DE69636584D1 - Verfahren zur Schlüsselverteilung und Verifizierung in einem Schlüsselverwaltungssystem - Google Patents

Verfahren zur Schlüsselverteilung und Verifizierung in einem Schlüsselverwaltungssystem

Info

Publication number
DE69636584D1
DE69636584D1 DE69636584T DE69636584T DE69636584D1 DE 69636584 D1 DE69636584 D1 DE 69636584D1 DE 69636584 T DE69636584 T DE 69636584T DE 69636584 T DE69636584 T DE 69636584T DE 69636584 D1 DE69636584 D1 DE 69636584D1
Authority
DE
Germany
Prior art keywords
key
management system
verification procedure
distribution
key management
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE69636584T
Other languages
English (en)
Other versions
DE69636584T2 (de
Inventor
John F Braun
Robert A Cordery
Ippolito Frank M D
Kathryn V Lawton
Steven J Pauly
Leon A Pintsov
Frederick W Ryan
Monroe A Weiant
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Pitney Bowes Inc
Original Assignee
Pitney Bowes Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Pitney Bowes Inc filed Critical Pitney Bowes Inc
Application granted granted Critical
Publication of DE69636584D1 publication Critical patent/DE69636584D1/de
Publication of DE69636584T2 publication Critical patent/DE69636584T2/de
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00741Cryptography or similar special procedures in a franking system using specific cryptographic algorithms or functions
    • G07B2017/00758Asymmetric, public-key algorithms, e.g. RSA, Elgamal
    • G07B2017/00766Digital signature, e.g. DSA, DSS, ECDSA, ESIGN
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00846Key management
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00846Key management
    • G07B2017/00854Key generation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00846Key management
    • G07B2017/0087Key distribution
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00846Key management
    • G07B2017/0087Key distribution
    • G07B2017/00887Key distribution using look-up tables, also called master tables with pointers
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00846Key management
    • G07B2017/00895Key verification, e.g. by using trusted party
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00959Cryptographic modules, e.g. a PC encryption board
    • G07B2017/00967PSD [Postal Security Device] as defined by the USPS [US Postal Service]
DE69636584T 1995-03-31 1996-04-01 Verfahren zur Schlüsselverteilung und Verifizierung in einem Schlüsselverwaltungssystem Expired - Lifetime DE69636584T2 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US414896 1989-09-29
US08/414,896 US5661803A (en) 1995-03-31 1995-03-31 Method of token verification in a key management system

Publications (2)

Publication Number Publication Date
DE69636584D1 true DE69636584D1 (de) 2006-11-16
DE69636584T2 DE69636584T2 (de) 2007-06-21

Family

ID=23643464

Family Applications (1)

Application Number Title Priority Date Filing Date
DE69636584T Expired - Lifetime DE69636584T2 (de) 1995-03-31 1996-04-01 Verfahren zur Schlüsselverteilung und Verifizierung in einem Schlüsselverwaltungssystem

Country Status (7)

Country Link
US (1) US5661803A (de)
EP (1) EP0735720B1 (de)
JP (1) JP3881055B2 (de)
CN (1) CN1136512C (de)
BR (1) BR9601232A (de)
CA (1) CA2172860C (de)
DE (1) DE69636584T2 (de)

Families Citing this family (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7567669B2 (en) * 1996-05-17 2009-07-28 Certicom Corp. Strengthened public key protocol
US5825881A (en) * 1996-06-28 1998-10-20 Allsoft Distributing Inc. Public network merchandising system
US6041123A (en) * 1996-07-01 2000-03-21 Allsoft Distributing Incorporated Centralized secure communications system
US6041317A (en) * 1996-11-19 2000-03-21 Ascom Hasler Mailing Systems, Inc. Postal security device incorporating periodic and automatic self implementation of public/private key pair
US5982896A (en) * 1996-12-23 1999-11-09 Pitney Bowes Inc. System and method of verifying cryptographic postage evidencing using a fixed key set
US6058188A (en) * 1997-07-24 2000-05-02 International Business Machines Corporation Method and apparatus for interoperable validation of key recovery information in a cryptographic system
FR2768534B1 (fr) * 1997-09-18 1999-12-10 Neopost Ind Procede et dispositif de securisation de donnees postales
WO1999020020A1 (en) 1997-10-14 1999-04-22 Certicom Corp. Key validation scheme
US6233565B1 (en) 1998-02-13 2001-05-15 Saranac Software, Inc. Methods and apparatus for internet based financial transactions with evidence of payment
DE19816344C2 (de) * 1998-04-01 2000-08-10 Francotyp Postalia Gmbh Verfahren zur sicheren Schlüsselverteilung
US7215773B1 (en) * 1998-10-14 2007-05-08 Certicom.Corp. Key validation scheme
EP1129436A1 (de) * 1998-11-10 2001-09-05 Kent Ridge Digital Labs Verschlüsselungsverfahren und vorrichtung dafür
US6343361B1 (en) 1998-11-13 2002-01-29 Tsunami Security, Inc. Dynamic challenge-response authentication and verification of identity of party sending or receiving electronic communication
US6704867B1 (en) 1999-03-30 2004-03-09 Bitney Bowes, Inc. Method for publishing certification information representative of selectable subsets of rights and apparatus and portable data storage media used to practice said method
US6847951B1 (en) * 1999-03-30 2005-01-25 Pitney Bowes Inc. Method for certifying public keys used to sign postal indicia and indicia so signed
US6738899B1 (en) 1999-03-30 2004-05-18 Pitney Bowes Inc. Method for publishing certification information certified by a plurality of authorities and apparatus and portable data storage media used to practice said method
JP3823599B2 (ja) * 1999-04-22 2006-09-20 富士ゼロックス株式会社 流通情報管理装置および方法
IL130963A (en) * 1999-07-15 2006-04-10 Nds Ltd Key management for content protection
GB2353682B (en) * 1999-07-15 2004-03-31 Nds Ltd Key management for content protection
CN100468452C (zh) * 1999-08-23 2009-03-11 李东声 一种实现电子存折(钱包)安全交易的方法
US6968456B1 (en) * 2000-08-08 2005-11-22 Novell, Inc. Method and system for providing a tamper-proof storage of an audit trail in a database
US7756795B2 (en) 2000-12-27 2010-07-13 Pitney Bowes Inc. Mail piece verification system
US7707124B2 (en) * 2000-08-28 2010-04-27 Pitney Bowes Inc. Mail piece verification system having forensic accounting capability
DE10131254A1 (de) * 2001-07-01 2003-01-23 Deutsche Post Ag Verfahren zum Überprüfen der Gültigkeit von digitalen Freimachungsvermerken
JP2003101523A (ja) * 2001-09-21 2003-04-04 Fujitsu Ltd 秘匿機能を有する通信ネットワーク・システムおよび通信方法
US7561691B2 (en) * 2001-11-12 2009-07-14 Palm, Inc. System and method for providing secured access to mobile devices
US8132236B2 (en) * 2001-11-12 2012-03-06 Hewlett-Packard Development Company, L.P. System and method for providing secured access to mobile devices
US20080148350A1 (en) * 2006-12-14 2008-06-19 Jeffrey Hawkins System and method for implementing security features and policies between paired computing devices
US6996620B2 (en) * 2002-01-09 2006-02-07 International Business Machines Corporation System and method for concurrent security connections
AUPS112202A0 (en) * 2002-03-14 2002-04-18 Commonwealth Scientific And Industrial Research Organisation Semiconductor manufacture
CN101400059B (zh) * 2007-09-28 2010-12-08 华为技术有限公司 一种active状态下的密钥更新方法和设备
US8214291B2 (en) 2007-10-19 2012-07-03 Ebay Inc. Unified identity verification
US8175276B2 (en) * 2008-02-04 2012-05-08 Freescale Semiconductor, Inc. Encryption apparatus with diverse key retention schemes
CN101335754B (zh) * 2008-05-14 2011-09-21 北京深思洛克软件技术股份有限公司 一种利用远程服务器进行信息验证的方法
EP2128781A1 (de) * 2008-05-27 2009-12-02 Benny Kalbratt Authentifizierungsverfahren
US8838503B2 (en) * 2008-12-08 2014-09-16 Ebay Inc. Unified identity verification
US9264230B2 (en) 2011-03-14 2016-02-16 International Business Machines Corporation Secure key management
US8619990B2 (en) 2011-04-27 2013-12-31 International Business Machines Corporation Secure key creation
US8789210B2 (en) 2011-05-04 2014-07-22 International Business Machines Corporation Key usage policies for cryptographic keys
US8755527B2 (en) 2011-05-04 2014-06-17 International Business Machines Corporation Key management policies for cryptographic keys
US8634561B2 (en) * 2011-05-04 2014-01-21 International Business Machines Corporation Secure key management
US8566913B2 (en) 2011-05-04 2013-10-22 International Business Machines Corporation Secure key management
US9003560B1 (en) * 2012-06-05 2015-04-07 Rockwell Collins, Inc. Secure enclosure with internal security components
US11132685B1 (en) 2020-04-15 2021-09-28 Capital One Services, Llc Systems and methods for automated identity verification

Family Cites Families (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4227253A (en) * 1977-12-05 1980-10-07 International Business Machines Corporation Cryptographic communication security for multiple domain networks
US4238853A (en) * 1977-12-05 1980-12-09 International Business Machines Corporation Cryptographic communication security for single domain networks
US4281216A (en) * 1979-04-02 1981-07-28 Motorola Inc. Key management for encryption/decryption systems
US4578531A (en) * 1982-06-09 1986-03-25 At&T Bell Laboratories Encryption system key distribution method and apparatus
US4590470A (en) * 1983-07-11 1986-05-20 At&T Bell Laboratories User authentication system employing encryption functions
US4972472A (en) * 1985-03-15 1990-11-20 Tandem Computers Incorporated Method and apparatus for changing the master key in a cryptographic system
US4731840A (en) * 1985-05-06 1988-03-15 The United States Of America As Represented By The United States Department Of Energy Method for encryption and transmission of digital keying data
GB8704920D0 (en) * 1987-03-03 1987-04-08 Hewlett Packard Co Secure messaging system
US4850017A (en) * 1987-05-29 1989-07-18 International Business Machines Corp. Controlled use of cryptographic keys via generating station established control values
US4888801A (en) * 1988-05-02 1989-12-19 Motorola, Inc. Hierarchical key management system
US4888802A (en) * 1988-06-17 1989-12-19 Ncr Corporation System and method for providing for secure encryptor key management
US4935961A (en) * 1988-07-27 1990-06-19 Gargiulo Joseph L Method and apparatus for the generation and synchronization of cryptographic keys
US5016277A (en) * 1988-12-09 1991-05-14 The Exchange System Limited Partnership Encryption key entry method in a microcomputer-based encryption system
US4965804A (en) * 1989-02-03 1990-10-23 Racal Data Communications Inc. Key management for encrypted packet based networks
US5048087A (en) * 1989-02-03 1991-09-10 Racal Data Communications Inc. Key management for encrypted packet based networks
US4956863A (en) * 1989-04-17 1990-09-11 Trw Inc. Cryptographic method and apparatus for public key exchange with authentication
US5138712A (en) * 1989-10-02 1992-08-11 Sun Microsystems, Inc. Apparatus and method for licensing software on a network of computers
US5148481A (en) * 1989-10-06 1992-09-15 International Business Machines Corporation Transaction system security method and apparatus
US5029206A (en) * 1989-12-27 1991-07-02 Motorola, Inc. Uniform interface for cryptographic services
US5173938A (en) * 1990-09-27 1992-12-22 Motorola, Inc. Key management system
US5247576A (en) * 1991-02-27 1993-09-21 Motorola, Inc. Key variable identification method
US5214698A (en) * 1991-03-20 1993-05-25 International Business Machines Corporation Method and apparatus for validating entry of cryptographic keys
US5200999A (en) * 1991-09-27 1993-04-06 International Business Machines Corporation Public key cryptosystem key management based on control vectors
US5241599A (en) * 1991-10-02 1993-08-31 At&T Bell Laboratories Cryptographic protocol for secure communications
US5179591A (en) * 1991-10-16 1993-01-12 Motorola, Inc. Method for algorithm independent cryptographic key management
US5265164A (en) * 1991-10-31 1993-11-23 International Business Machines Corporation Cryptographic facility environment backup/restore and replication in a public key cryptosystem
US5245658A (en) * 1992-01-06 1993-09-14 George Bush Domain-based encryption
JPH05281906A (ja) * 1992-04-02 1993-10-29 Fujitsu Ltd 暗号鍵共有方式
US5237611A (en) * 1992-07-23 1993-08-17 Crest Industries, Inc. Encryption/decryption apparatus with non-accessible table of keys
JP2519390B2 (ja) * 1992-09-11 1996-07-31 インターナショナル・ビジネス・マシーンズ・コーポレイション デ―タ通信方法及び装置
US5341426A (en) * 1992-12-15 1994-08-23 Motorola, Inc. Cryptographic key management apparatus and method
US5491752A (en) * 1993-03-18 1996-02-13 Digital Equipment Corporation, Patent Law Group System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens
US5390251A (en) * 1993-10-08 1995-02-14 Pitney Bowes Inc. Mail processing system including data center verification for mailpieces
US5454038A (en) * 1993-12-06 1995-09-26 Pitney Bowes Inc. Electronic data interchange postage evidencing system

Also Published As

Publication number Publication date
CA2172860C (en) 2000-05-16
EP0735720A2 (de) 1996-10-02
JP3881055B2 (ja) 2007-02-14
EP0735720A3 (de) 2000-05-24
JPH09167186A (ja) 1997-06-24
BR9601232A (pt) 1998-01-06
US5661803A (en) 1997-08-26
MX9601257A (es) 1997-09-30
CN1136512C (zh) 2004-01-28
CA2172860A1 (en) 1996-10-01
DE69636584T2 (de) 2007-06-21
CN1144942A (zh) 1997-03-12
EP0735720B1 (de) 2006-10-04

Similar Documents

Publication Publication Date Title
DE69636584D1 (de) Verfahren zur Schlüsselverteilung und Verifizierung in einem Schlüsselverwaltungssystem
DE69311581D1 (de) Verfahren und system zur authentifizierten sicheren schlüsselverteilung in einem kommunikationssystem
DE69330065T2 (de) Verfahren und System zur Schlüsselverteilung und Authentifizierung in einem Datenübertragungssystem
DE4496863T1 (de) Vorrichtung zur Schlüsselverteilung in einem Verschlüsselungssystem
DE69634318D1 (de) Verfahren und Vorrichtung zur Gebührenerfassung von Benutzern in einem Geheimübertragungssystem
DE69718195D1 (de) Vorrichtung und verfahren zur maskierung von latenzeffekten in einem nachrichtenverteilungssystem
DE69429793T2 (de) Verfahren und Gerät zur sicheren Namensverwaltung in einem objektorientierten System
DE69431703D1 (de) Verfahren und Einrichtung zur Schlüsselverteilung in einen selektiven Rundfunksystem
DE69628789D1 (de) System und Verfahren zur Schlüsselverteilung und zur Authentifizierung zwischen einem Host-Prozessor und einer tragbaren Vorrichtung
DE69312328D1 (de) System und verfahren zur änderung des schlüssels oder des kennwortes in einem kommunikationsnetzwerk mit schlüssel- verteilung
DE69635145D1 (de) Verfahren zur Erzeugung und Verwaltung eines privaten Schlüssels in einem kryptografischen System mit öffentlichem Schlüssel
DE69533854D1 (de) Einrichtung und Verfahren zur fehlertoleranten Schlüsselverwaltung
DE69940825D1 (de) Verfahren und vorrichtung zur belastungsverteilung in einem netzwerk
ATE202439T1 (de) Verschlüsselungseinrichtung und verfahren mit möglichkeit zur gesicherten zentralen schlüsselablage
DE69738504D1 (de) Verfahren und System zur Klassenspeicherung in einem Festspeicher
DE69500424D1 (de) Verfahren und gerät zur sicheren objektveränderung in einem verteilten system
DE69632746D1 (de) Verfahren und System zur interaktiven Programmführung
DE69825801D1 (de) Vorrichtung und Verfahren zur Ermöglichung gleichranginger Zugangskontrolle in einem Netz
DE69832721D1 (de) Verfahren und vorrichtung zur kommunikation in einem bündelfunksystem
DE69727253D1 (de) Verfahren und vorrichtung zur sychronisierten durchführung von konfigurationinformation in einem kommunikationssystem
DE69617509D1 (de) Vorrichtung und Verfahren zur Feststellung von Objekttypen in einem verteilten Objektsystem
DE69603180D1 (de) Verfahren und vorrichtung zur freispeicherverwaltung und zum datenstrukturintegritätsschutz in nichtflüchtigen speichern
DE69431426T2 (de) System und Verfahren zur Nachrichtenauthentisierung in einem nicht-schmiedbaren Kryptosystem mit öffentlichen Schlüssel
DE69628780D1 (de) Verfahren zur Erzeugung von sicheren Kästen in einem Schlüsselverwaltungssystem
DE69831874D1 (de) Verfahren und vorrichtung in einem telkommunikationssystem

Legal Events

Date Code Title Description
8364 No opposition during term of opposition