GB2579884A - Methods and systems of securely transferring data - Google Patents

Methods and systems of securely transferring data Download PDF

Info

Publication number
GB2579884A
GB2579884A GB1914463.3A GB201914463A GB2579884A GB 2579884 A GB2579884 A GB 2579884A GB 201914463 A GB201914463 A GB 201914463A GB 2579884 A GB2579884 A GB 2579884A
Authority
GB
United Kingdom
Prior art keywords
slave
master
dangle
dongle
keying material
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB1914463.3A
Other versions
GB201914463D0 (en
GB2579884B (en
Inventor
Michael John
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Istorage Ltd
Original Assignee
Istorage Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Istorage Ltd filed Critical Istorage Ltd
Priority to GB1914463.3A priority Critical patent/GB2579884B/en
Priority claimed from GB1714256.3A external-priority patent/GB2566107B/en
Publication of GB201914463D0 publication Critical patent/GB201914463D0/en
Publication of GB2579884A publication Critical patent/GB2579884A/en
Application granted granted Critical
Publication of GB2579884B publication Critical patent/GB2579884B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB

Abstract

Securely transferring the same master keying material between a master dongle 10 and multiple slave dongles 12a-n by connecting each dongle to a data transfer system 30. The slave communications dongle 12 contains a public key and a private key and master dongle 10 contains master keying material. The slave dongle 12 public key is transferred to the master dongle. The master dongle 10 encrypts master keying material (which may be symmetric encryption key generated by FIPS-approved random number generator) with the received public key. The resultant encrypted master key is sent via data transfer system 30 to slave dongle 12 which decrypts the encrypted master key with the private key and stores the decrypted key to decrypt data encrypted by another dongle. Each may require user authentication to unlock before data transfer. The private key and unencrypted master keying material are preferably not transferred to or read by the data transfer system. The slave dongle public key may be scrambled before transmission and unscrambled at the master dongle using a predetermined scrambling algorithm. The data transfer system may be a dedicated device like a USB hub.

Description

METHOD AND S T SECURELY IRAN ERRING DATA
The present disclosure relates to a method and system for securely transferring master keying material between a master dongle and a slave dongle, 5 and a method and system for securely communicating data between users, It is often desirable to transfer data securely between various users. Often, such, data transfer will occur via a local network or via the Internet. When the data is sensitive it can be encrypted before transferring it over potentially insecure networks. Many businesses that use to internet to transfer data, either between employees of that company or with customers, make use of "public-key cryptography". In public-key cryptography, each user has a pair of cryptographic keys cared the public key and the private key. The public key may be publically shared with anyone wishing to securely communicate with the keys owner, white the private key is for decrypting data that has been encrypted using that public key.
When A wishes to communicate securely with B, A encrypts the message (data) using B s public key and sends the encrypted message to B. B then uses B's private key to decrypt the message. Advantageously, this method does not require the two users, A and B, to secretly exchange an encryption key with one another before communicating over insecure channels.
Another form of encryption is "symmetric key encryption" in which the same encryption key is used for both encryption and decryption. In such a system, users A and B must first securely exchange the encryption key before they communicate with one another over insecure channels.
Symmetric-key encryption systems have advantages and disadvantages compared to, public-key cryptography. Generally, symmetric-key systems are faster for encoding and decoding. In symmetric-key systems encrypted data can be transferred even if there is a possibility that the data will be intercepted. Since there is no key transmitted with the data, the chances of data being decrypted are lower than in public-key systems. Finally, only a recipient who has the key can decrypt the data Thus senders can be confident that only an authorised recipient can decrypt the data The man disadvantage of symmetric-key encryption is the requirement to provide the initial encryption key to all the users in a secure manner.
According to a first aspect, there is provided a method of securely transferring master keying material between a master dangle and a plurality of slave dangles, wherein each of the slave dangles contains a respective public key -2 -and a private key, wherein the master dangle contains master keying material, and wherein the master keying material is for allowing users of the dangles to securely access encrypted data; the method comprising: connecting the master dongle and the slave dongle to a data transfer system; and then, for each slave dangle in turn: transferring the slave dongle's public key to the master dongle via the data transfer system; using the slave dongle's public key at the master dangle to encrypt the master keying material and hence produce encrypted master keying material at the master dongle; transferring the encrypted master keying material to the slave dangle via the data transfer system; decrypting the encrypted master keying material with the slave dongle's private key at the slave dangle; and storing the master keying material at the slave dongle; such that a user of any of the dangles can use the master keying material to decrypt data encrypted by the same dongle or the other of the dangles.
The master keying material may be a master encryption key.
With this method, each of the slave dongles private keys and the unencrypted master keying material are advantageously not transferred across or read by the data transfer system. The method thus allows the secure production of a plurality of slave dongle(s) that contain the master keying material and hence allows for secure production of a set of dangles that share the same master keying material. The dangles may then provide a secure dongle-based symmetric key system. Advantageously the unencrypted master keying material is not accessible by the data transfer system at any point, and so even if the data transfer system is compromised (e.a. by an eavesdropper, a computer virus etc.) the master keying material is kept secret during the transfer. A dongle carrying such master keying material is useful as it allows users to readily transfer the dongle between various devices (e.g. from their work desktop to a home computer) and to maintain secure access to encrypted data. In particular, the dangle(s) may be used to access encrypted data stored in remotely accessible memory such as in the "cloud" so that a single secure data store can be accessed securely from any location. The method provides the advantage of rapidly producing a plurality of slave dangles that can be distributed to a plurality of users for the purposes of securely sharing information encrypted with the master keying material.
Thus, each one of multiple slave dangles can be securely programmed with the same master keying material from a single master dongle. This allows a plurality of users, each having a slave dongle, to securely communicate data to one another using the master keying material. Further, the encryption and decryption of data may be performed within the slave dangles whilst the master dongle is kept in a secure location. This can keep the master keying material safe as it is never transferred to a potentially insecure machine nor over a potentially insecure network.
In this context, an encryption key or keying material may be a random string of bits created explicitly for scrambling and unscrambling data (i.e. encrypting and decrypting datay Encryption keys are usually designed using algorithms that are intended to ensure that every key is unpredictable and unique. Thus, the master keying material, each of the slave dongle public keys andtar tne slave dongle private keys may be a data string created for encrypting and decrypting data. The key(s) may have a length of 256 bytes (2048 bits) or more. The master keying material may be randomly generated when the master dangle is first used, e.g. using a PIPS random number generator. In this manner, the manufacturer of the master dangle does not know the master keying material since it may be generated by a user having the master dangle. This ensures that there is no central repository of master keying materials that is vulnerable to hacking or theft Further, it gives the user confidence that their encrypted communications cannot be decoded by the manufacturer.
The data transfer system may be a personal computer (PC) that, optionally, is connected to multiple slave dangles for rapid production of a set of slave dangles having'the same master keying material. Alternatively, the data transfer system may be a dedicated device designed for the secure production of many slave dongles having the master keying material. Such a dedicated device is advantageously not connected to the Internet and may be configured to only run the necessary processes for transferring (encrypted) data between master and slave dongles. For example, the data processing routine for performing the method may be hard-coded into a computer chip in the dedicated device. This can provide extra security when transferring the master keying material against attacks via the Internet or from malicious dangles plugged into the dedicated device. In another example, the data transfer system may be a cable or a hub with no internal Programs or processor. In this case, the master and slave dangles may be configured to carry out the method using a data processing device in one or each of the dangles. Thus, the dongle(s) may include a processor or similar for performing computing operations.
To further enhance the security of the dangles, the master dangle and/or the slave dangles may include additional security to identify authorised users and to prevent access by unauthorised users. This may have the effect that only authorised users can access the master keying material so that even if a dangle is obtained by an unauthorised user then they cannot access the encrypted data. It also allows for the dongle(s) to be safely transferred between authorised users without risk of unauthorised access to the master keying material, for example by postal or courier delivery of the dongle(s). Thus, the dongle(s) may require identification of an authorised user before access to the content of the dangle is allowed. There may be an added layer of security before it is permitted to write new data to the dangle. The master dangle may require a higher level of authorisation before the master keying material can be transferred to another dongle. Thus, the slave dorigles and the master dongle when used for encrypting and decrypting data may be accessible to a normal user, whereas there may be a higher level user, such as an administrator, who is permitted access to the master dangle to copy the master keying material and/or access to the slave dangles to access the slave dangle public key and to install new master keying material.
The added security may include a user authentication system such as a PIN entry system or a biometric sensor, for example. The dongle(s) may hence be configured to identify an authorised user by comparison of data obtained by the user authentication system with data stored on the dangle relating to authorised users. In the case of a PIN system, the dangle may allow access at a normal level or an administrator level upon access of the correct PIN. In the case of a biometric system, the dangle may allow access to one or more users previously enrolled with the dangle. The dongle may be arranged to enrol users in any suitable manner, and it may be supplied to the first user in an enrolment mode allowing the first user to enrol their own biometric and/or their own PIN, with the first user optionally having administrator level access. Administrator level access may permit the enrolment of additional users to the user authentication system.
Thus, before the step of transferring each slave dangle's public key to the master dangle over the data transfer system, the method may comprise the steps of: unlocking the master dangle via the master dongle user authentication system, wherein unlocking the master dongle allows the master dangle to send and receive data; and, in the case where a given slave dangle is not factory reset, unlocking the slave dangle via the slave dangle user authentication system, wherein unlocking the slave dongle allows the slave dongle to send and receive data The dangles may remain unlocked during the process of transfer of the master keying material and they may be automatically locked after that process has been completed, such as after they are disconnected from the data transfer system. The method may comprise, for each slave dangle, scrambling the slave dangle's public key using a predetermined scrambling algorithm prior to transferring the slave dangle's public key, and unscrambling the slave dangle's public key at the master dangle after transferring slave dangle's public key and prior to encrypting the master keying material. In this case the slave dangles may include a suitable scrambling algorithm and the master dongle may include instructions for unscrambling the scrambled slave dangle's public key. This helps to protect against the case where the data transfer system is compromised and the malicious user has emulated a slave dangle but generated his own public key that is sent to the master dangle for the purposes of discovering the master keying material.
With the added use of scrambling of the slave dangle public key, only the legal slave dongles know the scrambling algorithm and this may be hard-coded onto the dangles, e.g. at the factory when first produced. The data transfer system (and any software thereon for the purposes of performing the method) has no knowledge of the scrambling algorithm, and optionally only the master dangle includes the instructions needed to unscramble the slave dangle public key. This provides a further layer of security against malicious emulated slave dangles, because the hacker has no knowledge of the scrambling algorithm as this is not contained in, nor ever transferred over, the data transfer system, and may only ever be present on the master dangle, where it may be protected via a suitable user authentication system as discussed above. In a case where the length of the public key is 256 bytes (2048 bits), to brute-force crack the scrambling algorithm, an attacker must try 256! times to hack the scrambling algorithm.
A dangle is typically a portable piece of hardware that connects to another device to provide that other device with additional functionality. For example, one known type of dangle is a USB memory dangle that allows for data to be transferred between devices via the dangle. Another type of dangle is a data encryption dangle for encrypting data being stored on the dangle or being stored on an external memory. Such dangles are produced by iStorage Limited of the United Kingdom under the trade name Datasnuirm. WO 2009/136161 discloses a prior art dangle for hardware encryption of data as it passes through the dangle.
The slave dangles and/or the master dongle of the present method may be arranged to operate in a similar fashion. The dangles may hence be dangles containing memory such as flash memory. The dongies may include a USI3 connection for joining the dongles to the data transfer system. USB is a commonly used standard for transferring data between devices. Therefore, dangles that can connect via USB to a generic computing device (desktop computer, laptop computer, tablet, smartphone etc.) will be widely useable.
According to another aspect, there is provided a method of sharing data securely between authorised computing devices, wherein a first computing device is connected to a first slave dongle and a second computing device is connected to a second slave dangle, the first and second slave dangles having been programmed with the same master keying material by any of the methods described above, the method comprising: encrypting first data using the first slave dangle with the master keying material stored in the first slave dangle; transferring the encrypted first data, optionally across a network, to the second computing device; decrypting the encrypted first data using the second slave dangle; and transferring the unencrypted first data from the second slave dangle to the second computing device.
According to another aspect, there is provided a system for securely transferring master keying material between a master dangle and a plurality of slave dangles, the system comprising: a data transfer system; a master dangle containing a master processor, and master keying material; and a plurality of slave dangles, each slave dangle containing a slave processor, a slave public key and a slave private key; wherein the data transfer system has at least three ports wherein one port is for connecting to the master dangle and the at least two other ports are for connecting to at least two of the plurality of slave dangles; the data transfer system being configured to for each slave dongle in turn, transfer the slave dongle's public key to the master dangle; the master dongle being configured to encrypt the master keying material with the slave dongle's public key to produce an encrypted master keying material and to return the encrypted master keying material to the, data transfer system; the data transfer system being configured to transfer the encrypted master keying material to the slave dangle; the slave dangle being configured to decrypt the encrypted master keying material using the slave dongle's private key and to store the master keying material at the slave dangle such that a user of any of the dangles can use the master keying material to decrypt data encrypted by the same dongle or the, other of the dangles.
A system according to this arrangement can quickly prepare a plurality of slave dongles, without the user having to remove each slave dangle after it receives the master keying material and attach a new slave dangle to the data transfer system.
The master dangle may comprise a master dangle user authentication system, each slave dangle may comprise a slave dongle user authentication system, and/or the data transfer system may comprise a data transfer system user authentication system, wherein the dongles and/or data transfer system are configured to require an authorisation code input at "a respective user authentication system before allowing transfer of data between the dangles.
The system allows the production of slave (-Jangles that contain the master keying material in a secure manner. The unencrypted master keying material does not need to be put on the data transfer system at any point, and so even if the data transfer system is compromised (e.g. by a computer virus etc.) the master keying material is kept secret during the transfer. A plurality of slave dangles produced by such a system may be distributed to a plurality of users who wish to communicate securely with one another. Each of the slave dongies has been securely programmed with the same master keying material and so the users can securely communicate data to one another using the master keying material even when communicating via potentially insecure networks (e.g, the internet).
Each slave dongle may be configured to scramble its slave dangle public key using a predetermined scrambling algorithm prior to transferring its slave dangle public key, such that thedata transfer system transfers a scrambled slave dangle's public key; and the master dangle may contain the scrambling algorithm and be configured to unscramble the scrambled slave dongle's public key prior to encrypting the master keying material.
The data transfer system (and any software thereon for the purposes of performing the method) has no knowledge of the scrambling algorithm. This provides a further layer of security against malicious emulated slave dangles, because the hacker has no knowledge of the scrambling algorithm as this is not contained in, nor ever transferred over, the data transfer system.
According to another aspect there is provided a system for securely communicating data between users, the system comprising: a first computing device coupled to a first slave dongle, a second computing device coupled to a second dangle, wherein the second dangle is a second slave dangle, or a master dongle, wherein the master and slave dangles have been configured using any of the aforementioned methods or wherein the master and slave dongles have been configured by any of the abovementioned systems, wherein, when the first computing device is used to send first data to the second computing device, the first computing device is configured to send the first data to the first slave dongle, the first slave dongle is configured to encrypt the first data using the master keying material, and the first device is configured to send the encrypted first data to the second computing device, optionally via a network, and wherein the second computing device is configured to receive the first encrypted data and send the first encrypted data to the second dongle, the second dongle is configured to decrypt the first encrypted data using the master keying material and to send the decrypted first data to the second computer device.
This system allows users to communicate securely with one another using symmetric-key encryption which is faster than public-key encryption. Further, as the disclosure provides a secure method for providing the master keying material to users, a known disadvantage of symmetric-key encryption regarding the initial transfer of the master keying material is overcome.
According to another aspect, there is provided a dedicated device for securely transferring master keying material between a master dongle and a plurality of slave dangles using the method of the first aspect, the dedicated device comprising a plurality of ports for connecting to the master dangle and to the slave dongle; the dedicated device being configured to, for each slave dangle in turn, request a public key from the slave dangle and to transfer the public key to the master dangle, and to request encrypted master keying material from the master dongle and transfer the encrypted master keying material to the slave dangle.
A dedicated device according to this aspect may be provided as a standalone device for preparing slave dangles, which may have greater security than a user's PC configured to perform the method.
Certain embodiments of the present disclosure will now be described in greater detail by way of example only and with reference to the accompanying drawings in which: Figure 1 shows a computer attached to a hub into which are plugged a master dangle and several slave dangles; Figure 2 shows a sequence diagram of method steps for securely transferring master keying material from a master dangle to a slave dongie; Figure 3 shows a dedicated device for accepting a master dangle and a plurality of slave dangles; and -9 -Figure 4 shows a system of multiple devices, each device having a slave dangle, wherein users can communicate securely with one another over a network using common master keying material.
Figure 1 shows a computer 20 and a hub 30 plugged into the computer. A master dongle 12 is plugged into a first port 32a on the hub 30. Slave dangles 12a-n, generally designated 12, are plugged into other ports 32b-m on the hub 30.
The hub 30 may be any standard USB hub, or a hub with another type of port (e.g. FireWirerm). Alternatively, the master 10 and slave 12 dangles may be attached directly to ports in the computer 20, without the use of a hub 30.
The above described system, comprising the computer 20 and dongles 10, 12, is for securely transferring master keying material from the master dongle 10 to the slave dongle(s) 12a-n. This allows production of a number of slave dangles that all share the same master keying material. For example, all slave dongles that belong to the same company or working group may use the same master keying material for encryption and decryption when transferring data to one another within the company or working group.
The master keying material may be a master encryption key.
The computer 20 is just one example of a generic data transfer system for connecting the master dongle 10 and the slave dangles 12a-n. However, it is to be understood that other forms of data transfer system may be used.
For example, the data transfer system may be a dedicated device 40 as described below in conjunction with Figure 3.
Alternatively, the data transfer system may be a cable or a hub with no internal processor, in which case one or both of the master and slave dangles 10, 12 may contain processors configured perform the method steps for securely transferring the master keying material.
When the master dongle 10 is first used, master keying material may be randomly generated by a FIPS approved Random Number Generator and this is stored inside a secure processor in the master dongle 10 in an encrypted form.
Each slave dongle 12a-n has a unique public/private key pair, suitable for use in public key cryptography. As is well understood in public key cryptography, the public key may be publicly shared and seen by others, both friendly and unfriendly. The private key is kept secret and may be used to decrypt data that has been encrypted using the public key.
The computer 20 may run software that is designed for securely transferring the master keying material to each of the slave dongles 12a-n in turn.
-10 -These slave dongies may then be distributed to e.g. workers in the company or working group for use with their own devices (e.g. PC, laptop, tablet, phone etc.) to allow these devices to securely communicate with one another using the master keying material.
Figure 2 shows a sequence diagram showing the method by which the master keying material may be securely transferred from the master dongle 10 to each slave dongle 12a-n.
Initial steps 201, 202, and 203 are each optional and independent from one another.
In step 201, a PIN or other authentication is entered into the master dongle to unlock the master dongle 10 such that it may send and receive data.
In step 202, a PIN or other authentication is entered into the slave dongle 12 to unlock the slave dongle 12 such that it may send and receive data. Each slave dongle 12a-n may have a unique PIN or other authentication required to unlock the device. Alternatively, a plurality of slave dangles 12a-n may have the same PIN or temporary single-use PIN, for ease of initial setup.
In step 203, a PIN or other authentication is entered into the data transfer system to allow it to transfer data between and/or communicate with the master and slave dangles 10, 12.
Optional step 101: the data transfer system may request the public key from the slave dongle 12. This request may originate from the master dangle 10 (as indicated by the dashed line in Figure 2) or from a computer 20 or dedicated device 40 etc. Optional step 102: the slave dangle may scramble its public key using a predetermined scrambling algorithm (i.e such that a scrambled public key is presented to the data transfer system in step 103).
Step 103 The slave dongle's public key (optionally scrambled) is transferred to the data transfer system.
Step 104: the slave dongle's public key is transferred to the master dongle 10.
Optional step 105: if the slave dongle's public key was scrambled at step 102, the master dongle, having been preprogrammed with the scrambling algorithm, unscrambles the public key.
Step 106: the master dongle 10 encrypts the master keying material using the (unscrambled) slave dangle's public key.
Step 107: the encrypted master keying material is transferred from the master dongle 10 to the data transfer system.
Step 108: encrypted master keying material is transferred to the slave dongle 12.
Step 109: the slave dongle decrypts and stores the master keying material using the slave dongle's private key.
According to the method shown in Figure 2, the data transfer system never sees the unencrypted master keying material. Thus, if the data transfer system is compromised by an attacker, the attacker cannot readily discover the master keying material.
The data transfer system may be active in.e.g, requesting the slave dongle's public key or may be passive and simply act as a transmission medium for data sent by the dongles 10, 12.
Figure 3 shows an alternative system for securely transferring master keying material from the master dongle 10 to the slave dongles 12a-n. In this system, a dedicated device 40 is provided for performing the above method steps 101-109. That is, the dedicated, device 40 is the data transfer system in this example.
The dedicated device 40 contains a plurality of ports 42a-m. A first of the ports 42a is for connecting to the master dongle 10. The remaining ports 42b-m are each for connecting to one of the plurality of slave dongles 12a-n.
The dedicated device further comprises a set of control keys 44, a display device 46, and a control button 48.
The control keys 44 may comprise a numeric keyboard with numbers 0 to 9, a lock button, an unlock button, and an arrow button. The dedicated device 40 may optionally require a numeric code to unlock the device (i.e. step 203) before it will perform the method steps 101-109. The lock button may be used to re-lock the dedicated device 40 after use, to prevent unauthorized users making their own slave dongles 12.
The display screen may be a LCD screen for displaying messages to a user, such as "Locked", "Unlocked', "Ready to transfer etc. Pressing the copy button 48 may cause the dedicated device 40 to start securely transferring the master keying material from -a master dangle 10 plugged into the first port 42a to the slave dongles 12a-n plugged into the other ports 42b35 m.
-12 -When multiple slave dongies 12a-n are plugged into the dedicated device 40, the dedicated device 40 performs the method steps 101-109 for each slave dongle 12 in turn. That is, steps 101 to 109 are performed for a first slave dongle 12a, and once complete, steps 101-109 are performed for a second slave dangle 12b etc. Similarly, when multiple slave dangles 12a-n are plugged into the computer (or generally, into the data transfer system), the computer 20 performs the method steps 101-109 for each slave dangle 12 in turn. That is, steps 101 to 109 are performed for a first slave dangle 12a, and once complete, steps 101-109 are performed for a second slave dangle 12b etc. Once a plurality of slave dangles 12a-n have the master keying material stored thereon, the slave dangles 12a-n may be distributed to a number of users, e.g. employees or member of a working group to allow them to securely exchange data with one another.
Figure 4 shows a schematic diagram in which multiple users may communicate with one another via a network 60 (e.g. via the cloud). using multiple different devices 50a-e. The devices 50a-e may be any of a desktop computer, a tablet computer, a smadphone, a laptop computer and/or any other commonly used computing device capable of connecting to a slave dangle 12.
A respective slave dangle 12a-e is plugged into each device 50a-e. Each slave dangle 12a-e has been prepared with the same master keying material by the method shown above. When a first user 52a wants to share data with another user 52b, the first user 52a instructs his device 50a to send the data to the other user 52b via the network 60. The slave dangle 12a of the first user 52a encrypts the data using the master keying material. The data is then sent via the network to the second user 52b. The second user's device 50b receives the encrypted data and passes it to the second slave dangle 12b, The second slave dangle 12b then decrypts the data using the master keying material and returns the unencrypted data to the second user's device 50b.
In this arrangement, the master keying material is never read by or transferred onto the devices 50a-e, nor is it seen by the network 60. Instead, the master keying, material is only ever present on a secure processor in each of the slave dangles 12a-e. Thus, if the network 60 security is compromised, an eavesdropper/hacker will any ever see encrypted data Further, if the security of one or more of the devices 50a-e is compromised, the eavesdropper/hacker will only ever see the encrypted and unencrypted data on that device but will not thereby gain access, to the master keying material and thus will not be able to compromise the whole network.
Consequently, the compromised device may be repaired/re-secured (e.g. by running an anti-virus program or similar) without requiring that new master keying material is prepared and delivered to each user on a new slave dongle 12. -14

Claims (15)

  1. Claims: 1. A method of securely transferring master keying material between master dangle and a plurality of slave dangles, wherein each of the slave dangles contains a respective public key and a private key, wherein the master dangle contains master keying material, and wherein the master keying material is for allowing users of the dangles to securely access encrypted data; the method comprising: connecting the master dangle and the slave dangles to a data transfer system; and then, for each slave dangle in turn: transferring the slave dangle's public key to the master dangle via the data transfer system; 1,5 using the slave dangle's public key at the master dangle to encrypt the master keying material and hence produce encrypted master keying material at the master dangle; transferring the encrypted master keying material o the slave dangle via the data transfer system; decrypting, the encrypted master keying material with the slave dangle's private key at the slave dangle; and storing the master keying material at the slave dangle; such that a user of any of the dangles can use the master keying material tc decrypt data encrypted by the same dangle or the other of the dangles.
  2. 2. The method of claim 1 wherein the master keying material is randomly generated when the master dangle is first used, preferably wherein the master keying material is generated using a FPS random number generator.
  3. 3. The method of daim 1 or 2 wherein, before the step of transferring each slave dangle's public key to the master dangle over the data transfer system, the method may comprise the steps of: unlocking the master dangle via a master dangle user authentication system, wherein unlocking the master dangle allows the master dangle to send and receive 35 data; and, in the case where a given slave dongle is not factory reset, unlocking the slave dangle via a slave dongle user authentication system, wherein unlocking the slave dangle allows the slave dangle to send and receive data
  4. 4. The method ccording to any preceding claim, comprising, for each slave dongle, scrambling the slave dongle's public key using a predetermined scrambling algorithm prior to transferring the slave dongle's public key, and unscrambling the slave dongle's public key at the master dangle after transferring slave dongle's public key and prior to encrypting the master keying material.
  5. 5. The method according to any preceding claim, wherein the master dangle is a first removable dangle, and wherein the slave dangle is a second removable dongle.
  6. 6. The method according to any preceding claim, wherein each slave dongle's private key and the unencrypted master keying material are not transferred to or read by the data transfer system.
  7. 7. A method of sharing data securely between authorised computing devices, wherein a first computing device is connected to a first slave dangle and a second computing device is connected to a second slave dangle, the first and second slave dangles having been programmed with the same master keying material by the method of any preceding claim, the method comprising: encrypting first data using the first slave dongle with the master keying material stored in the first slave dangle; transferring the encrypted first data, optionally across a network, to the second computing device; decrypting the encrypted first data using the second slave dongle; and transferring the unencrypted first data from the second slave dangle to the second computing device.-16 -
  8. 8. A system for securely transferring master keying material between a master dongle and a plurality of slave dongles, the system comprising; a data transfer system; a master dongle containing a master processor, and master keying material; and a plurality of slave dangles, each slave dongle containing a slave processor, a slave public key and a slave private key; wherein the data transfer system has at least three ports; wherein one port is for connecting to the master dongle and the at least two other ports are for connecting to at least two of the plurality of slave dongles; the data transfer system being configured to, for each slave dongle in turn, transfer the slave dorigfe's public key to the master dongle; the master dongle being configured to encrypt the master keying material using the slave dongle's public key to produce an encrypted master keying material; the data transfer system being configured to transfer the encrypted master keying material to the slave dongle; and the slave dangle being configured to decrypt the encrypted master keying material using the slave dongle 's private key and to store the master keying material at the slave dongle such that a user of any of the dangles can use the master keying material to decrypt data encrypted by the same dangle or the other of the dangles.
  9. 9. The system of claim 8, wherein the master dongle comprises a master dongle user authentication system, each slave dongle comprises a slave dongle user authentication system, and/or the data transfer system comprises a data transfer system user authentication system, wherein the dangles and/or data transfer system are configured to require an authorisation code input at a respective user authentication system before allowing transfer of data between the dangles.
  10. 10. The system of claims 8 or 9 wherein the master dangle is configured to generate random keying material when the master dongie is first used. preferably wherein the master keying material is generated using a FIPS random number generator.
  11. 11. The system according to any of claims 8 to 10, wherein each slave dangle is configured to scramble its slave dongle public key using a predetermined scrambling algorithm prior to transferring its slave dongle public key, such that the data transfer system transfers a scrambled slave dongle's public key; and the master dongle contains the scrambling algorithm and is configured to unscramble the scrambled slave dongle's public key prior to encrypting the master keying material.
  12. 12. A system for securely communicating data between users, the system comprising.a first computing device coupled to a first slave dangle, a second computing device coupled to a second dangle, wherein the econd dongle is a second slave dongle or a master dcngie, wherein the master and slave dongles have been configured using the method according to any of claims 1 to 6 or wherein the master and slave dongles have been configured by the system according to any of claims 8 to 12; wherein, when the first computing device is used to send first data to the second computing device, the first computing device is configured to send the first data to the first slave.dongle, the first slave dongle is configured to encrypt the first data using the master keying material, and the first device is configured to send the encrypted first data to the second computing device, optionally via a network, and wherein the second computing device is configured to receive the first encrypted data and send the first encrypted data to the second dangle, the second dangle is configured to decrypt the first encrypted data using the master keying material and to send the decrypted first data to the second computer device.
  13. 13. The system according to claim 12, wherein each dongie is configured to require a user identification to unlock the dangle'for use, preferably wherein each dangle has a plurality of buttons and the user identification is a code to be input by pressing the buttons in a predetermined order.
  14. 14. The system of claim 12 or 13 further comprising a server, wherein each dangle is configured to have an identification and configured to require an authorisation code from the server in order to perform encryption and decryption, and wherein the server is configured to have a whitelist or a blacklist of dangle identifications such that unauthorised dangles having the master keying material are excluded from communicating with authorised dangles having the master keying material.
  15. 15. A dedicated device for securely transferring master keying material between a master dangle and a plurality of slave dongles using a method as claimed in any of claims 1-6, the dedicated device comprising a plurality of ports for connecting to the master dangle and to the slave dangles.the dedicated device being configured to, for each slave dangle in turn, request a public key from the slave dangle and to transfer the public key to the master dangle, and to request encrypted master keying material from the master dongle and transfer the encrypted master keying material to the slave dangle.
GB1914463.3A 2017-09-05 2017-09-05 Methods and systems of securely transferring data Active GB2579884B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB1914463.3A GB2579884B (en) 2017-09-05 2017-09-05 Methods and systems of securely transferring data

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1914463.3A GB2579884B (en) 2017-09-05 2017-09-05 Methods and systems of securely transferring data
GB1714256.3A GB2566107B (en) 2017-09-05 2017-09-05 Methods and systems of securely transferring data

Publications (3)

Publication Number Publication Date
GB201914463D0 GB201914463D0 (en) 2019-11-20
GB2579884A true GB2579884A (en) 2020-07-08
GB2579884B GB2579884B (en) 2020-11-11

Family

ID=68541496

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1914463.3A Active GB2579884B (en) 2017-09-05 2017-09-05 Methods and systems of securely transferring data

Country Status (1)

Country Link
GB (1) GB2579884B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3877879B1 (en) * 2018-11-07 2024-03-27 iStorage Limited Methods and systems of securely transferring data

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113051101B (en) * 2021-04-26 2021-12-14 广州市新矽亚电子科技有限公司 Communication system and method of common bus and multiple slaves

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2439838A (en) * 2006-07-03 2008-01-09 Lenovo Mutual authentication procedure for Trusted Platform Modules with exchange of credentials
US20140258707A1 (en) * 2012-01-23 2014-09-11 Douglas Denny Secure communications system for direct transfer between mobile device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2439838A (en) * 2006-07-03 2008-01-09 Lenovo Mutual authentication procedure for Trusted Platform Modules with exchange of credentials
US20140258707A1 (en) * 2012-01-23 2014-09-11 Douglas Denny Secure communications system for direct transfer between mobile device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3877879B1 (en) * 2018-11-07 2024-03-27 iStorage Limited Methods and systems of securely transferring data

Also Published As

Publication number Publication date
GB201914463D0 (en) 2019-11-20
GB2579884B (en) 2020-11-11

Similar Documents

Publication Publication Date Title
AU2023200899B2 (en) Methods and systems of securely transferring data
US11233653B2 (en) Dongle for ciphering data
US11677546B2 (en) Methods and systems of securely transferring data
CN107453880B (en) Cloud data secure storage method and system
US11438316B2 (en) Sharing encrypted items with participants verification
CN103378971A (en) Data encryption system and method
GB2579884A (en) Methods and systems of securely transferring data
US20240114025A1 (en) Modification of device behavior for use in secure networking
JP2022522555A (en) Secure message delivery using semi-trusted relayers
KR101808313B1 (en) Method of encrypting data
US20230185970A1 (en) Communication node with secure cryptographic keys and methods for securing therein
CN115865541A (en) Method and device for processing mass-sending files, electronic equipment and storage medium