中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

4 records (took 0.012 seconds)

    MULTI-NODE EXPANDABLE CRYPTOGRAPHIC PROCESSING SYSTEM
    1.
    发明公开
    MULTI-NODE EXPANDABLE CRYPTOGRAPHIC PROCESSING SYSTEM 审中-公开

    公开(公告)号:US20240179000A1

    公开(公告)日:2024-05-30

    申请号:US18060159

    申请日:2022-11-30

    Applicant: MOTOROLA SOLUTIONS, INC.

    Inventor: Brian W. Pruss Amalendu Roy Brent A. Veltkamp

    IPC: H04L9/08

    CPC classification number: H04L9/0897 H04L9/0877 H04L2209/12

    Abstract: A system for securely managing a plurality of hardware security modules (HSMs). One example provides a host device, a first HSM, and a second HSM. The host device is configured to designate the first HSM as a primary HSM, and activate a security association mode in the primary HSM. The first HSM is configured to generate a multi-HSM exchange key (“MEK”), and encrypt the MEK using a temporary key generated with a key agreement protocol between the first HSM and the second HSM. The first HSM shares the encrypted MEK with the second HSM via the host device. The host device deactivates the security association mode, and the first HSM receives a traffic encryption key (“TEK”). The first HSM encrypts the TEK using the MEK, and shares the encrypted TEK with the second HSM via the host device. The second HSM decrypts the TEK using the MEK.

    Device, system and method for installing encrypted data
    2.
    发明授权
    Device, system and method for installing encrypted data 有权

    公开(公告)号:US11113424B2

    公开(公告)日:2021-09-07

    申请号:US16405454

    申请日:2019-05-07

    Applicant: MOTOROLA SOLUTIONS, INC.

    Inventor: Brian W. Pruss Ellis A. Pinder Thomas S. Messerges

    IPC: H04L9/08 G06F21/78 H04L29/06 G06F21/57

    Abstract: A device, system and method for installing encrypted data are provided. A device includes a processor comprising: immutable memory storing preconfigured trust anchor data; and a module storing preconfigured non-exportable data. The processor is configured to: receive an encrypted common protection key, encrypted using a manufacturing protection key, and an encrypted distribution private key, encrypted using a common protection key; obtain the manufacturing protection key using the preconfigured trust anchor data and the preconfigured non-exportable data; decrypt the encrypted common protection key using the manufacturing protection key to obtain the common protection key; decrypt the encrypted distribution private key using the common protection key to obtain a distribution private key; receive an encrypted data package including image-at-rest data encrypted with an image-at-rest key, the encrypted data package including encryption data for obtaining the image-at-rest key using the distribution private key; and install the encrypted data package at the memory.

    Multi-node expandable cryptographic processing system
    3.
    发明授权
    Multi-node expandable cryptographic processing system 有权

    公开(公告)号:US12192353B2

    公开(公告)日:2025-01-07

    申请号:US18060159

    申请日:2022-11-30

    Applicant: MOTOROLA SOLUTIONS, INC.

    Inventor: Brian W. Pruss Amalendu Roy Brent A. Veltkamp

    IPC: H04L29/06 H04L9/08

    Abstract: A system for securely managing a plurality of hardware security modules (HSMs). One example provides a host device, a first HSM, and a second HSM. The host device is configured to designate the first HSM as a primary HSM, and activate a security association mode in the primary HSM. The first HSM is configured to generate a multi-HSM exchange key (“MEK”), and encrypt the MEK using a temporary key generated with a key agreement protocol between the first HSM and the second HSM. The first HSM shares the encrypted MEK with the second HSM via the host device. The host device deactivates the security association mode, and the first HSM receives a traffic encryption key (“TEK”). The first HSM encrypts the TEK using the MEK, and shares the encrypted TEK with the second HSM via the host device. The second HSM decrypts the TEK using the MEK.

Patent Agency Ranking