US2008189554A1PendingUtilityA1

Method and system for securing communication between a host computer and a secure portable device

45
Assignee: ALI ASADPriority: Feb 5, 2007Filed: Nov 30, 2007Published: Aug 7, 2008
Est. expiryFeb 5, 2027(~0.6 yrs left)· nominal 20-yr term from priority
H04L 9/0891H04L 9/0877G06F 21/34G06F 13/10H04L 9/0897
45
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A secure portable electronic device for providing secure services when used in conjunction with a host computer having a central processing unit. The secure portable device communicates with the host computer via a host agent program executing on the host computer from the secure portable device. Periodically, the host agent and a corresponding program executing on the secure portable device, cooperate to verify the integrity and authenticity of the host agent program, for example, in conjunction with exchanging a new session key. Other systems and methods are disclosed.

Claims

exact text as granted — not AI-modified
1 . A secure portable electronic device for providing secure services when used in conjunction with a host computer having a central processing unit of a first type, the secure portable electronic device having a central processing unit of a second type, wherein a secure service is provided by executing an application in a flexible distributed fashion among the host computer and the secure portable electronic device, comprising:
 a read-only memory partition, a read/write memory partition, and a secure memory partition;   a communications interface for securely transmitting and receiving data between the host computer and the secure portable electronic device using a communications protocol over the communications interface, wherein communications between secure portable device and the host computer are secured by encryption using a symmetric key;   instructions stored in the read-only partition, wherein the instructions comprise:
 a host agent containing instructions executable by a central processing unit of the first type; 
   private information stored in the secure memory partition; and   instructions stored in the secure memory partition, comprising:
 a card agent containing instructions executable by central processing units of the second type, the instructions including instructions to cause the secure device to:
 receive a message from a host agent executing on the host computer requesting to diversify the symmetric key established to secure communication between the host agent executing on the host computer and the card agent executing on the secure device to establish a replacement value for the symmetric key; 
 in response to receiving a key diversification request, transmit a message to request a thumbprint of the host agent instructions executing on the host computer; 
 receive a message containing a thumbprint from the host computer; 
 compare the received thumbprint against a known-to-be-correct thumbprint; 
 prevent further access to secure data stored on the secure device by the host computer if the received thumbprint does not match the known-to-be-correct thumbprint; and 
 continue key diversification operations if the received thumbprint matches the known-to-be-correct thumprint; 
 
 the host agent comprising instructions including instructions to:
 compute a thumbprint; and 
 
   transmit the computed thumbprint to the secure device.   
   
   
       2 . The secure portable electronic device of  claim 1 , wherein the thumbprint request comprises an offset; and wherein the host agent comprises thumbprint computation instructions to cause the host computer compute the thumbprint over the host agent instruction code executing on the host computer starting at the offset. 
   
   
       3 . The secure portable electronic device of  claim 1  wherein the thumbprint request comprises a length parameter and wherein the thumbprint computation instructions further comprise instructions to cause the host computer to compute the thumbprint over a section of the host agent instruction code executing on the host computer and equal in size to the length parameter. 
   
   
       4 . The secure portable electronic device of  claim 1  wherein the thumbprint request comprises an algorithm indicator and wherein the thumbprint computation instructions further comprise instructions to cause the host computer to compute the thumbprint over a section of the host agent instruction code using an algorithm corresponding to the algorithm indicator. 
   
   
       5 . The secure portable electronic device of  claim 1  wherein the thumbprint computation instructions comprise instructions to cause the host computer to compute the thumbprint over a section of the host agent instruction code using a hashing algorithm. 
   
   
       6 . The secure portable electronic device of  claim 1  wherein the card agent further comprises instructions to compute the known-to-correct thumbprint over a section of the host agent instruction code using a hashing algorithm. 
   
   
       7 . The secure portable electronic device of  claim 1  wherein the card agent further comprises a table of known-to-correct thumbprints each corresponding to thumbprints computed over a particular section of the host agent instruction code. 
   
   
       8 . The secure portable electronic device of  claim 1  further comprising key obfuscation instructions including instructions to cause the secure device to generate the symmetric key and to write the symmetric key at specified locations in the host agent code. 
   
   
       9 . The secure portable electronic device of  claim 8  wherein the key obfuscation instructions further comprise instructions to cause the secure device to generate the symmetric key and to write the symmetric key at specified locations in the host agent code at start up of the secure device. 
   
   
       10 . The secure portable electronic device of  claim 8  the key obfuscation instructions further comprise instructions wherein the instructions to write the symmetric key at specified locations in the host agent code writes the symmetric key beginning at an offset and distributed over the host agent code. 
   
   
       11 . The secure portable electronic device of  claim 10  the key obfuscation instructions further comprise instructions to cause the secure device to distribute the symmetric key over the host agent code according to a specified increment. 
   
   
       12 . The secure portable electronic device of  claim 11  wherein the key obfuscation instructions further comprise instructions to cause the secure device to write at least one of the offset and increment into the host agent in a subset of bits of a memory location and randomizing the remaining bits of the memory location. 
   
   
       13 . The secure portable electronic device of  claim 8  further comprising key recovery instructions in the host agent code to cause the host computer executing the host agent to recover the symmetric key from locations in the host agent code where the secure device has written the symmetric key according to the key obfuscation instructions. 
   
   
       14 . The secure portable electronic device of  claim 13  wherein the host agent code further comprises instructions to cause the host computer to write the recovered symmetric key into a cryptography key management system of the host computer. 
   
   
       15 . The secure portable electronic device of  claim 14  wherein host computer includes a Crypto Services API, and the instructions to cause the host computer to write the recovered symmetric key into the cryptography key management system includes calls to the Crypto Services API. 
   
   
       16 . The secure portable electronic device of  claim 1  wherein the card agent and host agent each further comprise instructions to cause the secure device and the host computer, respectively, to negotiate a replacement value for the symmetric key. 
   
   
       17 . The secure portable electronic device of  claim 16  wherein the instructions to negotiate a replacement value for the symmetric key comprises using a known shared master secret and a random string to generate the replacement value for the symmetric key. 
   
   
       18 . The secure portable electronic device of  claim 17   wherein the instructions to negotiate a replacement value for the symmetric key comprises instructions in the card agent to cause the secure device to:
 generate the random string; 
 compute the replacement value for the symmetric key using the master shared secret and the random string; 
 encrypt the random string using the symmetric key; and 
 transmit the encrypted random string to the host computer; and 
   wherein the instructions of negotiate a replacement value for the symmetric key comprises instructions in the host agent to cause the host computer to:
 receive the encrypted random string; 
 decrypt the encrypted random string using the symmetric key; and 
 compute the replacement value for symmetric key from the master shared secret and the random string. 
   
   
   
       19 . The secure portable electronic device of  claim 18   wherein the instructions to negotiate a replacement value for the symmetric key comprises instructions in the card agent to request the host agent to compute the thumbprint according to a specification;   wherein the instructions to negotiate a replacement value for the symmetric key comprises instructions in the host agent to cause the host computer to compute and to encrypt the thumbprint using the replacement value for the symmetric key; and   wherein the instructions to negotiate a replacement value for the symmetric key comprises instructions in the card agent to cause the secure device to decrypt the thumb print using the replacement value for the symmetric key.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.