What technology area does this patent fall under?

Primary CPC classification H04L9/3242. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Jun 22 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Diversifying a base symmetric key based on a public key

US11042488B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11042488-B2
Application number	US-201615166700-A
Country	US
Kind code	B2
Filing date	May 27, 2016
Priority date	Jun 1, 2015
Publication date	Jun 22, 2021
Grant date	Jun 22, 2021

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A symmetric key that is stored at a device may be received. A public key from a remote entity may also be received at the device. Furthermore, a derived key may be generated based on a one way function between the symmetric key that is stored at the device and the public key that is received from the remote entity. The derived key may be encrypted with the public key and transmitted to the remote entity. The encryption of the derived key with the public key may provide secure transmission of the derived key to an authorized remote entity with a private key that may be used to decrypt the encrypted derived key.

First claim

Opening claim text (preview).

What is claimed is: 1. A method comprising: storing a base key at a device, wherein the base key is private to the device; receiving a message from a remote entity, the message including a signature of a root entity that is based on a root private key; verifying the signature of the root entity from the message with a root public key that corresponds to the root private key; responsive to verifying the signature of the root entity from the message, receiving, at the device, a public key of the remote entity that is included in the message, wherein the public key is an asymmetric key; generating, by a processing device of the device, a derived key using a one way function having the base key as a first input and a second input that is based on the public key of the remote entity that is included in the message; and encrypting the derived key by using the same public key that is used to generate the derived key. 2. The method of claim 1 , further comprising: transmitting the encrypted derived key to the remote entity. 3. The method of claim 1 , further comprising: receiving a second public key from a second remote entity; generating a second derived key based on the one way function between the same base key that is stored at the device and the second public key that is received from the second remote entity; encrypting the second derived key based on the second public key; and transmitting the encrypted second derived key to the second remote entity. 4. The method of claim 1 , wherein the root public key is stored in circuitry of the device. 5. The method of claim 1 , wherein the generating of the derived key comprises: generating a hash value of the public key; and truncating the hash value of the public key to generate a truncated hash value, wherein the truncated hash value is the second input, wherein the one way function generates the derived key based on the truncated hash value of the public key and the base key. 6. The method of claim 1 , wherein the generating of the derived key comprises: performing a first operation to generate an intermediate key based on a combination of the base key and a bit of a value that is based on the public key, wherein the intermediate key is the second input; and performing a second operation to generate the derived key based on a combination of the intermediate key and another bit of the value that is based on the public key. 7. A method comprising: storing a base key at a device, wherein the base key is private to the device; receiving a message from a remote entity, the message including a signature of a root entity that is based on a root private key; verifying the signature of the root entity from the message with a root public key that corresponds to the root private key; responsive to verifying the signature of the root entity from the message, receiving, at the device, a public key of the remote entity that is included in the message, wherein the public key is an asymmetric key; generating, by a processing device of the device, a derived key based on a one way function between the base key that is stored at the device and the public key of the remote entity that is included in the message; and encrypting the derived key by using the same public key that is used to generate the derived key, wherein the generating of the derived key is based on the one way function between the base key and the public key comprises: performing a first operation to generate an intermediate key based on a combination of the base key and a bit of a value that is based on the public key; and performing a second operation to generate the derived key based on a combination of the intermediate key and on the public key. 8. A method comprising: storing a base key at a device, wherein the base key is private to the device; receiving a message from a remote entity, the message including a signature of a root entity that is based on a root private key; verifying the signature of the root entity from the message with a root public key that corresponds to the root private key; responsive to verifying the signature of the root entity from the message, receiving, at the device, a public key of the remote entity that is included in the message, wherein the public key is an asymmetric key; generating, by a processing device of the device, a derived key based on a one way function between the base key that is stored at the device and the public key of the remote entity that is included in the message; and encrypting the derived key by using the same public key that is used to generate the derived key, wherein the generating of the derived key based on the one way function between the base key and the public key comprises: generating a hash value of the public key; and truncating the hash value of the public key to generate a truncated hash value, wherein the one way function generates the derived key based on the truncated hash value of the public key and the base key. 9. A system comprising: a memory storing a base key, wherein the base key is private to the system; and a processing device operatively coupled to the memory, the processing device to: receive the base key that is stored at the memory; receive a message from a remote entity, the message including a signature of a root entity that is based on a root private key; verify the signature of the root entity from the message with a root public key that corresponds to the root private key; responsive to verifying the signature of the root entity from the message, receive a public key of the remote entity that is included in the message; generate a derived key using a one way function having the base key as a first input and a second input that is based on the public key of the remote entity that is included in the message; and encrypt the derived key by using the same public key that is used to generate the derived key. 10. The system of claim 9 , wherein the processing device is further to: transmit the encrypted derived key to the remote entity, wherein the derived key is a symmetric key. 11. The system of claim 9 , wherein the processing device is further to: receive a second public key from a second remote entity, wherein the second public key is different than the public key of the remote entity; generate a second derived key based on the one way function between the same base key that is stored at the memory and the second public key that is received from the second remote entity; encrypt the second derived key based on the second public key; and transmit the encrypted second derived key to the second remote entity. 12. The system of claim 9 , wherein the generating of the derived key based on the one way function comprises: performing a first operation to generate an intermediate key based on a combination of the base key and a bit of a value that is based on the public key, wherein the intermediate key is the second input; and performing a second operation to generate the derived key based on a combination of the intermediate key and another bit of the value that is based on the public key. 13. The system of claim 12 , wherein the first operation and the second operation each correspond to an Advanced Encryption Standard (AES) operation. 14. The system of claim 9 , wherein the generating of the derived key based on the one way function between the base key and the public key comprises: generating a hash value of the public key; and truncating the hash value of the public key to generate a truncated hash value, wherein the truncated hash value is the second input, wherein the one way function

Assignees

Cryptography Res Inc

Inventors

Kumar Ambuj

Classifications

H04L9/3242Primary
involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC · CPC title
H04L9/0861
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
H04L63/06
for supporting key management in a packet data network (cryptographic mechanisms or cryptographic arrangements for key management H04L9/08) · CPC title
H04L9/0825
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
G06F2212/1052
Security improvement · CPC title

Patent family

Related publications grouped by family.

View patent family 59629539

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11042488B2 cover?: A symmetric key that is stored at a device may be received. A public key from a remote entity may also be received at the device. Furthermore, a derived key may be generated based on a one way function between the symmetric key that is stored at the device and the public key that is received from the remote entity. The derived key may be encrypted with the public key and transmitted to the remo…
Who is the assignee on this patent?: Cryptography Res Inc
What technology area does this patent fall under?: Primary CPC classification H04L9/3242. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Jun 22 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).