Server-Mediated Management of Accessory Device Sharing
US-2024380575-A1 · Nov 14, 2024 · US
Secure management of a master encryption key in a split-key based distributed computing environment
US9954680B1 · US · B1
| Field | Value |
|---|---|
| Publication number | US-9954680-B1 |
| Application number | US-201514974454-A |
| Country | US |
| Kind code | B1 |
| Filing date | Dec 18, 2015 |
| Priority date | Dec 18, 2015 |
| Publication date | Apr 24, 2018 |
| Grant date | Apr 24, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A master encryption key is split at a key splitting server such that three key shares are required to reconstruct it, and is then destroyed. The key shares are distributed such that an encrypted remote management server key share is stored at a remote management server, an encrypted managed device key share is stored at a managed device, and a key splitting server key share is stored on the key splitting server. Incoming communications to the key splitting server from managed devices are prevented, and outgoing communications from the key splitting server are only allowed to managed devices. The managed device obtains the master encryption key at startup by sending its managed device key share to the remote management server, which sends the managed device key share and the remote management server key share to the key splitting server. The key splitting server reconstructs the master encryption key, encrypts it using a public key of the managed device, and sends it to the managed device.
First claim
Opening claim text (preview).
What is claimed is: 1. A method of protecting a master encryption key in a distributed computing system, comprising: generating, by a key splitting server, a master encryption key; splitting the master encryption key, by the key splitting server, into multiple key shares using a polynomial-based secret sharing technique, wherein the splitting is performed such that at least three different ones of the key shares must be combined in order to reconstruct the master encryption key; distributing individual ones of the key shares, by the key splitting server, to different components in the distributed computing system by generating a remote management key share by encrypting a first one of the key shares using a key encryption key stored on the key splitting server and sending the remote management key share from the key splitting server to a remote management server to be stored on the remote management server, generating a managed device key share by encrypting a second one of the key shares using the key encryption key and sending the device key share to at least one managed device to be stored on the managed device, and generating a key splitting server key share by storing a third one of the key shares on the key splitting server; destroying, by the key splitting server, the master encryption key; and performing a start-up operation on the managed device at least in part by receiving a reconstructed master encryption key by the managed device, using the reconstructed master encryption key by the managed device to complete the start-up operation at least in part by encrypting a protected key store located within the managed device using the reconstructed master encryption key, and after using the reconstructed master encryption key by the managed device to complete the start-up operation, destroying all local copies of the reconstructed master encryption key on the managed device. 2. The method of claim 1 , wherein encrypting the first one of the key shares to generate the remote management server key share includes performing a key wrapping operation on the first key share using the key encryption key; and wherein encrypting the second one of the key shares to generate the managed device key share includes performing a key wrapping operation on the second key share using the key encryption key. 3. The method of claim 2 , wherein the key encryption key comprises the key splitting server key share; wherein performing the key wrapping operation on the first key share includes wrapping the first key share using the key splitting server key share; and wherein performing the key wrapping operation on the second key share includes wrapping the second key share using the key splitting server key share. 4. The method of claim 2 , wherein the key encryption key comprises a public key of a public/private key pair uniquely assigned to the key splitting server; wherein performing the key wrapping operation on the first key share includes wrapping the first key share using the public key of the public/private key pair uniquely assigned to the key splitting server; and wherein performing the key wrapping operation on the second key share includes wrapping the second key share using the public key of the public/private key pair uniquely assigned to the key splitting server. 5. The method of claim 2 , wherein generating the key splitting server key share includes performing a key wrapping operation on the third one of the key shares, before storing the key splitting server key on the key splitting server, by wrapping the third one of the key shares using the public key of the public/private key pair uniquely assigned to the key splitting server. 6. The method of claim 2 , further comprising configuring at least one component of the distributed computing system to allow outgoing communications from the key splitting server to the managed device and to prevent incoming communications to the key splitting server from the managed device. 7. The method of claim 6 , wherein configuring at least one component of the distributed computing system to allow outgoing communications from the key splitting server to the managed device and to prevent incoming communications to the key splitting server from the managed device comprises configuring the key splitting server to allow outgoing communications from the key splitting server to the managed device and to prevent incoming communications to the key splitting server from the managed device. 8. The method of claim 6 , wherein configuring at least one component of the distributed computing system to allow outgoing communications from the key splitting server to the managed device and to prevent incoming communications to the key splitting server from the managed device comprises configuring a network firewall to allow outgoing communications from the key splitting server to the managed device and to prevent incoming communications to the key splitting server from the managed device. 9. The method of claim 7 , wherein configuring the key splitting server to allow outgoing communications to the managed device and to prevent incoming communications from the managed device to the key splitting server comprises: receiving a list of managed devices, by the key splitting server from the remote management server, wherein the list of managed devices includes network addressing information for the managed device; and wherein the key splitting server allows outgoing communications from the key splitting server to the managed device and prevents incoming communications to the key splitting server from the managed device in response to the network addressing information for the managed device included in the list of managed devices. 10. The method of claim 6 , wherein performing the start-up operation on the managed device further includes: receiving, by the key splitting server from the remote management server, a request to reconstruct the master encryption key, wherein the request to reconstruct the master encryption key includes i) the remote management server key share, and ii) the managed device key share, wherein the managed device key share was received by the remote management server from the managed device, decrypting, by the key splitting server, the remote management server key share and the managed device key share, generating, by the key splitting server using the decrypted remote management server key share, the decrypted managed device key share and the key splitting server key share, a reconstructed master encryption key, and sending the reconstructed master encryption key from the key splitting server to the managed device. 11. The method of claim 10 , wherein the key encryption key comprises the key splitting server key share; wherein decrypting the remote management server key share comprises decrypting the remote management key share using the key splitting server key share; and wherein decrypting the managed device key share comprises decrypting the remote management key share using the key splitting server key share. 12. The method of claim 10 , wherein the key encryption key comprises the public key of the public/private key pair uniquely assigned to the key splitting server; wherein decrypting the remote management server key share comprises decrypting the remote management server key share using the private key of the public/private key pair uniquely assigned to the key splitting server; and wherein decrypting the managed device key share comprises decrypting the managed device key share using the private key of the public/private key pair uniquely assigned to the key splitting server. 13. T
Assignees
Inventors
Classifications
using key encryption key · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
Generation of secret information including derivation or calculation of cryptographic keys or passwords · CPC title
- H04L9/085Primary
Secret sharing or secret splitting, e.g. threshold schemes · CPC title
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9954680B1 cover?
- A master encryption key is split at a key splitting server such that three key shares are required to reconstruct it, and is then destroyed. The key shares are distributed such that an encrypted remote management server key share is stored at a remote management server, an encrypted managed device key share is stored at a managed device, and a key splitting server key share is stored on the key…
- Who is the assignee on this patent?
- Emc Corp, Emc Ip Holding Co Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/085. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 24 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).