Secure removable storage for aircraft systems
US-10083325-B2 · Sep 25, 2018 · US
Hybrid cryptographic system and method for encrypting data for common fleet of vehicles
US11290258B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11290258-B2 |
| Application number | US-201916283633-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 22, 2019 |
| Priority date | Feb 22, 2019 |
| Publication date | Mar 29, 2022 |
| Grant date | Mar 29, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A hybrid encryption method for securely transferring an electronic data package from a sender to a plurality of clients. The method comprises storing a shared symmetric key on each of the clients. The sender encrypts a private key of an asymmetric key pair using the shared symmetric key. The sender encrypts the data package with a temporary symmetric key to generate an encrypted data package. The sender encrypts the temporary symmetric key with the public key of the asymmetric key pair to generate an encrypted temporary symmetric key. The sender transmits the encrypted data package, the encrypted temporary symmetric key, and the encrypted private key to the clients. Each client decrypts the encrypted data package by: using the shared symmetric key to decrypt the encrypted private key; using the decrypted private key to decrypt the encrypted temporary symmetric key, and using the decrypted temporary symmetric key to decrypt the encrypted data package.
First claim
Opening claim text (preview).
What is claimed is: 1. A hybrid encryption method for securely transferring a data package from a sender to a plurality of clients, the method comprising: storing a shared symmetric key on a client trusted platform (TPM) of each client; the sender encrypting a private key using the shared symmetric key stored on a sender trusted platform, the private key being a decryption key of an asymmetric encryption key pair comprising the private key and a public key; the sender encrypting the data package with a temporary symmetric key to generate an encrypted data package; the sender encrypting the temporary symmetric key with the public key to generate an encrypted temporary symmetric key; and the sender transferring the encrypted data package, the encrypted temporary symmetric key, and the encrypted private key to each of the clients. 2. The method of claim 1 , wherein the sender stores the private key on a sender trusted platform (“sender TPM”) accessible to only trusted personnel and the private key is not accessible to less trusted personnel who encrypt the data package with the temporary symmetric key to generate an encrypted data package. 3. The method of claim 2 , wherein the sender TPM is protected by a hardware security module. 4. The method of claim 1 , wherein the data package comprises a software binary. 5. The method of claim 1 , wherein the asymmetric encryption key pair is a Rivest-Shamir-Adleman (RSA) cryptosystem key pair at least 256 bits in length. 6. The method of claim 1 , wherein the shared symmetric key is an AES cryptosystem key. 7. The method of claim 1 , wherein the temporary symmetric key is an AES cryptosystem key. 8. The method of claim 1 , further comprising, storing the shared symmetric key on a trusted platform of each client. 9. The method of claim 1 , further comprising: each client performing the following process to decrypt the data package: decrypting the encrypted private key using the shared symmetric key to generate a decrypted private key, the symmetric key stored on a trusted platform of the respective client; decrypting the encrypted temporary symmetric key using the decrypted private key to generate a decrypted temporary symmetric key; and decrypting the encrypted data package using the decrypted temporary symmetric key. 10. A hybrid encryption method for securely transferring a data package from a sender to a plurality of clients, the method comprising: generating a shared symmetric key and storing the shared symmetric key on each client; the sender encrypting a private key using said shared symmetric key stored on a client trusted platform, the private key being a decryption key of an asymmetric encryption key pair comprising the private key and a public key; the sender encrypting the data package with a temporary symmetric key to generate an encrypted data package; the sender encrypting the symmetric key with the public key to generate an encrypted temporary symmetric key; transmitting the encrypted data package, the encrypted temporary symmetric key, and the encrypted private key to each of the clients in a manner such that each of the clients can decrypt the data package by: decrypting the private key using the shared symmetric key to generate a decrypted private key; decrypting the temporary symmetric key using the decrypted private key to generate a decrypted temporary symmetric key; and decrypting the encrypted data package using the decrypted temporary symmetric key. 11. The method of claim 10 , wherein the sender stores the private key on a sender trusted platform (sender TPM) accessible to limited trusted personnel and the private key is not accessible to less trusted personnel who encrypt the data package with the temporary symmetric key to generate an encrypted data package. 12. The method of claim 11 , wherein the sender TPM is protected by a hardware security module. 13. The method of claim 10 , wherein the asymmetric encryption key pair is a Rivest-Shamir-Adleman (RSA) cryptosystem key pair selected from the group consisting of a 256-bit RSA cryptosystem key pair and a 2048-bit RSA cryptosystem key pair. 14. The method of claim 10 , wherein the shared symmetric key is an AES cryptosystem key. 15. The method of claim 10 , wherein the temporary symmetric key is an AES cryptosystem key. 16. The method of claim 10 , further comprising, storing the shared symmetric key on a trusted platform of each client. 17. A hybrid encryption method for securely transferring a data package from a sender to a plurality of line replaceable units (LRUs) each installed on a vehicle, the method comprising: storing a shared symmetric key on a trusted platform of each LRU; the sender generating an asymmetric encryption key pair comprising a private key and a public key; encrypting the private key using said shared symmetric key; encrypting the data package with a temporary symmetric key to generate an encrypted data package; encrypting the temporary symmetric key with the public key to generate an encrypted temporary symmetric key; transmitting the encrypted data package, the encrypted temporary symmetric key, and the encrypted private key to each of the LRUs, the encrypted data package, the encrypted temporary symmetric key, and the encrypted private key being configured to allow each LRU to decrypt the data package by: decrypting the encrypted private key using the shared symmetric key to generate a decrypted private key; decrypting the encrypted temporary symmetric key using the decrypted private key to generate a decrypted temporary symmetric key; and decrypting the encrypted data package using the decrypted temporary symmetric key. 18. The method of claim 17 , wherein the sender stores the private key on a sender trusted platform (sender TPM) accessible to only limited trusted personnel and the private key is not accessible to less trusted personnel who encrypt the data package with the temporary symmetric key to generate an encrypted data package. 19. The method of claim 18 , wherein the sender TPM is protected by a hardware security module. 20. The method of claim 17 , wherein the LRUs are installed on respective aircraft of a fleet of aircraft.
Assignees
Inventors
Classifications
Transmission of traffic-related information between aircraft and ground stations · CPC title
Transmission of traffic-related information between aircraft · CPC title
Platooning, i.e. convoy of communicating vehicles · CPC title
- H04L9/0825Primary
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
using RSA or related signature schemes, e.g. Rabin scheme · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11290258B2 cover?
- A hybrid encryption method for securely transferring an electronic data package from a sender to a plurality of clients. The method comprises storing a shared symmetric key on each of the clients. The sender encrypts a private key of an asymmetric key pair using the shared symmetric key. The sender encrypts the data package with a temporary symmetric key to generate an encrypted data package. T…
- Who is the assignee on this patent?
- Panasonic Avionics Corp
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0825. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 29 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).