公开(公告)号：US20160004884A1

公开(公告)日：2016-01-07

申请号：US14792572

申请日：2015-07-06

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Jerrold V. Hauck ,  Mitchell D. Adler

IPC: G06F21/64 ,  H04L9/08

CPC classification number: H04L9/0894 ,  G06F21/00 ,  G06F21/33 ,  G06F21/445 ,  G06F21/606 ,  G06F21/6245 ,  G06F21/64 ,  H04L9/0861 ,  H04L63/0428 ,  H04L63/0442 ,  H04L63/06 ,  H04L63/062 ,  H04L63/08 ,  H04L63/101

Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.

Abstract translation: 一种通过使用一组服务器将第一设备的机密信息项恢复到第二设备的方法。 该方法生成公钥和私钥对，并在生成公钥和私钥时将私钥与服务器的可执行代码的哈希值相关联。 该方法在用用户特定的密钥和公钥加密的安全对象中接收加密的机密信息项。 当第二设备提供与加密安全对象的密钥相同的用户特定密钥时，该方法仅向第二设备提供机密信息，并且在访问私钥以解密时提供服务器的可执行代码的散列 安全对象匹配在生成私钥时在服务器上运行的可执行代码的散列。

公开(公告)号：US09106411B2

公开(公告)日：2015-08-11

申请号：US13767847

申请日：2013-02-14

Applicant: Apple Inc.

Inventor： Dallas B. De Atley ,  Jerrold V. Hauck ,  Mitchell D. Adler

IPC: G06F21/62 ,  H04L9/08 ,  G06F21/00 ,  H04L29/06 ,  G06F17/40

CPC classification number: H04L9/0894 ,  G06F21/00 ,  G06F21/33 ,  G06F21/445 ,  G06F21/606 ,  G06F21/6245 ,  G06F21/64 ,  H04L9/0861 ,  H04L63/0428 ,  H04L63/0442 ,  H04L63/06 ,  H04L63/062 ,  H04L63/08 ,  H04L63/101

Abstract: A method of restoring confidential information items of a first device to a second device by using a set of servers. The method generates a public and private key pair and ties the private key to the hash of executable code of the servers at the time of generating the public and private keys. The method receives the encrypted confidential information items in a secure object which is encrypted with a user-specific key and the public key. The method only provides the confidential information to the second device when the second device provides the same user-specific key as the key that encrypts the secure object and the hash of the executable code of the servers at the time of accessing the private key to decrypt the secure object matches the hash of the executable code running on the servers at the time of generating the private key.

Abstract translation: 一种通过使用一组服务器将第一设备的机密信息项恢复到第二设备的方法。 该方法生成公钥和私钥对，并在生成公钥和私钥时将私钥与服务器的可执行代码的哈希值相关联。 该方法在用用户专用密钥和公开密钥加密的安全对象中接收加密的机密信息项。 当第二设备提供与加密安全对象的密钥相同的用户特定密钥时，该方法仅向第二设备提供机密信息，并且在访问私钥以解密时提供服务器的可执行代码的散列 安全对象匹配在生成私钥时在服务器上运行的可执行代码的散列。

公开(公告)号：US09077759B2

公开(公告)日：2015-07-07

申请号：US13839084

申请日：2013-03-15

Applicant: Apple Inc.

Inventor： Michael Brouwer ,  Dallas B. De Atley ,  Mitchell D. Adler

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/62 ,  G06F21/60

CPC classification number: G06F21/6263 ,  G06F17/30581 ,  G06F21/606 ,  G06F21/62 ,  H04L9/0816 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/10 ,  H04L63/166 ,  H04L63/20 ,  H04L67/104 ,  H04L67/1095 ,  H04L67/1097 ,  H04L2209/24

Abstract: Some embodiments provide a program that synchronizes a keychain stored on a device with a set of other devices. The keychain includes a set of keychain items. The program receives (1) a list of keychain items for updating the keychain stored on the device and (2) data representing the keychain items specified in the list of keychain items. For each keychain item in the list of keychain items, the program updates the keychain stored on the device with the data that represents the keychain item.

Abstract translation: 一些实施例提供了将存储在设备上的钥匙串与一组其他设备同步的程序。 钥匙扣包括一套钥匙扣项目。 程序接收（1）用于更新存储在设备上的钥匙串的钥匙串项的列表，以及（2）表示钥匙串项目列表中指定的钥匙串项的数据。 对于钥匙串项列表中的每个钥匙串项，程序使用代表钥匙串项的数据来更新存储在设备上的钥匙串。

公开(公告)号：US20140281540A1

公开(公告)日：2014-09-18

申请号：US13839050

申请日：2013-03-15

Applicant: Apple Inc.

Inventor： Michael Brouwer ,  Dallas B. De Atley ,  Mitchell D. Adler

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/061 ,  G06F17/30174 ,  G06F17/30575 ,  H04L9/12 ,  H04L9/3247 ,  H04L12/185 ,  H04L12/44 ,  H04L63/062 ,  H04L63/065 ,  H04L63/068 ,  H04L63/104 ,  H04L67/104 ,  H04L67/1042 ,  H04L67/1095 ,  H04L2209/122 ,  H04W84/18

Abstract: Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.

Abstract translation: 一些实施例提供了一种非暂时机器可读介质，其存储当设备的至少一个处理单元执行时将存储在设备上的一组密钥链与一组其他设备同步的程序。 设备和其他设备的集合通过对等（P2P）网络彼此通信地耦合。 该程序接收对存储在设备上的一组钥匙串中的钥匙串的修改。 该程序为该组其他设备中的每个设备生成更新请求，以便将存储在设备上的一组密钥链与该组其他设备同步。 该程序通过一组独立的安全通信信道通过P2P网络将该组更新请求发送到其他设备的集合。