OPTIMIZED KEY MANAGEMENT FOR DATA SIGNING SYSTEMS

OPTIMIZED KEY MANAGEMENT FOR DATA SIGNING SYSTEMS

A system and method for providing a providing security credential is disclosed. In one embodiment, the method comprises accepting a request to generate at least one key in an online data signing system; generating, in a hardware security module communicatively coupled to the online data signing syst...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Chan, Tat Keung, Medvinsky, Alexander, Yao, Ting
Format: Patent
Sprache:eng
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:A system and method for providing a providing security credential is disclosed. In one embodiment, the method comprises accepting a request to generate at least one key in an online data signing system; generating, in a hardware security module communicatively coupled to the online data signing system, a first key K1 as a temporary object; encrypting, by the hardware security module, the first key K1 according to a wrapping key Kw to produce an encrypted first key EKw[K1]; storing the encrypted first key; and providing a second key K2 associated with the first key K1 to a user device communicatively coupled to the online data signing system.