Hearing system and method of retrieving hearing device data
US-2018167748-A1 · Jun 14, 2018 · US
System and method for software module binding
US11824998B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11824998-B2 |
| Application number | US-202117242705-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 28, 2021 |
| Priority date | May 3, 2017 |
| Publication date | Nov 21, 2023 |
| Grant date | Nov 21, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the invention are directed to methods and systems for software module binding. Cryptographic keys and challenge elements can be exchanged between a first software module and a second software module to create a binding between the first software module and the second software module. As a result, a first software module can securely and authentically access sensitive data and functionality at a second software module, while unauthorized software modules can be prevented from accessing the sensitive data and functionality.
First claim
Opening claim text (preview).
What is claimed is: 1. A method performed by a computing device comprising a processor, a first software module and a second software module, the method comprising: generating, by the first software module executed by the processor, a challenge request comprising data elements including a first software module identifier, wherein the first software module is a software development kit (SDK); encrypting, by the first software module, using a first challenge element, the data elements in the challenge request; providing, by the first software module, the challenge request including the encrypted data elements to the second software module; decrypting, by the second software module executed by the processor, the encrypted data elements in the challenge request, wherein the second software module is a keystore module; generating, by the second software module, a second challenge element; encrypting, by the second software module, the second challenge element; providing, by the second software module to the first software module, a challenge response including the encrypted second challenge element; decrypting, by the first software module, the encrypted second challenge element; and storing, by the first software module, the second challenge element. 2. The method of claim 1 , further comprising: signing, by the second software module, the second challenge element using a private key of a second software module public-private key pair; providing, by the second software module, the signed second challenge element to the first software module; and verifying, by the first software module, the signed second challenge element using a public key of the second software module public-ptivate key pair. 3. The method of claim 1 , wherein encrypting the second challenge element comprises using, by the second software module, the first challenge element to encrypt the second challenge element, and wherein decrypting the second challenge element comprises using, by the first software module, the first challenge element to decrypt the second challenge element. 4. The method of claim 1 , wherein the data elements of the challenge request further comprise a version identifier for the first software module and an application-device identifier for the computing device. 5. The method of claim 1 , further comprising: signing, by the first software module, the challenge request using a private key of a first software module public-private key pair; and verifying, by the second software module, the challenge request using a public key of the first software module public-private key pair. 6. The method of claim 1 , wherein the first challenge element and the second challenge element are different random numbers. 7. The method of claim 1 , further comprising: storing, by the second software module, the second challenge element. 8. The method of claim 1 , further comprising: generating, by the second software module, a short lived certificate, wherein the short lived certificate is present in the challenge response. 9. The method of claim 1 , wherein the keystore module stores keys used to decrypt keys for generating cryptograms. 10. The method according to claim 9 , wherein the keystore module is configured to receive and enforce restrictions regarding key usage and regarding entities authorized to use the keys. 11. The method according to claim 1 , wherein the software development kit (SDK) comprises an SDK version identifier. 12. The method according to claim 1 , wherein the SDK comprises a secure whiteboxed layer that is secured based on guards, obfuscation, and cryptographic whiteboxing. 13. A computing device comprising: a processor; a non-transitory computer readable medium comprising a first software module and a second software module, the non-transitory computer readable medium comprising code executable by the processor to implement a method comprising: generating, by the first software module, a challenge request comprising data elements including a first software module identifier and a time period, wherein the first software module is a software development kit (SDK); encrypting, by the first software module, using a first challenge element, the data elements in the challenge request; providing, by the first software module, the challenge request including the encrypted data elements to the second software module, wherein the second software module is a kevstore module; decrypting, by the second software module, the data elements in the challenge request; verifying, by the second software module, the data elements; generating, by the second software module, a second challenge element; encrypting, by the second software module, the second challenge element; providing, by the second software module to the first software module, a challenge response including the encrypted second challenge element; decrypting, by the first software module, the encrypted second challenge element; and storing, by the first software module, the second challenge element. 14. The computing device of claim 13 , wherein the method further comprises: signing, by the second software module, the second challenge element using a private key of a second software module public-private key pair; providing, by the second software module, the signed second challenge element to the first software module; and verifying, by the first software module, the signed second challenge element using a public key of the second software module public-private key pair. 15. The computing device of claim 13 , wherein encrypting the second challenge element comprises using, by the second software module; the first challenge element to encrypt the second challenge element, and wherein decrypting the second challenge element comprises using, by the first software module, the first challenge element to decrypt the second challenge element. 16. The computing device of claim 13 , wherein the data elements of the challenge request further comprise a version identifier for the first software module and an application-device identifier for the computing device. 17. The computing device of claim 13 , wherein the method further comprises: signing, by the first software module, the challenge: request using a private key of a first software module public-private key pair; and verifying, by the second software module, the challenge request using a public key of the first software module public-private key pair. 18. The computing device of claim 13 , wherein the computing device is a distributed computing system. 19. The computing device of claim 13 , further comprising a secure memory for storing encryption and/or decryption keys. 20. The computing device of claim 19 , wherein the computing device is a mobile phone, and the computing device further comprises a near field communication element, which is configured to transmit a cryptogram generated using a key decrypted using another key in the keystore module.
Assignees
Inventors
Classifications
- H04L9/3271Primary
using challenge-response · CPC title
- G06F21/602Primary
Providing cryptographic facilities or services · CPC title
involving additional devices, e.g. trusted platform module [TPM], smartcard or USB · CPC title
involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing · CPC title
involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token (network architectures or network communication protocols for supporting authentication of entities using an additional device in a packet data network H04L63/0853) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11824998B2 cover?
- Embodiments of the invention are directed to methods and systems for software module binding. Cryptographic keys and challenge elements can be exchanged between a first software module and a second software module to create a binding between the first software module and the second software module. As a result, a first software module can securely and authentically access sensitive data and fun…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3271. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 21 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).