WO2004095754A3 - Server-based cryptography - Google Patents

Server-based cryptography Download PDF

Info

Publication number
WO2004095754A3
WO2004095754A3 PCT/US2004/011756 US2004011756W WO2004095754A3 WO 2004095754 A3 WO2004095754 A3 WO 2004095754A3 US 2004011756 W US2004011756 W US 2004011756W WO 2004095754 A3 WO2004095754 A3 WO 2004095754A3
Authority
WO
WIPO (PCT)
Prior art keywords
descriptors
server
component
node
descriptor
Prior art date
Application number
PCT/US2004/011756
Other languages
French (fr)
Other versions
WO2004095754A2 (en
Inventor
Edward M Scheidt
C Jay Wack
Original Assignee
Tecsec Inc
Edward M Scheidt
C Jay Wack
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/418,312 external-priority patent/US7539855B1/en
Application filed by Tecsec Inc, Edward M Scheidt, C Jay Wack filed Critical Tecsec Inc
Priority to EP04750211A priority Critical patent/EP1618700A4/en
Publication of WO2004095754A2 publication Critical patent/WO2004095754A2/en
Publication of WO2004095754A3 publication Critical patent/WO2004095754A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

A system for securing data includes a set of descriptors associated with data, a node, and a server. The set of descriptors include a first group of descriptors, and at least one additional descriptor. Each descriptor has a respective, associated value. The node provides a first component by binding together the respective values of each of the first group of descriptors. The server receives the first component from the node, provides a key by binding together the first component and the respective values of each of the additional descriptor, and encrypts the data with the key. The user (via a token) and/or the server can provide at least one of the descriptors. At least one server can establish a trusted cryptographic virtual domain that exhibits an established trust based on the descriptors that are policy enforced.
PCT/US2004/011756 2003-04-17 2004-04-16 Server-based cryptography WO2004095754A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP04750211A EP1618700A4 (en) 2003-04-17 2004-04-16 Server-based cryptography

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/418,312 US7539855B1 (en) 2002-04-17 2003-04-17 Server-based cryptography
US10/418,312 2003-04-17

Publications (2)

Publication Number Publication Date
WO2004095754A2 WO2004095754A2 (en) 2004-11-04
WO2004095754A3 true WO2004095754A3 (en) 2005-03-03

Family

ID=33309527

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/011756 WO2004095754A2 (en) 2003-04-17 2004-04-16 Server-based cryptography

Country Status (2)

Country Link
EP (1) EP1618700A4 (en)
WO (1) WO2004095754A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5347580A (en) * 1992-04-23 1994-09-13 International Business Machines Corporation Authentication method and system with a smartcard
US5590199A (en) * 1993-10-12 1996-12-31 The Mitre Corporation Electronic information network user authentication and authorization system
US6714921B2 (en) * 1994-11-23 2004-03-30 Contentguard, Inc. System for controlling the distribution and use of digital works using digital tickets

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5719938A (en) * 1994-08-01 1998-02-17 Lucent Technologies Inc. Methods for providing secure access to shared information
US5999629A (en) * 1995-10-31 1999-12-07 Lucent Technologies Inc. Data encryption security module

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5347580A (en) * 1992-04-23 1994-09-13 International Business Machines Corporation Authentication method and system with a smartcard
US5590199A (en) * 1993-10-12 1996-12-31 The Mitre Corporation Electronic information network user authentication and authorization system
US6714921B2 (en) * 1994-11-23 2004-03-30 Contentguard, Inc. System for controlling the distribution and use of digital works using digital tickets

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1618700A4 *

Also Published As

Publication number Publication date
WO2004095754A2 (en) 2004-11-04
EP1618700A2 (en) 2006-01-25
EP1618700A4 (en) 2010-04-28

Similar Documents

Publication Publication Date Title
US20190089527A1 (en) System and method of enforcing a computer policy
TWI736271B (en) Method, device and equipment for generating and using private key in asymmetric key
EP3174238B1 (en) Protecting white-box feistel network implementation against fault attack
US8165286B2 (en) Combination white box/black box cryptographic processes and apparatus
US9602273B2 (en) Implementing key scheduling for white-box DES implementation
EP3182637B1 (en) Wide encoding of intermediate values within a white-box implementation
CA2551113A1 (en) Authentication system for networked computer applications
Ashley et al. Practical Intranet Security: Overview of the State of the Art and Available Technologies
EP3035584B1 (en) Using single white-box implementation with multiple external encodings
EP3068067B1 (en) Implementing padding in a white-box implementation
Alzomai et al. The mobile phone as a multi OTP device using trusted computing
KR101839048B1 (en) End-to-End Security Platform of Internet of Things
US20080244268A1 (en) End-to-end network security with traffic visibility
Bartlett et al. IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS
Pervez et al. Oblivious access control policies for cloud based data sharing systems
WO2004095754A3 (en) Server-based cryptography
GB2395304A (en) A digital locking system for physical and digital items using a location based indication for unlocking
Nützel et al. Towards trust in digital rights management systems
EP3406051B1 (en) Method for generating a pair of terminal associated keys using a terminal and a gateway, a method for secure date exchange using the method, a terminal and a gateway
Hung et al. A Hybrid Threshold Group Signature Scheme with Distinguished Signing Authority
Díaz García et al. Multiprotocol Authentication Device for HPC and Cloud Environments Based on Elliptic Curve Cryptography
Paquin Privacy and accountability in identity systems: the best of both worlds
Vanga Design and Analysis of Hierarchical Access Control and User Authentication Protocols for Distributed Computer Networks
Taavettila OVER-THE-AIR COPY PROTECTION: Using commonly used techniques
Store Secure Network Communications

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2004750211

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2004750211

Country of ref document: EP