Video surveillance systems using out of band key exchange
US-12177293-B2 · Dec 24, 2024 · US
Replacing keys in a computer system
US10257176B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10257176-B2 |
| Application number | US-201514638609-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 4, 2015 |
| Priority date | Mar 4, 2015 |
| Publication date | Apr 9, 2019 |
| Grant date | Apr 9, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A first private key used by a device is replaced by a second private key, the first private key having an associated public key. The second private key is secured based on the associated public key and communicated to replace the first private key at the device. The device receives the second private key. The first private key is secured by a secret, and the device uses the secret to decrypt the first private key. The second private key is then encrypted using the decrypt first private key.
First claim
Opening claim text (preview).
We claim: 1. A method for replacing a first private key of a first asymmetric pair of public and private keys used by a device, wherein the first private key has an associated public key of the first asymmetric pair of public and private keys, the method comprising: assigning, within a device manager server, a second private key of a second asymmetric pair of public and private keys for replacing the first private key, encrypting, within the device manager server, the second private key based on the associated public key of the first asymmetric pair of public and private keys, and delivering from the device manager server to the device, over a communication network, the encrypted second private key to replace the first private key at the device for use in communication with at least one other device, wherein the device is a separate and external device from the device manager server, and wherein the encrypted second private key is encrypted based on the associated public key of the first asymmetric pair of public and private keys such that the encryption can only be decrypted with the first private key of the first asymmetric pair of public and private keys using a secret known by the user of the device and/or the device. 2. A method according to claim 1 , the method comprising: generating a key file comprising the first private key, the associated public key, and the second private key, and sending the key file to the device. 3. The method according to claim 1 , further comprising: generating a secret character string for encrypting the second private key and encrypting the secret character string by means of the associated public key of the first asymmetric pair of public and private keys. 4. The method according to claim 1 , wherein the secret comprises a passphrase or password known only by the user and/or the device. 5. The method according to claim 1 , wherein at least one of: the first private key and the second private key comprise private keys for one of authentication, authorization and digital signature, and the second private key is different from the first private key. 6. An apparatus comprising at least one processor, and at least one memory including computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus to: assign, within a device manager server, for a device with a first private key of a first asymmetric pair of public and private keys a second private key of a second asymmetric pair of public and private keys for replacing the first private key, encrypt, within the device manager server, the second private key based on a public key associated with the first private key, deliver from the device manager server to the device, over a communication network, the encrypted second private key to replace the first private key at the device for use in communication with at least one other device, and configured to generate a secret character string for encrypting the second private key of the second asymmetric pair of public and private keys and encrypt the secret character string by means of the associated public key of the first asymmetric pair of public and private keys, wherein the device is a separate and external device from the device manager server. 7. The apparatus according to claim 6 , further configured to generate a key file comprising the first private key, the associated public key, and the second private key, and communicate the key file to the device. 8. The apparatus according to claim 6 , configured to secure the second private key based on the associated public key of the first asymmetric pair of public and private keys such that decryption of the second private with the first private key requires use of a secret known by the user of the device and/or the device. 9. The apparatus according to claim 6 , wherein at least one of: the first private key and the second private key comprise private keys for one of authentication, authorization and digital signature, and the second private key is different from the first private key.
Assignees
Inventors
Classifications
- H04L63/061Primary
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
Key management, e.g. using generic bootstrapping architecture [GBA] · CPC title
Key distribution or pre-distribution; Key agreement · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10257176B2 cover?
- A first private key used by a device is replaced by a second private key, the first private key having an associated public key. The second private key is secured based on the associated public key and communicated to replace the first private key at the device. The device receives the second private key. The first private key is secured by a secret, and the device uses the secret to decrypt th…
- Who is the assignee on this patent?
- Ssh Communications Security Oyj
- What technology area does this patent fall under?
- Primary CPC classification H04L63/061. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 09 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).