What technology area does this patent fall under?

Primary CPC classification H04L63/166. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Aug 29 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Remote attestation transport layer security and split trust encryption

US11743293B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11743293-B2
Application number	US-202117305958-A
Country	US
Kind code	B2
Filing date	Jul 19, 2021
Priority date	Jul 19, 2021
Publication date	Aug 29, 2023
Grant date	Aug 29, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A method for remote attestation includes establishing, using a cryptographic protocol, a communication session between a first computing device and a second computing device. The communication session includes communications encrypted by an ephemeral session key. The method includes receiving, at the first communication device via the communication session, from the second computing device, an attestation request requesting the first computing device to provide an attestation report. The method includes generating, by the first computing device, the attestation report based on the ephemeral session key and sending, using the communication session, the attestation report to the second computing device.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method when executed by data processing hardware of a first computing device causes the data processing hardware to perform operations comprising: generating a data encryption key (DEK); splitting the DEK into a plurality of DEK portions, each DEK portion of the plurality of DEK portions representative of a portion of the DEK; and for each respective DEK portion of the plurality of DEK portions: hashing the respective DEK portion; storing the respective hashed DEK portion; requesting a respective third party associated with the respective DEK portion to encrypt the respective DEK portion with a key encryption key (KEK), the respective third party associated with the respective DEK portion different than the respective third party associated with each other DEK portion of the plurality of DEK portions; receiving the encrypted DEK portion from the respective third party; and storing the encrypted DEK portion. 2. The method of claim 1 , wherein the operations further comprise, after storing the encrypted DEK portion: obtaining data encrypted by the DEK; for each respective DEK portion of the plurality of DEK portions: requesting the respective third party to decrypt the respective DEK portion; receiving the decrypted DEK portion from the respective third party; hashing the decrypted DEK portion; and determining whether the hashed decrypted DEK portion is equivalent to the respective stored hashed DEK portion; when each of the hashed decrypted DEK portions are equivalent to the respective stored hashed DEK portions, combining the decrypted DEK portions to generate a combined DEK; and decrypting the data using the combined DEK. 3. The method of claim 1 , wherein splitting the DEK into the plurality of DEK portions comprises splitting the DEK into the plurality of DEK portions using Shamir's secret sharing algorithm.

Assignees

Google Llc

Inventors

Classifications

H04L63/166Primary
at the transport layer · CPC title
H04L9/083
involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] · CPC title
H04L9/085
Secret sharing or secret splitting, e.g. threshold schemes · CPC title
H04L9/0861
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
H04L9/0894
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title

Patent family

Related publications grouped by family.

View patent family 83004728

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11743293B2 cover?: A method for remote attestation includes establishing, using a cryptographic protocol, a communication session between a first computing device and a second computing device. The communication session includes communications encrypted by an ephemeral session key. The method includes receiving, at the first communication device via the communication session, from the second computing device, an …
Who is the assignee on this patent?: Google Llc
What technology area does this patent fall under?: Primary CPC classification H04L63/166. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Aug 29 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).