Secure key component and pin entry

Hewlett-Packard Development Company, L.P.

2018

Online Patent

Zugriff:

View record in USPTO Patent Grants (Volltext)

According to an example, secure key component and PIN entry may include receiving a communication from a smart card control device upon connection of the smart card control device with a secure key component and PIN entry apparatus. The communication may be related to storage of a key component on a smart card that is communicatively connectable to the apparatus. The key component may be related to a Master File Key (MFK) that is formed by using a plurality of key components including the key component. In response to the communication, the smart card may be prompted to generate the key component, or entry of the key component may be received based on actuation of a keypad of the apparatus. Further, the generated or received key component may be stored on the smart card upon connection of the smart card with the apparatus.

Titel:	Secure key component and pin entry
Autor/in / Beteiligte Person:	Hewlett-Packard Development Company, L.P.
Link:	View record in USPTO Patent Grants (Volltext)
Veröffentlichung:	2018
Medientyp:	Patent
Sonstiges:	Nachgewiesen in: USPTO Patent Grants Sprachen: English Patent Number: 9,917,696 Publication Date: March 13, 2018 Appl. No: 14/817978 Application Filed: August 04, 2015 Assignees: EntlT Software, LLC (Sunnyvale, CA, US) Claim: 1. A method comprising: receiving, by a user input apparatus comprising a physical processor, a communication from a smart card control device upon connection of the smart card control device with the user input apparatus, wherein the communication comprises a command to generate a key component on a smart card that is communicatively connected via an encrypted channel to the user input apparatus, wherein the key component is one of a plurality of key components to be used to form a Master File Key (MFK), the plurality of key components to be stored in a plurality of smart cards; in response to a receipt of the communication from the smart card control device, the user input apparatus sending to the smart card, via the encrypted channel, an encrypted command to generate the key component on the smart card; and in response to receiving the encrypted command from the user input apparatus via the encrypted channel, the smart card generating the key component to be stored in the smart card. Claim: 2. The method according to claim 1 , further comprising forming the Master File Key by applying an XOR operation to the plurality of key components stored in the plurality of smart cards. Claim: 3. The method according to claim 1 , further comprising: storing, by the user input apparatus, encrypted channel information; and using, by the user input apparatus, the stored encrypted channel information to establish the encrypted channel with the smart card. Claim: 4. The method according to claim 3 , further comprising: determining, by the user input apparatus, a status of the user input apparatus as being secure or insecure; and in response to a determination that the status of the user input apparatus is insecure, changing, by the user input apparatus the encrypted channel information on the user input apparatus to a user-defined value not equal to zero. Claim: 5. The method according to claim 4 , wherein determining, by the user input apparatus, the status of the user input apparatus as being secure or insecure further comprises: determining whether a contact part disposed on a first panel of the user input apparatus is disposed in an engaged or a disengaged position relative to another contact part disposed on a second panel of the user input apparatus; and in response to a determination that the contact part disposed on the first panel of the user input apparatus is disposed in the disengaged position relative to the another contact part disposed on the second panel of the user input apparatus, changing, by the user input apparatus, the encrypted channel information on the user input apparatus to the user-defined value. Claim: 6. The method according to claim 3 , further comprising: determining, by the user input apparatus, whether a power status of the user input apparatus is below a predetermined threshold; and in response to a determination that the power status of the user input apparatus is below the predetermined threshold, changing, by the user input apparatus, the encrypted channel information on the user input apparatus to a user-defined value not equal to zero. Claim: 7. The method according to claim 3 , further comprising: determining whether a front panel of the user input apparatus is in alignment with a back panel of the user input apparatus; and in response to a determination that the front panel of the user input apparatus is not in alignment with the back panel of the user input apparatus, changing, by the user input apparatus, the encrypted channel information on the user input apparatus to zero. Claim: 8. A user input apparatus comprising: a keypad for selection of numbers 0-9, and letters A-F for key component entry in hexadecimal notation; at least one physical processor; and a memory storing machine readable instructions that when executed by the at least one physical processor cause the at least one physical processor to: receive a communication from a smart card control device upon connection of the smart card control device with the user input apparatus, wherein the communication comprises a command to generate a key component on a smart card communicatively connected via an encrypted channel to the user input apparatus, wherein the key component is one of a plurality of key components to be used to form a Master File Key (MFK), the plurality of key components to be stored in a plurality of smart cards; in response to a receipt of the communication from the smart card control device, send to the smart card, via the encrypted channel, an encrypted command to generate the key component, the smart card to generate and store the key component responsive to the encrypted command received from the user input apparatus via the encrypted channel. Claim: 9. The user input apparatus according to claim 8 , further comprising a tamper proof seal on first and second panels of the user input apparatus, wherein the tamper proof seal is at least one of removable and breakable to provide a visual indication of tampering with the user input apparatus. Claim: 10. The user input apparatus according to claim 8 , further comprising machine readable instructions that when executed by the at least one physical processor further cause the at least one physical processor to: store encrypted channel information; and use the stored encrypted channel information to establish the encrypted channel with the smart card. Claim: 11. The user input apparatus according to claim 10 , further comprising machine readable instructions that when executed by the at least one physical processor further cause the at least one physical processor to: determine whether a contact part disposed on a first panel of the user input apparatus is disposed in an engaged or a disengaged position relative to another contact part disposed on a second panel of the user input apparatus; and in response to a determination that the contact part disposed on the first panel of the user input apparatus is disposed in the disengaged position relative to the another contact part disposed on the second panel of the user input apparatus, change the encrypted channel information on the user input apparatus to a user-defined value not equal to zero. Claim: 12. The user input apparatus according to claim 10 , further comprising machine readable instructions that when executed by the at least one physical processor further cause the at least one physical processor to: determine whether a power status of the user input apparatus is below a predetermined threshold; and in response to a determination that the power status of the user input apparatus is below the predetermined threshold, change the encrypted channel information on the user input apparatus to a user-defined value not equal to zero. Claim: 13. The user input apparatus according to claim 8 , further comprising machine readable instructions that when executed by the at least one physical processor further cause the at least one physical processor to: determine whether a front panel of the user input apparatus is in alignment with a back panel of the user input apparatus; and in response to a determination that the front panel of the user input apparatus is not in alignment with the back panel of the user input apparatus, change the encrypted channel information on the user input apparatus to zero. Claim: 14. The user input apparatus according to claim 8 , further comprising machine readable instructions that when executed by the at least one physical processor further cause the at least one physical processor to: access the plurality of key components from the plurality of smart cards; and generate the Master File Key using the plurality of key components. Claim: 15. A non-transitory computer readable medium having stored thereon machine readable instructions, the machine readable instructions, when executed, cause at least one physical processor of a user input apparatus to: receive, by the user input apparatus, a communication from a smart card control device upon connection of the smart card control device with the user input apparatus, wherein the communication comprises a command to generate a key component on a smart card that is communicatively connected via an encrypted channel to the user input apparatus, wherein the key component is one of a plurality of key components to be used to form a Master File Key (MFK), the plurality of key components to be stored in a plurality of smart cards; in response to a receipt of the communication from the smart card control device, send to the smart card, via the encrypted channel, an encrypted command to generate the key component, the smart card to generate and store the key component responsive to the encrypted command received from the user input apparatus via the encrypted channel. Claim: 16. The non-transitory computer readable medium according to claim 15 , further comprising machine readable instructions, when executed, further cause the at least one physical processor of the user input apparatus to: generate a prompt to enter a PIN prior to a transmission of the encrypted command to the smart card via the encrypted channel; verify the PIN to determine whether a user of the user input apparatus is an authorized user; and in response to a determination that the user of the user input apparatus is the authorized user, send the encrypted command to the smart card via the encrypted channel. Claim: 17. The non-transitory computer readable medium according to claim 15 , further comprising machine readable instructions, when executed, further cause the at least one physical processor of the user input apparatus to: determine whether a contact part disposed on a first panel of the user input apparatus is disposed in an engaged or a disengaged position relative to another contact part disposed on a second panel of the user input apparatus; and in response to a determination that the contact part disposed on the first panel of the user input apparatus is disposed in the disengaged position relative to the another contact part disposed on the second panel of the user input apparatus, change encrypted channel information on the user input apparatus to a user-defined value not equal to zero. Claim: 18. The non-transitory computer readable medium according to claim 17 , further comprising machine readable instructions, when executed, further cause the at least one physical processor of the user input apparatus to: use the encrypted channel information to establish the encrypted channel with the smart card. Claim: 19. The non-transitory computer readable medium according to claim 15 , further comprising machine readable instructions, when executed, further cause the at least one physical processor of the user input apparatus to: determine whether a front panel of the user input apparatus is in alignment with a back panel of the user input apparatus; and in response to a determination that the front panel of the user input apparatus is not in alignment with the back panel of the user input apparatus, change the encrypted channel information on the user input apparatus to zero. Claim: 20. The non-transitory computer readable medium according to claim 15 , further comprising machine readable instructions, when executed, further cause the at least one physical processor of the user input apparatus to: access the plurality of key components from the plurality of smart cards; and generate the Master File Key using the plurality of key components. Patent References Cited: 5768389 June 1998 Ishii ; 7269733 September 2007 O'Toole, Jr. ; 8966268 February 2015 Marien ; 2001/0036275 November 2001 Murakami ; 2004/0039503 February 2004 Doyle ; 2008/0022874 January 2008 Silverbrook ; 2010/0185863 July 2010 Rabin et al. ; 2010/0223403 September 2010 Chau ; 2010/0228683 September 2010 Ansley et al. ; 2010/0228996 September 2010 Ginter et al. ; 2014/0068246 March 2014 Hartley et al. Assistant Examiner: Callahan, Paul Primary Examiner: Shiferaw, Eleni

Klicken Sie ein Format an und speichern Sie dann die Daten oder geben Sie eine Empfänger-Adresse ein und lassen Sie sich per Email zusenden.

BibTeX Citavi, JabRef, u.a.
(Literaturverwaltung)

PDF kein Volltext!
(Merkzettel, Notizen)

RIS Endnote, Citavi u.a.
(Literaturverwaltung)

MODS
(XML zur Weiterverarbeitung)

oder

Wählen Sie das für Sie passende Zitationsformat und kopieren Sie es dann in die Zwischenablage, lassen es sich per Mail zusenden oder speichern es als PDF-Datei.

Gewünschter Zitations-Stil:

oder

Bitte prüfen Sie, ob die Zitation formal korrekt ist, bevor Sie sie in einer Arbeit verwenden. Benutzen Sie gegebenenfalls den "Exportieren"-Dialog, wenn Sie ein Literaturverwaltungsprogramm verwenden und die Zitat-Angaben selbst formatieren wollen.