-
公开(公告)号:US12058113B2
公开(公告)日:2024-08-06
申请号:US16903873
申请日:2020-06-17
Applicant: Amazon Technologies, Inc.
Inventor: Nicholas Alexander Allen , Matthew J. Campagna
CPC classification number: H04L63/045 , H04L9/14 , H04L63/205
Abstract: A first computing system establishes a cryptographically protected communication session with a second computing system by proposing a hybrid cryptographic scheme. In response to the proposed hybrid cryptographic scheme, a second computing system transmits cryptographic materials to the first computing system, and the first computing system transmits cryptographic materials to the second computing system. Using the cryptographic materials, two or more cryptographic keys are derived. One cryptographic key is used to perform an inner cryptographic operation on one or more data items, and another cryptographic key is used to perform an outer cryptographic operation on the one or more data items that have been cryptographically protected by the inner cryptographic operation.
-
公开(公告)号:US12095909B1
公开(公告)日:2024-09-17
申请号:US16588918
申请日:2019-09-30
Applicant: Amazon Technologies, Inc.
Inventor: Matthew J. Campagna , Jin Peng , Jason Wrang
CPC classification number: H04L9/0866 , H04L9/0825 , H04L9/0869 , H04L9/0891
Abstract: A customer of a computing resource provider is associated with a key provided by a key management system. When the key is generated, a value is generated and encrypted with the key. In response to a detection of a trigger to re-encrypt the customer's key, the encrypted value is used to verify validity of the re-encrypted customer's key before committing it to storage and made available for use.
-
公开(公告)号:US20240340273A1
公开(公告)日:2024-10-10
申请号:US18745913
申请日:2024-06-17
Applicant: Amazon Technologies, Inc.
Inventor: Nicholas Alexander Allen , Matthew J. Campagna
CPC classification number: H04L63/045 , H04L9/14 , H04L63/205
Abstract: A first computing system establishes a cryptographically protected communication session with a second computing system by proposing a hybrid cryptographic scheme. In response to the proposed hybrid cryptographic scheme, a second computing system transmits cryptographic materials to the first computing system, and the first computing system transmits cryptographic materials to the second computing system. Using the cryptographic materials, two or more cryptographic keys are derived. One cryptographic key is used to perform an inner cryptographic operation on one or more data items, and another cryptographic key is used to perform an outer cryptographic operation on the one or more data items that have been cryptographically protected by the inner cryptographic operation.
-
-