What technology area does this patent fall under?

Primary CPC classification H04L9/3268. Mapped technology areas include Electricity.

When was this patent published?

Publication date Thu Sep 01 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Trust-zone-based end-to-end security

US2016254918A1 · US · A1

Patent metadata
Field	Value
Publication number	US-2016254918-A1
Application number	US-201615054020-A
Country	US
Kind code	A1
Filing date	Feb 25, 2016
Priority date	Feb 27, 2015
Publication date	Sep 1, 2016
Grant date	—

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Methods, electronic devices, and systems for exchanging encrypted information. A method for exchanging encrypted information by an electronic device includes generating one or more device certificates and one or more device public private key pairs. The one or more device certificates are signed using a device unique private key that is pre-stored on the electronic device. The method also includes sending the one or more device certificates to a server of a token service provider (TSP). The method further includes receiving one or more TSP certificates from the TSP server. The method includes identifying one or more TSP public keys of the TSP server based on the one or more received TSP certificates. Additionally, the method includes transmitting a message including the information encrypted based on the one or more identified TSP public keys and a signature of the electronic device.

First claim

Opening claim text (preview).

What is claimed is: 1 . A method for exchanging encrypted information by an electronic device, the method comprising: generating one or more device certificates and one or more device public private key pairs, the one or more device certificates signed using a device unique private key that is pre-stored on the electronic device; transmitting the one or more device certificates to a token service provider (TSP) server; receiving one or more TSP certificates from the TSP server; identifying one or more TSP public keys of the TSP server based on the one or more received TSP certificates; and transmitting a message including (i) the information encrypted based on the one or more identified TSP public keys and (ii) a signature of the electronic device. 2 . The method of claim 1 , wherein: a certificate of the device unique private key is signed using a root certificate authority (CA) private key of a manufacturer of the electronic device, and the device unique private key is stored on the electronic device by the manufacturer for access by a trusted application of the electronic device. 3 . The method of claim 2 , wherein a public key for the root CA private key of the manufacturer of the electronic device is provided to the TSP by the manufacturer of the electronic device prior to the generating of the one or more device certificates and the one or more device public private key pairs. 4 . The method of claim 1 , wherein identifying the one or more TSP public keys of the TSP server based on the one or more received TSP certificates comprises: identifying a root certificate authority (CA) certificate of the TSP that is pre-stored on the electronic device for access by a trusted application of the electronic device; verifying authenticity of the one or more received TSP certificates based on the TSP root CA certificate using the trusted application; and identifying the one or more TSP public keys in response to verifying the authenticity of the one or more received TSP certificates. 5 . The method of claim 1 , wherein: the one or more device certificates include an encryption certificate and a signing certificate, the one or more device public private key pairs include a unique signing public private key pair, and the signature of the electronic device is based on a unique signing private key of the unique signing public private key pair. 6 . The method of claim 1 , wherein the information in the message is encrypted using a unique session key and the unique session key is encrypted using a TSP public encryption key that is included in the one or more identified TSP public keys. 7 . The method of claim 1 , wherein the information includes information for registering payment information with the TSP, the payment information associated with the electronic device. 8 . An electronic device for exchanging encrypted information, the electronic device comprising: at least one processor configured to generate one or more device certificates and one or more device public private key pairs, the one or more device certificates signed using a device unique private key that is pre-stored on the electronic device; and a transceiver configured to transmit the one or more device certificates to a token service provider (TSP) server and receive one or more TSP certificates from the TSP server, wherein the at least one processor is further configured to identify one or more TSP public keys of the TSP server based on the one or more received TSP certificates, and wherein the at least one transceiver is configured to transmit a message including (i) the information encrypted based on the one or more identified TSP public keys and (ii) a signature of the electronic device. 9 . The electronic device of claim 8 , wherein: a certificate of the device unique private key is signed using a root certificate authority (CA) private key of a manufacturer of the electronic device, and the device unique private key is stored on the electronic device by the manufacturer for access by a trusted application of the electronic device. 10 . The electronic device of claim 9 , wherein a public key for the root CA private key of the manufacturer of the electronic device is provided to the TSP by the manufacturer of the electronic device prior to the generating of the one or more device certificates and the one or more device public private key pairs. 11 . The electronic device of claim 8 , wherein to identify the one or more TSP public keys of the TSP server based on the one or more received TSP certificates, the at least one processor is configured to: identify a root certificate authority (CA) certificate of the TSP that is pre-stored on the electronic device for access by a trusted application of the electronic device; verify authenticity of the one or more received TSP certificates based on the TSP root CA certificate using the trusted application; and identify the one or more TSP public keys in response to verifying the authenticity of the one or more received TSP certificates. 12 . The electronic device of claim 8 , wherein: the one or more device certificates include an encryption certificate and a signing certificate, the one or more device public private key pairs include a unique signing public private key pair, and the signature of the electronic device is based on a unique signing private key of the unique signing public private key pair. 13 . The electronic device of claim 8 , wherein the information in the message is encrypted using a unique session key and the unique session key is encrypted using a TSP public encryption key that is included in the one or more identified TSP public keys. 14 . The electronic device of claim 8 , wherein the information includes information for registering payment information with the TSP, the payment information associated with the electronic device. 15 . A system for exchanging encrypted information of a token service provider (TSP), the system comprising: at least one processor configured to generate one or more TSP certificates and one or more TSP public private key pairs, the one or more TSP certificates signed using a TSP root certificate authority (CA) private key; and a communication interface configured to transmit the one or more TSP certificates to an electronic device and receive one or more device certificates from the electronic device, wherein the at least one processor is further configured to verify an authenticity of the one or more device certificates based on a public key for a root CA private key of a manufacturer of the electronic device, and wherein the communication interface is configured to receive, from the electronic device, a message including (i) the information encrypted based on one or more TSP public keys of the one or more TSP public private key pairs and (ii) a signature of the electronic device. 16 . The system of claim 15 , wherein: the communication interface is configured to receive a root CA certificate of the manufacturer of the electronic device during a secure certificate exchange with a server of the manufacturer, and the at least one processor is further configured to identify the public key for the root CA private key of the manufacturer based on the received root CA certificate of the manufacturer. 17 . The system of claim 16 , wherein the communication interface is configured to provide a root certificate authority (CA) certificate of the TSP to the server of the manufacturer during the secure certificate exchange for storage on the electronic device and ve

Assignees

Samsung Electronics Co Ltd

Inventors

Classifications

H04L9/3213
using tickets or tokens, e.g. Kerberos (network architectures or network communication protocols for entities authentication using tickets in a packet data network H04L63/0807) · CPC title
H04L63/0823
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
H04L9/3268Primary
using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL] · CPC title
H04L9/3265
using certificate chains, trees or paths; Hierarchical trust model · CPC title
H04W12/06
Authentication · CPC title

Patent family

Related publications grouped by family.

View patent family 56788672

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2016254918A1 cover?: Methods, electronic devices, and systems for exchanging encrypted information. A method for exchanging encrypted information by an electronic device includes generating one or more device certificates and one or more device public private key pairs. The one or more device certificates are signed using a device unique private key that is pre-stored on the electronic device. The method also inclu…
Who is the assignee on this patent?: Samsung Electronics Co Ltd
What technology area does this patent fall under?: Primary CPC classification H04L9/3268. Mapped technology areas include Electricity.
When was this patent published?: Publication date Thu Sep 01 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).