WO2004095754A3 - Server-based cryptography - Google Patents
Server-based cryptography Download PDFInfo
- Publication number
- WO2004095754A3 WO2004095754A3 PCT/US2004/011756 US2004011756W WO2004095754A3 WO 2004095754 A3 WO2004095754 A3 WO 2004095754A3 US 2004011756 W US2004011756 W US 2004011756W WO 2004095754 A3 WO2004095754 A3 WO 2004095754A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- descriptors
- server
- component
- node
- descriptor
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
Abstract
A system for securing data includes a set of descriptors associated with data, a node, and a server. The set of descriptors include a first group of descriptors, and at least one additional descriptor. Each descriptor has a respective, associated value. The node provides a first component by binding together the respective values of each of the first group of descriptors. The server receives the first component from the node, provides a key by binding together the first component and the respective values of each of the additional descriptor, and encrypts the data with the key. The user (via a token) and/or the server can provide at least one of the descriptors. At least one server can establish a trusted cryptographic virtual domain that exhibits an established trust based on the descriptors that are policy enforced.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP04750211A EP1618700A4 (en) | 2003-04-17 | 2004-04-16 | Server-based cryptography |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/418,312 | 2003-04-17 | ||
| US10/418,312 US7539855B1 (en) | 2002-04-17 | 2003-04-17 | Server-based cryptography |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| WO2004095754A2 WO2004095754A2 (en) | 2004-11-04 |
| WO2004095754A3 true WO2004095754A3 (en) | 2005-03-03 |
Family
ID=33309527
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2004/011756 WO2004095754A2 (en) | 2003-04-17 | 2004-04-16 | Server-based cryptography |
Country Status (2)
| Country | Link |
|---|---|
| EP (1) | EP1618700A4 (en) |
| WO (1) | WO2004095754A2 (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5347580A (en) * | 1992-04-23 | 1994-09-13 | International Business Machines Corporation | Authentication method and system with a smartcard |
| US5590199A (en) * | 1993-10-12 | 1996-12-31 | The Mitre Corporation | Electronic information network user authentication and authorization system |
| US6714921B2 (en) * | 1994-11-23 | 2004-03-30 | Contentguard, Inc. | System for controlling the distribution and use of digital works using digital tickets |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5719938A (en) * | 1994-08-01 | 1998-02-17 | Lucent Technologies Inc. | Methods for providing secure access to shared information |
| US5999629A (en) * | 1995-10-31 | 1999-12-07 | Lucent Technologies Inc. | Data encryption security module |
-
2004
- 2004-04-16 WO PCT/US2004/011756 patent/WO2004095754A2/en active Application Filing
- 2004-04-16 EP EP04750211A patent/EP1618700A4/en not_active Withdrawn
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5347580A (en) * | 1992-04-23 | 1994-09-13 | International Business Machines Corporation | Authentication method and system with a smartcard |
| US5590199A (en) * | 1993-10-12 | 1996-12-31 | The Mitre Corporation | Electronic information network user authentication and authorization system |
| US6714921B2 (en) * | 1994-11-23 | 2004-03-30 | Contentguard, Inc. | System for controlling the distribution and use of digital works using digital tickets |
Non-Patent Citations (1)
| Title |
|---|
| See also references of EP1618700A4 * |
Also Published As
| Publication number | Publication date |
|---|---|
| EP1618700A2 (en) | 2006-01-25 |
| WO2004095754A2 (en) | 2004-11-04 |
| EP1618700A4 (en) | 2010-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190089527A1 (en) | System and method of enforcing a computer policy | |
| TWI736271B (en) | Method, device and equipment for generating and using private key in asymmetric key | |
| US8165286B2 (en) | Combination white box/black box cryptographic processes and apparatus | |
| US20180262326A1 (en) | Protecting white-box feistel network implementation against fault attack | |
| US9602273B2 (en) | Implementing key scheduling for white-box DES implementation | |
| EP3182637B1 (en) | Wide encoding of intermediate values within a white-box implementation | |
| EP3099002A1 (en) | Diversifying control flow of white-box implementation | |
| US10700849B2 (en) | Balanced encoding of intermediate values within a white-box implementation | |
| CA2551113A1 (en) | Authentication system for networked computer applications | |
| EP3035584B1 (en) | Using single white-box implementation with multiple external encodings | |
| EP3068067B1 (en) | Implementing padding in a white-box implementation | |
| Alzomai et al. | The mobile phone as a multi OTP device using trusted computing | |
| US20080244268A1 (en) | End-to-end network security with traffic visibility | |
| Bartlett et al. | IKEv2 IPsec Virtual Private Networks: Understanding and Deploying IKEv2, IPsec VPNs, and FlexVPN in Cisco IOS | |
| Pervez et al. | Oblivious access control policies for cloud based data sharing systems | |
| WO2004095754A3 (en) | Server-based cryptography | |
| GB2395304A (en) | A digital locking system for physical and digital items using a location based indication for unlocking | |
| Nützel et al. | Towards trust in digital rights management systems | |
| US20060039566A1 (en) | System for installing software with encrypted client-server communication | |
| EP3406051B1 (en) | Method for generating a pair of terminal associated keys using a terminal and a gateway, a method for secure date exchange using the method, a terminal and a gateway | |
| Hung et al. | A Hybrid Threshold Group Signature Scheme with Distinguished Signing Authority | |
| Paquin | Privacy and accountability in identity systems: the best of both worlds | |
| Vanga | Design and Analysis of Hierarchical Access Control and User Authentication Protocols for Distributed Computer Networks | |
| Taavettila | OVER-THE-AIR COPY PROTECTION: Using commonly used techniques | |
| Store | Secure Network Communications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| WWE | Wipo information: entry into national phase |
Ref document number: 2004750211 Country of ref document: EP |
|
| WWP | Wipo information: published in national office |
Ref document number: 2004750211 Country of ref document: EP |