies Inc. | Generation of repeatable cryptographic key based on varying parameters |
WO2001013293A1 (en) * | 1999-08-12 | 2001-02-22 | Matsushita Electric Industrial Co., Ltd. | Electronic information backup system |
US6483920B2 (en) | 1996-12-04 | 2002-11-19 | Bull, S.A. | Key recovery process used for strong encryption of messages |
GB2386710A (en) * | 2002-03-18 | 2003-09-24 | Hewlett Packard Co | Controlling access to data or documents |
CN1130627C (en) * | 1997-04-30 | 2003-12-10 | 索尼公司 | Information processing apparatus and method and recording medium |
FR2857184A1 (en) * | 2003-07-04 | 2005-01-07 | Thomson Licensing Sa | METHOD OF ENCRYPTING / DECEIVING A MESSAGE AND ASSOCIATED DEVICE |
US7162452B1 (en) | 1999-03-25 | 2007-01-09 | Epstein Michael A | Key distribution via a memory device |
US7873168B2 (en) | 2006-10-18 | 2011-01-18 | Kabushiki Kaisha Toshiba | Secret information management apparatus and secret information management system |
Families Citing this family (247)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6292568B1 (en) | 1966-12-16 | 2001-09-18 | Scientific-Atlanta, Inc. | Representing entitlements to service in a conditional access system |
US5870474A (en) | 1995-12-04 | 1999-02-09 | Scientific-Atlanta, Inc. | Method and apparatus for providing conditional access in connection-oriented, interactive networks with a multiplicity of service providers |
US10361802B1 (en) | 1999-02-01 | 2019-07-23 | Blanding Hovenweep, Llc | Adaptive pattern recognition based control system and method |
US8352400B2 (en) | 1991-12-23 | 2013-01-08 | Hoffberg Steven M | Adaptive pattern recognition based controller apparatus and method and human-factored interface therefore |
GB9320793D0 (en) * | 1993-10-08 | 1993-12-08 | Secr Defence | Cryptographic receiver |
US5557346A (en) * | 1994-08-11 | 1996-09-17 | Trusted Information Systems, Inc. | System and method for key escrow encryption |
US5557765A (en) * | 1994-08-11 | 1996-09-17 | Trusted Information Systems, Inc. | System and method for data recovery |
US6272632B1 (en) | 1995-02-21 | 2001-08-07 | Network Associates, Inc. | System and method for controlling access to a user secret using a key recovery field |
US8548166B2 (en) | 1995-04-03 | 2013-10-01 | Anthony J. Wasilewski | Method for partially encrypting program data |
US6560340B1 (en) | 1995-04-03 | 2003-05-06 | Scientific-Atlanta, Inc. | Method and apparatus for geographically limiting service in a conditional access system |
US7224798B2 (en) * | 1995-04-03 | 2007-05-29 | Scientific-Atlanta, Inc. | Methods and apparatus for providing a partial dual-encrypted stream in a conditional access overlay system |
US6252964B1 (en) * | 1995-04-03 | 2001-06-26 | Scientific-Atlanta, Inc. | Authorization of services in a conditional access system |
US6424717B1 (en) | 1995-04-03 | 2002-07-23 | Scientific-Atlanta, Inc. | Encryption devices for use in a conditional access system |
US6157719A (en) * | 1995-04-03 | 2000-12-05 | Scientific-Atlanta, Inc. | Conditional access system |
US6246767B1 (en) | 1995-04-03 | 2001-06-12 | Scientific-Atlanta, Inc. | Source authentication of download information in a conditional access system |
US6937729B2 (en) | 1995-04-03 | 2005-08-30 | Scientific-Atlanta, Inc. | Representing entitlements to service in a conditional access system |
US20040136532A1 (en) * | 1995-04-03 | 2004-07-15 | Pinder Howard G. | Partial dual-encrypted stream utilizing program map tables |
IL113375A (en) * | 1995-04-13 | 1997-09-30 | Fortress U & T Ltd | Internationally regulated system for one to one cryptographic communications with national sovereignty without key escrow |
US5852665A (en) * | 1995-04-13 | 1998-12-22 | Fortress U & T Ltd. | Internationally regulated system for one to one cryptographic communications with national sovereignty without key escrow |
US5757924A (en) * | 1995-09-18 | 1998-05-26 | Digital Secured Networks Techolognies, Inc. | Network security device which performs MAC address translation without affecting the IP address |
US6088515A (en) | 1995-11-13 | 2000-07-11 | Citrix Systems Inc | Method and apparatus for making a hypermedium interactive |
GB2308282B (en) * | 1995-12-15 | 2000-04-12 | Lotus Dev Corp | Differential work factor cryptography method and system |
US5764772A (en) * | 1995-12-15 | 1998-06-09 | Lotus Development Coporation | Differential work factor cryptography method and system |
ES2123479T1 (en) * | 1995-12-29 | 1999-01-16 | Scientific Atlanta | METHOD AND APPARATUS TO PROVIDE CONDITIONAL ACCESS IN INTERACTIVE NETWORKS OF ORIENTED CONNECTION, WITH A MULTIPLICITY OF SERVICE PROVIDERS. |
US5768373A (en) * | 1996-05-06 | 1998-06-16 | Symantec Corporation | Method for providing a secure non-reusable one-time password |
US5901227A (en) * | 1996-06-20 | 1999-05-04 | Novell, Inc. | Method and apparatus for implementing partial and complete optional key escrow |
US5764767A (en) * | 1996-08-21 | 1998-06-09 | Technion Research And Development Foundation Ltd. | System for reconstruction of a secret shared by a plurality of participants |
US6052780A (en) * | 1996-09-12 | 2000-04-18 | Open Security Solutions, Llc | Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information |
US5937066A (en) * | 1996-10-02 | 1999-08-10 | International Business Machines Corporation | Two-phase cryptographic key recovery system |
US5974151A (en) * | 1996-11-01 | 1999-10-26 | Slavin; Keith R. | Public key cryptographic system having differential security levels |
EP0951767A2 (en) | 1997-01-03 | 1999-10-27 | Fortress Technologies, Inc. | Improved network security device |
US5907618A (en) * | 1997-01-03 | 1999-05-25 | International Business Machines Corporation | Method and apparatus for verifiably providing key recovery information in a cryptographic system |
EP0856968A3 (en) | 1997-01-24 | 2000-12-06 | Nec Corporation | Encryption key processing system to be incorporated into data recovery system or key setting system for generating encryption key |
US7212632B2 (en) | 1998-02-13 | 2007-05-01 | Tecsec, Inc. | Cryptographic key split combiner |
US5920630A (en) * | 1997-02-25 | 1999-07-06 | United States Of America | Method of public key cryptography that includes key escrow |
US6396805B2 (en) * | 1997-03-25 | 2002-05-28 | Intel Corporation | System for recovering from disruption of a data transfer |
US6249585B1 (en) * | 1998-04-08 | 2001-06-19 | Network Associates, Inc | Publicly verifiable key recovery |
US6694433B1 (en) * | 1997-05-08 | 2004-02-17 | Tecsec, Inc. | XML encryption scheme |
US6122742A (en) * | 1997-06-18 | 2000-09-19 | Young; Adam Lucas | Auto-recoverable and auto-certifiable cryptosystem with unescrowed signing keys |
US6282295B1 (en) | 1997-10-28 | 2001-08-28 | Adam Lucas Young | Auto-recoverable and auto-certifiable cryptostem using zero-knowledge proofs for key escrow in general exponential ciphers |
US6202150B1 (en) | 1997-05-28 | 2001-03-13 | Adam Lucas Young | Auto-escrowable and auto-certifiable cryptosystems |
DE69720971T2 (en) * | 1997-05-28 | 2003-10-30 | Siemens Ag | Computer system and software protection method |
US6243466B1 (en) | 1997-08-29 | 2001-06-05 | Adam Lucas Young | Auto-escrowable and auto-certifiable cryptosystems with fast key generation |
US6389136B1 (en) | 1997-05-28 | 2002-05-14 | Adam Lucas Young | Auto-Recoverable and Auto-certifiable cryptosystems with RSA or factoring based keys |
US6314190B1 (en) * | 1997-06-06 | 2001-11-06 | Networks Associates Technology, Inc. | Cryptographic system with methods for user-controlled message recovery |
US6061454A (en) * | 1997-06-27 | 2000-05-09 | International Business Machines Corp. | System, method, and computer program for communicating a key recovery block to enable third party monitoring without modification to the intended receiver |
US6775382B1 (en) | 1997-06-30 | 2004-08-10 | Sun Microsystems, Inc. | Method and apparatus for recovering encryption session keys |
JPH1127253A (en) | 1997-07-07 | 1999-01-29 | Hitachi Ltd | Key recovery system, key recovery device, recording medium for storing key recovery program and key recovery method |
JP3076273B2 (en) * | 1997-07-07 | 2000-08-14 | 日本電気株式会社 | Key recovery condition encryption device and decryption device |
US6229894B1 (en) * | 1997-07-14 | 2001-05-08 | Entrust Technologies, Ltd. | Method and apparatus for access to user-specific encryption information |
US6058188A (en) * | 1997-07-24 | 2000-05-02 | International Business Machines Corporation | Method and apparatus for interoperable validation of key recovery information in a cryptographic system |
JP2001513587A (en) * | 1997-07-31 | 2001-09-04 | サイエンティフィック−アトランタ・インコーポレーテッド | Verification of source of information program in conditional access system |
US7515712B2 (en) * | 1997-08-01 | 2009-04-07 | Cisco Technology, Inc. | Mechanism and apparatus for encapsulation of entitlement authorization in conditional access system |
EP0912011A3 (en) * | 1997-10-20 | 2001-11-28 | Sun Microsystems, Inc. | Method and apparatus for encoding and recovering keys |
US6549626B1 (en) | 1997-10-20 | 2003-04-15 | Sun Microsystems, Inc. | Method and apparatus for encoding keys |
US6098056A (en) * | 1997-11-24 | 2000-08-01 | International Business Machines Corporation | System and method for controlling access rights to and security of digital content in a distributed information system, e.g., Internet |
US20050114705A1 (en) * | 1997-12-11 | 2005-05-26 | Eran Reshef | Method and system for discriminating a human action from a computerized action |
JP4313873B2 (en) * | 1998-01-30 | 2009-08-12 | キヤノン株式会社 | Electronic device and data processing method |
US8077870B2 (en) * | 1998-02-13 | 2011-12-13 | Tecsec, Inc. | Cryptographic key split binder for use with tagged data elements |
US7095852B2 (en) * | 1998-02-13 | 2006-08-22 | Tecsec, Inc. | Cryptographic key split binder for use with tagged data elements |
WO1999049613A1 (en) * | 1998-02-20 | 1999-09-30 | Fortress Technologies, Inc. | Cryptographic key-recovery mechanism |
US6324650B1 (en) * | 1998-03-16 | 2001-11-27 | John W.L. Ogilvie | Message content protection and conditional disclosure |
US6298445B1 (en) | 1998-04-30 | 2001-10-02 | Netect, Ltd. | Computer security |
US6584310B1 (en) * | 1998-05-07 | 2003-06-24 | Lucent Technologies Inc. | Method and apparatus for performing authentication in communication systems |
US6941463B1 (en) | 1998-05-14 | 2005-09-06 | Purdue Research Foundation | Secure computational outsourcing techniques |
US6957341B2 (en) | 1998-05-14 | 2005-10-18 | Purdue Research Foundation | Method and system for secure computational outsourcing and disguise |
US6370251B1 (en) | 1998-06-08 | 2002-04-09 | General Dynamics Decision Systems, Inc. | Traffic key access method and terminal for secure communication without key escrow facility |
US6336187B1 (en) | 1998-06-12 | 2002-01-01 | International Business Machines Corp. | Storage system with data-dependent security |
US6219790B1 (en) * | 1998-06-19 | 2001-04-17 | Lucent Technologies Inc. | Centralized authentication, authorization and accounting server with support for multiple transport protocols and multiple client types |
US6317829B1 (en) * | 1998-06-19 | 2001-11-13 | Entrust Technologies Limited | Public key cryptography based security system to facilitate secure roaming of users |
US7111173B1 (en) * | 1998-09-01 | 2006-09-19 | Tecsec, Inc. | Encryption process including a biometric unit |
US6311270B1 (en) * | 1998-09-14 | 2001-10-30 | International Business Machines Corporation | Method and apparatus for securing communication utilizing a security processor |
GB9820558D0 (en) * | 1998-09-21 | 1998-11-11 | Post Office | A secure data transfer system |
US7139915B2 (en) * | 1998-10-26 | 2006-11-21 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US7174457B1 (en) | 1999-03-10 | 2007-02-06 | Microsoft Corporation | System and method for authenticating an operating system to a central processing unit, providing the CPU/OS with secure storage, and authenticating the CPU/OS to a third party |
US7194092B1 (en) | 1998-10-26 | 2007-03-20 | Microsoft Corporation | Key-based secure storage |
US6438695B1 (en) * | 1998-10-30 | 2002-08-20 | 3Com Corporation | Secure wiretap support for internet protocol security |
US6530024B1 (en) | 1998-11-20 | 2003-03-04 | Centrax Corporation | Adaptive feedback security system and method |
JP2000165373A (en) | 1998-11-25 | 2000-06-16 | Toshiba Corp | Enciphering device, cryptographic communication system, key restoration system and storage medium |
US6473508B1 (en) | 1998-12-22 | 2002-10-29 | Adam Lucas Young | Auto-recoverable auto-certifiable cryptosystems with unescrowed signature-only keys |
WO2000041103A1 (en) * | 1998-12-31 | 2000-07-13 | Perfecto Technologies Ltd. | Method and system for discriminating a human action from a computerized action |
US6396929B1 (en) | 1998-12-31 | 2002-05-28 | International Business Machines Corporation | Apparatus, method, and computer program product for high-availability multi-agent cryptographic key recovery |
US7171000B1 (en) | 1999-06-10 | 2007-01-30 | Message Secure Corp. | Simplified addressing for private communications |
US7966078B2 (en) | 1999-02-01 | 2011-06-21 | Steven Hoffberg | Network media appliance system and method |
US6973444B1 (en) * | 1999-03-27 | 2005-12-06 | Microsoft Corporation | Method for interdependently validating a digital content package and a corresponding digital license |
US7136838B1 (en) * | 1999-03-27 | 2006-11-14 | Microsoft Corporation | Digital license and method for obtaining/providing a digital license |
US6625734B1 (en) * | 1999-04-26 | 2003-09-23 | Disappearing, Inc. | Controlling and tracking access to disseminated information |
US7499551B1 (en) | 1999-05-14 | 2009-03-03 | Dell Products L.P. | Public key infrastructure utilizing master key encryption |
DE19925910B4 (en) * | 1999-06-07 | 2005-04-28 | Siemens Ag | Method for processing or processing data |
US6988199B2 (en) | 2000-07-07 | 2006-01-17 | Message Secure | Secure and reliable document delivery |
US20020101998A1 (en) * | 1999-06-10 | 2002-08-01 | Chee-Hong Wong | Fast escrow delivery |
US20020019932A1 (en) * | 1999-06-10 | 2002-02-14 | Eng-Whatt Toh | Cryptographically secure network |
US7287166B1 (en) | 1999-09-03 | 2007-10-23 | Purdue Research Foundation | Guards for application in software tamperproofing |
US7757097B2 (en) * | 1999-09-03 | 2010-07-13 | Purdue Research Foundation | Method and system for tamperproofing software |
US7461022B1 (en) | 1999-10-20 | 2008-12-02 | Yahoo! Inc. | Auction redemption system and method |
US7039713B1 (en) * | 1999-11-09 | 2006-05-02 | Microsoft Corporation | System and method of user authentication for network communication through a policy agent |
EP1237323A4 (en) * | 1999-12-07 | 2005-09-07 | Sanyo Electric Co | Device for reproducing data |
US6757824B1 (en) * | 1999-12-10 | 2004-06-29 | Microsoft Corporation | Client-side boot domains and boot rules |
US6938013B1 (en) | 2000-01-05 | 2005-08-30 | Uniteller Financial Services, Inc. | Money-transfer techniques |
FR2804561B1 (en) * | 2000-01-31 | 2002-03-01 | France Telecom | COMMUNICATION METHOD WITH SEQUESTRE AND ENCRYPTION KEY RECOVERY |
US6978385B1 (en) | 2000-03-01 | 2005-12-20 | International Business Machines Corporation | Data processing system and method for remote recovery of a primary password |
US7412604B1 (en) | 2000-03-28 | 2008-08-12 | International Business Machines Corporation | Using biometrics on pervasive devices for mobile identification |
US6823070B1 (en) * | 2000-03-28 | 2004-11-23 | Freescale Semiconductor, Inc. | Method for key escrow in a communication system and apparatus therefor |
DE10025626A1 (en) * | 2000-05-24 | 2001-11-29 | Deutsche Telekom Ag | Encrypt data to be stored in an IV system |
US20040073617A1 (en) | 2000-06-19 | 2004-04-15 | Milliken Walter Clark | Hash-based systems and methods for detecting and preventing transmission of unwanted e-mail |
US20020057284A1 (en) | 2000-06-29 | 2002-05-16 | Dalby Richard Sean | Methods and systems for delivering announcements to users of an information system |
US20020029269A1 (en) | 2000-06-29 | 2002-03-07 | Campus Pipeline, Inc. | Methods and systems for coordinating the termination of sessions on one or more systems |
US7093020B1 (en) | 2000-06-29 | 2006-08-15 | Sungard Sct Inc. | Methods and systems for coordinating sessions on one or more systems |
US7587368B2 (en) * | 2000-07-06 | 2009-09-08 | David Paul Felsher | Information record infrastructure, system and method |
US7251728B2 (en) | 2000-07-07 | 2007-07-31 | Message Secure Corporation | Secure and reliable document delivery using routing lists |
WO2002015081A1 (en) * | 2000-08-14 | 2002-02-21 | Yahoo! Inc. | Offline-online incentive points system and method |
US8307098B1 (en) * | 2000-08-29 | 2012-11-06 | Lenovo (Singapore) Pte. Ltd. | System, method, and program for managing a user key used to sign a message for a data processing system |
US20020048372A1 (en) * | 2000-10-19 | 2002-04-25 | Eng-Whatt Toh | Universal signature object for digital data |
US7181017B1 (en) | 2001-03-23 | 2007-02-20 | David Felsher | System and method for secure three-party communications |
US7359518B2 (en) * | 2001-04-05 | 2008-04-15 | Intel Corporation | Distribution of secured information |
US6944300B2 (en) * | 2001-06-22 | 2005-09-13 | International Business Machines Corporaton | Method for migrating a base chip key from one computer system to another |
US7930756B1 (en) | 2001-12-12 | 2011-04-19 | Crocker Steven Toye | Multi-level cryptographic transformations for securing digital assets |
US7478418B2 (en) | 2001-12-12 | 2009-01-13 | Guardian Data Storage, Llc | Guaranteed delivery of changes to security policies in a distributed system |
US8006280B1 (en) * | 2001-12-12 | 2011-08-23 | Hildebrand Hal S | Security system for generating keys from access rules in a decentralized manner and methods therefor |
USRE41546E1 (en) | 2001-12-12 | 2010-08-17 | Klimenty Vainstein | Method and system for managing security tiers |
US7565683B1 (en) | 2001-12-12 | 2009-07-21 | Weiqing Huang | Method and system for implementing changes to security policies in a distributed security system |
US7562232B2 (en) | 2001-12-12 | 2009-07-14 | Patrick Zuili | System and method for providing manageability to security information for secured items |
US7260555B2 (en) | 2001-12-12 | 2007-08-21 | Guardian Data Storage, Llc | Method and architecture for providing pervasive security to digital assets |
US7681034B1 (en) | 2001-12-12 | 2010-03-16 | Chang-Ping Lee | Method and apparatus for securing electronic data |
US10033700B2 (en) | 2001-12-12 | 2018-07-24 | Intellectual Ventures I Llc | Dynamic evaluation of access rights |
US7921288B1 (en) | 2001-12-12 | 2011-04-05 | Hildebrand Hal S | System and method for providing different levels of key security for controlling access to secured items |
US8065713B1 (en) | 2001-12-12 | 2011-11-22 | Klimenty Vainstein | System and method for providing multi-location access management to secured items |
US7631184B2 (en) | 2002-05-14 | 2009-12-08 | Nicholas Ryan | System and method for imposing security on copies of secured items |
US7921284B1 (en) | 2001-12-12 | 2011-04-05 | Gary Mark Kinghorn | Method and system for protecting electronic data in enterprise environment |
US7783765B2 (en) | 2001-12-12 | 2010-08-24 | Hildebrand Hal S | System and method for providing distributed access control to secured documents |
US7380120B1 (en) | 2001-12-12 | 2008-05-27 | Guardian Data Storage, Llc | Secured data format for access control |
US10360545B2 (en) | 2001-12-12 | 2019-07-23 | Guardian Data Storage, Llc | Method and apparatus for accessing secured electronic data off-line |
US7178033B1 (en) * | 2001-12-12 | 2007-02-13 | Pss Systems, Inc. | Method and apparatus for securing digital assets |
US7921450B1 (en) | 2001-12-12 | 2011-04-05 | Klimenty Vainstein | Security system using indirect key generation from access rules and methods therefor |
US7950066B1 (en) | 2001-12-21 | 2011-05-24 | Guardian Data Storage, Llc | Method and system for restricting use of a clipboard application |
US20030149884A1 (en) * | 2002-02-01 | 2003-08-07 | Randolph Hernandez | Electronic information content control |
US7146009B2 (en) * | 2002-02-05 | 2006-12-05 | Surety, Llc | Secure electronic messaging system requiring key retrieval for deriving decryption keys |
US8176334B2 (en) | 2002-09-30 | 2012-05-08 | Guardian Data Storage, Llc | Document security system that permits external users to gain access to secured files |
ES2411693T3 (en) * | 2002-03-15 | 2013-07-08 | Alcatel Lucent | Procedure for listening to communication connections |
US7890771B2 (en) | 2002-04-17 | 2011-02-15 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
CA2425010C (en) * | 2002-04-17 | 2013-11-19 | Microsoft Corporation | Saving and retrieving data based on public key encryption |
US7487365B2 (en) * | 2002-04-17 | 2009-02-03 | Microsoft Corporation | Saving and retrieving data based on symmetric key encryption |
US7748045B2 (en) * | 2004-03-30 | 2010-06-29 | Michael Frederick Kenrich | Method and system for providing cryptographic document retention with off-line access |
US8613102B2 (en) | 2004-03-30 | 2013-12-17 | Intellectual Ventures I Llc | Method and system for providing document retention using cryptography |
GB0210325D0 (en) * | 2002-05-04 | 2002-06-12 | Gaffney Philip M | Secure data delivery |
US7941662B2 (en) * | 2002-05-31 | 2011-05-10 | Broadcom Corporation | Data transfer efficiency in a cryptography accelerator system |
US8393001B1 (en) | 2002-07-26 | 2013-03-05 | Mcafee, Inc. | Secure signature server system and associated method |
US7512810B1 (en) | 2002-09-11 | 2009-03-31 | Guardian Data Storage Llc | Method and system for protecting encrypted files transmitted over a network |
US7836310B1 (en) | 2002-11-01 | 2010-11-16 | Yevgeniy Gutnik | Security system that uses indirect password-based encryption |
US7207067B2 (en) * | 2002-11-12 | 2007-04-17 | Aol Llc | Enforcing data protection legislation in Web data services |
US7577838B1 (en) | 2002-12-20 | 2009-08-18 | Alain Rossmann | Hybrid systems for securing digital assets |
US7890990B1 (en) | 2002-12-20 | 2011-02-15 | Klimenty Vainstein | Security system with staging capabilities |
US9818136B1 (en) | 2003-02-05 | 2017-11-14 | Steven M. Hoffberg | System and method for determining contingent relevance |
US7370212B2 (en) | 2003-02-25 | 2008-05-06 | Microsoft Corporation | Issuing a publisher use license off-line in a digital rights management (DRM) system |
US8510571B1 (en) | 2003-03-24 | 2013-08-13 | Hoi Chang | System and method for inserting security mechanisms into a software program |
US20040230817A1 (en) * | 2003-05-14 | 2004-11-18 | Kenneth Ma | Method and system for disaster recovery of data from a storage device |
US7152693B2 (en) * | 2003-05-30 | 2006-12-26 | International Business Machines Corporation | Password security utility |
US8707034B1 (en) | 2003-05-30 | 2014-04-22 | Intellectual Ventures I Llc | Method and system for using remote headers to secure electronic files |
US7730543B1 (en) | 2003-06-30 | 2010-06-01 | Satyajit Nath | Method and system for enabling users of a group shared across multiple file security systems to access secured files |
US9118711B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US8984644B2 (en) | 2003-07-01 | 2015-03-17 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US20070113272A2 (en) | 2003-07-01 | 2007-05-17 | Securityprofiling, Inc. | Real-time vulnerability monitoring |
US9118708B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Multi-path remediation |
US9350752B2 (en) | 2003-07-01 | 2016-05-24 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US9118709B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | Anti-vulnerability system, method, and computer program product |
US9118710B2 (en) | 2003-07-01 | 2015-08-25 | Securityprofiling, Llc | System, method, and computer program product for reporting an occurrence in different manners |
US9100431B2 (en) | 2003-07-01 | 2015-08-04 | Securityprofiling, Llc | Computer program product and apparatus for multi-path remediation |
US7555558B1 (en) | 2003-08-15 | 2009-06-30 | Michael Frederick Kenrich | Method and system for fault-tolerant transfer of files across a network |
US8127366B2 (en) | 2003-09-30 | 2012-02-28 | Guardian Data Storage, Llc | Method and apparatus for transitioning between states of security policies used to secure electronic documents |
US7703140B2 (en) | 2003-09-30 | 2010-04-20 | Guardian Data Storage, Llc | Method and system for securing digital assets using process-driven security policies |
US7290278B2 (en) | 2003-10-02 | 2007-10-30 | Aol Llc, A Delaware Limited Liability Company | Identity based service system |
US8396216B2 (en) | 2003-11-21 | 2013-03-12 | Howard G. Pinder | Partial dual-encryption using program map tables |
US7702909B2 (en) * | 2003-12-22 | 2010-04-20 | Klimenty Vainstein | Method and system for validating timestamps |
US8312262B2 (en) * | 2004-04-30 | 2012-11-13 | Qualcomm Incorporated | Management of signing privileges for a cryptographic signing service |
US7707427B1 (en) | 2004-07-19 | 2010-04-27 | Michael Frederick Kenrich | Multi-level file digests |
US7711835B2 (en) | 2004-09-30 | 2010-05-04 | Citrix Systems, Inc. | Method and apparatus for reducing disclosure of proprietary data in a networked environment |
US8171479B2 (en) | 2004-09-30 | 2012-05-01 | Citrix Systems, Inc. | Method and apparatus for providing an aggregate view of enumerated system resources from various isolation layers |
US8613048B2 (en) | 2004-09-30 | 2013-12-17 | Citrix Systems, Inc. | Method and apparatus for providing authorized remote access to application sessions |
US8095940B2 (en) | 2005-09-19 | 2012-01-10 | Citrix Systems, Inc. | Method and system for locating and accessing resources |
US7748032B2 (en) | 2004-09-30 | 2010-06-29 | Citrix Systems, Inc. | Method and apparatus for associating tickets in a ticket hierarchy |
US20060069662A1 (en) * | 2004-09-30 | 2006-03-30 | Citrix Systems, Inc. | Method and apparatus for remapping accesses to virtual system resources |
US7680758B2 (en) * | 2004-09-30 | 2010-03-16 | Citrix Systems, Inc. | Method and apparatus for isolating execution of software applications |
US8347078B2 (en) | 2004-10-18 | 2013-01-01 | Microsoft Corporation | Device certificate individualization |
US8336085B2 (en) | 2004-11-15 | 2012-12-18 | Microsoft Corporation | Tuning product policy using observed evidence of customer behavior |
US8024568B2 (en) | 2005-01-28 | 2011-09-20 | Citrix Systems, Inc. | Method and system for verification of an endpoint security scan |
DE102005004612A1 (en) * | 2005-02-01 | 2006-08-10 | Siemens Ag | Method for connecting to encrypted communication links in a packet-oriented network |
US8438645B2 (en) | 2005-04-27 | 2013-05-07 | Microsoft Corporation | Secure clock with grace periods |
US8725646B2 (en) | 2005-04-15 | 2014-05-13 | Microsoft Corporation | Output protection levels |
US9436804B2 (en) | 2005-04-22 | 2016-09-06 | Microsoft Technology Licensing, Llc | Establishing a unique session key using a hardware functionality scan |
US9363481B2 (en) | 2005-04-22 | 2016-06-07 | Microsoft Technology Licensing, Llc | Protected media pipeline |
US20060265758A1 (en) | 2005-05-20 | 2006-11-23 | Microsoft Corporation | Extensible media rights |
US20060288225A1 (en) * | 2005-06-03 | 2006-12-21 | Jung Edward K | User-centric question and answer for authentication and security |
US8874477B2 (en) | 2005-10-04 | 2014-10-28 | Steven Mark Hoffberg | Multifactorial optimization system and method |
US8131825B2 (en) | 2005-10-07 | 2012-03-06 | Citrix Systems, Inc. | Method and a system for responding locally to requests for file metadata associated with files stored remotely |
US20070083610A1 (en) * | 2005-10-07 | 2007-04-12 | Treder Terry N | Method and a system for accessing a plurality of files comprising an application program |
US7779034B2 (en) | 2005-10-07 | 2010-08-17 | Citrix Systems, Inc. | Method and system for accessing a remote file in a directory structure associated with an application program executing locally |
KR100750153B1 (en) * | 2006-01-03 | 2007-08-21 | 삼성전자주식회사 | Method and apparatus for providing session key for WUSB security, method and apparatus for obtaining the session key |
US7499552B2 (en) | 2006-01-11 | 2009-03-03 | International Business Machines Corporation | Cipher method and system for verifying a decryption of an encrypted user data key |
US20070174429A1 (en) | 2006-01-24 | 2007-07-26 | Citrix Systems, Inc. | Methods and servers for establishing a connection between a client system and a virtual machine hosting a requested computing environment |
US7685630B2 (en) * | 2006-05-04 | 2010-03-23 | Citrix Online, Llc | Methods and systems for providing scalable authentication |
US9704174B1 (en) | 2006-05-25 | 2017-07-11 | Sean I. Mcghie | Conversion of loyalty program points to commerce partner points per terms of a mutual agreement |
US10062062B1 (en) | 2006-05-25 | 2018-08-28 | Jbshbm, Llc | Automated teller machine (ATM) providing money for loyalty points |
US8668146B1 (en) | 2006-05-25 | 2014-03-11 | Sean I. Mcghie | Rewards program with payment artifact permitting conversion/transfer of non-negotiable credits to entity independent funds |
US7703673B2 (en) | 2006-05-25 | 2010-04-27 | Buchheit Brian K | Web based conversion of non-negotiable credits associated with an entity to entity independent negotiable funds |
US8684265B1 (en) | 2006-05-25 | 2014-04-01 | Sean I. Mcghie | Rewards program website permitting conversion/transfer of non-negotiable credits to entity independent funds |
US20080022120A1 (en) * | 2006-06-05 | 2008-01-24 | Michael Factor | System, Method and Computer Program Product for Secure Access Control to a Storage Device |
US20070297001A1 (en) * | 2006-06-22 | 2007-12-27 | Brian Podl | Multi-function peripheral remote alert notification system and method |
FR2905216B1 (en) * | 2006-08-25 | 2009-03-06 | Thales Sa | METHOD FOR CUSTOMIZING A SECURITY COMPONENT, IN PARTICULAR IN AN UN-PROTECTED ENVIRONMENT |
US8245050B1 (en) | 2006-09-29 | 2012-08-14 | Netapp, Inc. | System and method for initial key establishment using a split knowledge protocol |
US8533846B2 (en) | 2006-11-08 | 2013-09-10 | Citrix Systems, Inc. | Method and system for dynamically associating access rights with a resource |
GB2446199A (en) | 2006-12-01 | 2008-08-06 | David Irvine | Secure, decentralised and anonymous peer-to-peer network |
US8015039B2 (en) * | 2006-12-14 | 2011-09-06 | Sap Ag | Enterprise verification and certification framework |
US8611542B1 (en) | 2007-04-26 | 2013-12-17 | Netapp, Inc. | Peer to peer key synchronization |
US8824686B1 (en) | 2007-04-27 | 2014-09-02 | Netapp, Inc. | Cluster key synchronization |
US8196182B2 (en) | 2007-08-24 | 2012-06-05 | Netapp, Inc. | Distributed management of crypto module white lists |
US20090064134A1 (en) * | 2007-08-30 | 2009-03-05 | Citrix Systems,Inc. | Systems and methods for creating and executing files |
US9774445B1 (en) | 2007-09-04 | 2017-09-26 | Netapp, Inc. | Host based rekeying |
US8171483B2 (en) | 2007-10-20 | 2012-05-01 | Citrix Systems, Inc. | Method and system for communicating between isolation environments |
US20090182668A1 (en) * | 2008-01-11 | 2009-07-16 | Nortel Networks Limited | Method and apparatus to enable lawful intercept of encrypted traffic |
AU2009206251B2 (en) | 2008-01-27 | 2014-03-27 | Citrix Systems, Inc. | Methods and systems for remoting three dimensional graphics |
CN101981162B (en) * | 2008-03-28 | 2014-07-02 | 埃克森美孚上游研究公司 | Low emission power generation and hydrocarbon recovery systems and methods |
US8189794B2 (en) * | 2008-05-05 | 2012-05-29 | Sony Corporation | System and method for effectively performing data restore/migration procedures |
WO2010006450A1 (en) * | 2008-07-18 | 2010-01-21 | Absolute Software Corporation | Privacy management for tracked devices |
WO2010040413A1 (en) * | 2008-10-10 | 2010-04-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Lawful authorities warrant management |
US8090797B2 (en) | 2009-05-02 | 2012-01-03 | Citrix Systems, Inc. | Methods and systems for launching applications into existing isolation environments |
EP2455863A4 (en) * | 2009-07-16 | 2013-03-27 | Hitachi Ltd | Management system for outputting information describing recovery method corresponding to root cause of failure |
US8913992B2 (en) * | 2010-11-03 | 2014-12-16 | Stephan V. Schell | Methods and apparatus for access data recovery from a malfunctioning device |
US9135460B2 (en) * | 2011-12-22 | 2015-09-15 | Microsoft Technology Licensing, Llc | Techniques to store secret information for global data centers |
US9094489B1 (en) * | 2012-05-29 | 2015-07-28 | West Corporation | Controlling a crowd of multiple mobile station devices |
US8745415B2 (en) * | 2012-09-26 | 2014-06-03 | Pure Storage, Inc. | Multi-drive cooperation to generate an encryption key |
US10623386B1 (en) * | 2012-09-26 | 2020-04-14 | Pure Storage, Inc. | Secret sharing data protection in a storage system |
US11032259B1 (en) * | 2012-09-26 | 2021-06-08 | Pure Storage, Inc. | Data protection in a storage system |
CN103248476B (en) * | 2013-05-02 | 2016-10-26 | 华为数字技术(苏州)有限公司 | The management method of data encryption key, system and terminal |
US9094377B2 (en) * | 2013-08-16 | 2015-07-28 | Netflix, Inc. | Key generation and broadcasting |
US11128448B1 (en) | 2013-11-06 | 2021-09-21 | Pure Storage, Inc. | Quorum-aware secret sharing |
US10263770B2 (en) | 2013-11-06 | 2019-04-16 | Pure Storage, Inc. | Data protection in a storage system using external secrets |
US9516016B2 (en) | 2013-11-11 | 2016-12-06 | Pure Storage, Inc. | Storage array password management |
US10275396B1 (en) * | 2014-09-23 | 2019-04-30 | Symantec Corporation | Techniques for data classification based on sensitive data |
US10694352B2 (en) | 2015-10-28 | 2020-06-23 | Activision Publishing, Inc. | System and method of using physical objects to control software access |
CN106453966B (en) * | 2016-12-05 | 2020-01-17 | 北京奇虎科技有限公司 | Interaction prompting method and device between mobile communication devices |
US10693639B2 (en) * | 2017-02-28 | 2020-06-23 | Blackberry Limited | Recovering a key in a secure manner |
JP7321481B2 (en) * | 2017-07-03 | 2023-08-07 | 株式会社 エヌティーアイ | First communication device, second communication device, method, computer program |
US10546276B2 (en) | 2017-09-13 | 2020-01-28 | Microsoft Technology Licensing, Llc | Cyber ownership transfer |
US11374760B2 (en) | 2017-09-13 | 2022-06-28 | Microsoft Technology Licensing, Llc | Cyber physical key |
CN108242999B (en) * | 2017-10-26 | 2021-04-16 | 招商银行股份有限公司 | Key escrow method, device and computer-readable storage medium |
EP4035035A4 (en) * | 2019-09-25 | 2023-10-04 | Commonwealth Scientific and Industrial Research Organisation | Cryptographic services for browser applications |
US11606206B2 (en) * | 2020-01-09 | 2023-03-14 | Western Digital Technologies, Inc. | Recovery key for unlocking a data storage device |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0493232A1 (en) * | 1990-12-27 | 1992-07-01 | Aeg Schneider Automation | Workstation and procedure for password controlled use of workstation |
WO1993021708A1 (en) * | 1992-04-20 | 1993-10-28 | Silvio Micali | Verifying secret keys in a public-key cryptosystem |
Family Cites Families (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4200770A (en) * | 1977-09-06 | 1980-04-29 | Stanford University | Cryptographic apparatus and method |
US4405829A (en) * | 1977-12-14 | 1983-09-20 | Massachusetts Institute Of Technology | Cryptographic communications system and method |
US4386233A (en) * | 1980-09-29 | 1983-05-31 | Smid Miles E | Crytographic key notarization methods and apparatus |
NL8301458A (en) * | 1983-04-26 | 1984-11-16 | Philips Nv | METHOD FOR DISTRIBUTING AND USING ENCRYPTION KEYS. |
US4590470A (en) * | 1983-07-11 | 1986-05-20 | At&T Bell Laboratories | User authentication system employing encryption functions |
US4947430A (en) * | 1987-11-23 | 1990-08-07 | David Chaum | Undeniable signature systems |
US4926480A (en) * | 1983-08-22 | 1990-05-15 | David Chaum | Card-computer moderated systems |
FR2618002B1 (en) * | 1987-07-10 | 1991-07-05 | Schlumberger Ind Sa | METHOD AND SYSTEM FOR AUTHENTICATING ELECTRONIC MEMORY CARDS |
US5005200A (en) * | 1988-02-12 | 1991-04-02 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US4868877A (en) * | 1988-02-12 | 1989-09-19 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5214702A (en) * | 1988-02-12 | 1993-05-25 | Fischer Addison M | Public key/signature cryptosystem with enhanced digital signature certification |
US5313637A (en) * | 1988-11-29 | 1994-05-17 | Rose David K | Method and apparatus for validating authorization to access information in an information processing system |
US5191611A (en) * | 1989-04-03 | 1993-03-02 | Lang Gerald S | Method and apparatus for protecting material on storage media and for transferring material on storage media to various recipients |
US4996711A (en) * | 1989-06-21 | 1991-02-26 | Chaum David L | Selected-exponent signature systems |
GB8927623D0 (en) * | 1989-12-06 | 1990-02-07 | Bicc Plc | Repeaters for secure local area networks |
SG46177A1 (en) * | 1989-12-13 | 1998-02-20 | Ibm | Computer system security device |
US5163091A (en) * | 1990-01-29 | 1992-11-10 | Graziano James M | Knowledge based system for document authentication (apparatus) |
ATE159603T1 (en) * | 1990-01-29 | 1997-11-15 | Security Techn Corp | OPTIONALLY MODERATED TRANSACTION SYSTEMS |
US5263157A (en) * | 1990-02-15 | 1993-11-16 | International Business Machines Corporation | Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles |
JP3080382B2 (en) * | 1990-02-21 | 2000-08-28 | 株式会社日立製作所 | Cryptographic communication system |
US5226080A (en) * | 1990-06-22 | 1993-07-06 | Grid Systems Corporation | Method and apparatus for password protection of a computer |
US5224163A (en) * | 1990-09-28 | 1993-06-29 | Digital Equipment Corporation | Method for delegating authorization from one entity to another through the use of session encryption keys |
JPH06102822A (en) * | 1991-09-26 | 1994-04-15 | Rooreru Intelligent Syst:Kk | File security system |
US5200999A (en) * | 1991-09-27 | 1993-04-06 | International Business Machines Corporation | Public key cryptosystem key management based on control vectors |
US5265164A (en) * | 1991-10-31 | 1993-11-23 | International Business Machines Corporation | Cryptographic facility environment backup/restore and replication in a public key cryptosystem |
US5276901A (en) * | 1991-12-16 | 1994-01-04 | International Business Machines Corporation | System for controlling group access to objects using group access control folder and group identification as individual user |
US5210795A (en) * | 1992-01-10 | 1993-05-11 | Digital Equipment Corporation | Secure user authentication from personal computer |
GB9205774D0 (en) * | 1992-03-17 | 1992-04-29 | Int Computers Ltd | Computer security system |
US5280527A (en) * | 1992-04-14 | 1994-01-18 | Kamahira Safe Co., Inc. | Biometric token for authorizing access to a host system |
US5313521A (en) * | 1992-04-15 | 1994-05-17 | Fujitsu Limited | Key distribution protocol for file transfer in the local area network |
US5276737B1 (en) * | 1992-04-20 | 1995-09-12 | Silvio Micali | Fair cryptosystems and methods of use |
US5315658B1 (en) * | 1992-04-20 | 1995-09-12 | Silvio Micali | Fair cryptosystems and methods of use |
US5341426A (en) * | 1992-12-15 | 1994-08-23 | Motorola, Inc. | Cryptographic key management apparatus and method |
US5351293A (en) * | 1993-02-01 | 1994-09-27 | Wave Systems Corp. | System method and apparatus for authenticating an encrypted signal |
US5299263A (en) * | 1993-03-04 | 1994-03-29 | Bell Communications Research, Inc. | Two-way public key authentication and key agreement for low-cost terminals |
US5436972A (en) * | 1993-10-04 | 1995-07-25 | Fischer; Addison M. | Method for preventing inadvertent betrayal by a trustee of escrowed digital secrets |
US5371794A (en) * | 1993-11-02 | 1994-12-06 | Sun Microsystems, Inc. | Method and apparatus for privacy and authentication in wireless networks |
US5481613A (en) * | 1994-04-15 | 1996-01-02 | Northern Telecom Limited | Computer network cryptographic key distribution system |
US5557346A (en) * | 1994-08-11 | 1996-09-17 | Trusted Information Systems, Inc. | System and method for key escrow encryption |
US5557765A (en) * | 1994-08-11 | 1996-09-17 | Trusted Information Systems, Inc. | System and method for data recovery |
US5564106A (en) * | 1995-03-09 | 1996-10-08 | Motorola, Inc. | Method for providing blind access to an encryption key |
-
1995
- 1995-02-21 US US08/390,959 patent/US5557765A/en not_active Expired - Lifetime
- 1995-08-11 CA CA002197206A patent/CA2197206A1/en not_active Abandoned
- 1995-08-11 CN CN95195035.5A patent/CN1158195A/en active Pending
- 1995-08-11 WO PCT/US1995/010221 patent/WO1996005673A1/en not_active Application Discontinuation
- 1995-08-11 JP JP8507517A patent/JPH10508438A/en active Pending
- 1995-08-11 EP EP95929479A patent/EP0775401A1/en not_active Withdrawn
- 1995-08-11 AU AU33217/95A patent/AU3321795A/en not_active Abandoned
- 1995-08-11 MX MX9700980A patent/MX9700980A/en unknown
- 1995-08-11 BR BR9508548A patent/BR9508548A/en not_active Application Discontinuation
-
1997
- 1997-01-10 US US08/781,626 patent/US5745573A/en not_active Expired - Lifetime
-
1998
- 1998-04-20 US US09/062,748 patent/US5991406A/en not_active Expired - Lifetime
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0493232A1 (en) * | 1990-12-27 | 1992-07-01 | Aeg Schneider Automation | Workstation and procedure for password controlled use of workstation |
WO1993021708A1 (en) * | 1992-04-20 | 1993-10-28 | Silvio Micali | Verifying secret keys in a public-key cryptosystem |
Non-Patent Citations (2)
Title |
---|
E.F.BRICKELL ET AL.: "SKIPJACK REVIEW. INTERIM REPORT THE SKIPJACK ALGORITHM", GEORGETOWN UNIVERSITY, OFFICE OF PUBLIC AFFAIRS, 28 July 1993 (1993-07-28), WASHINGTON DC * |
L.HARN & H.-Y.LIN: "INTEGRATION OF USER AUTHENTICATION AND ACCESS CONTROL", IEE PROCEEDINGS E COMPUTERS & DIGITAL TECHNIQUES., vol. 139, no. 2, STEVENAGE GB, pages 139 - 143, XP000288126 * |
Cited By (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5796830A (en) * | 1996-07-29 | 1998-08-18 | International Business Machines Corporation | Interoperable cryptographic key recovery system |
WO1998005143A1 (en) * | 1996-07-29 | 1998-02-05 | International Business Machines Corporation | Cryptographic key recovery system |
FR2763192A1 (en) * | 1996-10-18 | 1998-11-13 | Bull Sa | Data transmission using encoded data, with encoding key recovery system |
US6483920B2 (en) | 1996-12-04 | 2002-11-19 | Bull, S.A. | Key recovery process used for strong encryption of messages |
WO1998047260A2 (en) * | 1997-04-11 | 1998-10-22 | Network Associates, Inc. | Publicly verifiable key recovery |
WO1998047260A3 (en) * | 1997-04-11 | 1999-03-18 | Trusted Information Systems In | Publicly verifiable key recovery |
CN1130627C (en) * | 1997-04-30 | 2003-12-10 | 索尼公司 | Information processing apparatus and method and recording medium |
EP0891055A2 (en) * | 1997-07-07 | 1999-01-13 | Fujitsu Limited | Key recovery system |
EP0891055A3 (en) * | 1997-07-07 | 2001-09-05 | Fujitsu Limited | Key recovery system |
US7162452B1 (en) | 1999-03-25 | 2007-01-09 | Epstein Michael A | Key distribution via a memory device |
EP1043862A3 (en) * | 1999-04-08 | 2002-07-31 | Lucent Technologies Inc. | Generation of repeatable cryptographic key based on varying parameters |
EP1043862A2 (en) * | 1999-04-08 | 2000-10-11 | Lucent Technologies Inc. | Generation of repeatable cryptographic key based on varying parameters |
US6901145B1 (en) | 1999-04-08 | 2005-05-31 | Lucent Technologies Inc. | Generation of repeatable cryptographic key based on varying parameters |
WO2001013293A1 (en) * | 1999-08-12 | 2001-02-22 | Matsushita Electric Industrial Co., Ltd. | Electronic information backup system |
US7080259B1 (en) | 1999-08-12 | 2006-07-18 | Matsushita Electric Industrial Co., Ltd. | Electronic information backup system |
GB2386710A (en) * | 2002-03-18 | 2003-09-24 | Hewlett Packard Co | Controlling access to data or documents |
FR2857184A1 (en) * | 2003-07-04 | 2005-01-07 | Thomson Licensing Sa | METHOD OF ENCRYPTING / DECEIVING A MESSAGE AND ASSOCIATED DEVICE |
WO2005006645A1 (en) * | 2003-07-04 | 2005-01-20 | Thomson Licensing | Method for encoding/decoding a message and associated device |
US7873168B2 (en) | 2006-10-18 | 2011-01-18 | Kabushiki Kaisha Toshiba | Secret information management apparatus and secret information management system |
Also Published As
Publication number | Publication date |
---|---|
CN1158195A (en) | 1997-08-27 |
MX9700980A (en) | 1998-05-31 |
BR9508548A (en) | 1998-11-03 |
US5745573A (en) | 1998-04-28 |
EP0775401A1 (en) | 1997-05-28 |
JPH10508438A (en) | 1998-08-18 |
US5991406A (en) | 1999-11-23 |
CA2197206A1 (en) | 1996-02-22 |
AU3321795A (en) | 1996-03-07 |
US5557765A (en) | 1996-09-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5557765A (en) | System and method for data recovery | |
US5956403A (en) | System and method for access field verification | |
US6272632B1 (en) | System and method for controlling access to a user secret using a key recovery field | |
AU746966B2 (en) | Method and apparatus for cryptographically camouflaged cryptographic key storage certification and use | |
US6938157B2 (en) | Distributed information system and protocol for affixing electronic signatures and authenticating documents | |
JP3656688B2 (en) | Cryptographic data recovery method and key registration system | |
US8559639B2 (en) | Method and apparatus for secure cryptographic key generation, certification and use | |
US6044155A (en) | Method and system for securely archiving core data secrets | |
US20120260098A1 (en) | Storage and Authentication of Data Transactions | |
US20080310619A1 (en) | Process of Encryption and Operational Control of Tagged Data Elements | |
OA10456A (en) | Cryptographic system and method with key escrow feature | |
KR19990044692A (en) | Document authentication system and method | |
WO2002023798A1 (en) | System for protecting objects distributed over a network | |
Johnson et al. | A secure distributed capability based system | |
Balenson et al. | A new approach to software key escrow encryption | |
Said et al. | A multi-factor authentication-based framework for identity management in cloud applications | |
CN110445756B (en) | Method for realizing searchable encryption audit logs in cloud storage | |
KR20030097550A (en) | Authorization Key Escrow Service System and Method | |
Piper | An Introduction to Cryptography | |
KR20080014795A (en) | Process of encryption and operational control of tagged data elements | |
Rantos | Key recovery in a business environment | |
Roe | Cambridge University Computer Laboratory Computer Security Group Version 1.0 November 1992 | |
Roe | Cambridge University Computer Laboratory Computer Security Group Version 1.1 July 1993 | |
Fadairo | Mutual authentication protocols using Smart card: A new approach for authentication protocols. Tackling the masquerader's problem |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 95195035.5 Country of ref document: CN |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AM AT AU BB BG BR BY CA CH CN CZ DE DK EE ES FI GB GE HU IS JP KE KG KP KR KZ LK LR LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK TJ TM TT UA UZ VN |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): KE MW SD SZ UG AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: PA/a/1997/000980 Country of ref document: MX |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2197206 Country of ref document: CA |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1019970700880 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1995929479 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1995929479 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWP | Wipo information: published in national office |
Ref document number: 1019970700880 Country of ref document: KR |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1995929479 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1019970700880 Country of ref document: KR |