公开(公告)号：US07916871B2

公开(公告)日：2011-03-29

申请号：US11708750

申请日：2007-02-21

申请人： George M. Brookner ,  Lorenz R. Frey

发明人： George M. Brookner ,  Lorenz R. Frey

IPC分类号： H04L9/08 ,  H04L29/12

CPC分类号： H04L9/085

摘要： In a secure cryptographic environment, a private key in a private/public key cryptographic scheme needs to be backed up and recovered in case of a loss or corruption of the private key. To back up the private key, multiple key segments are generated based on the private key which are distributed to a corresponding number of trusted individuals, each of whom has knowledge of only his or her key segment. The key can be restored only when all of the trusted individuals provide the respective key segments, based on which the original private key is reconstructed. In addition, each trusted individual is uniquely identifiable by a personal identification number. Advantageously, the private key which is secret can be backed up and restored without any individual having knowledge of the full key.

摘要翻译： 在安全加密环境中，私钥/公钥加密方案中的私钥需要在私钥丢失或损坏的情况下进行备份和恢复。 为了备份私钥，基于私钥生成多个密钥段，这些私钥分配给相应数量的可信任个体，每个人只知道他或她的密钥段。 只有当所有受信任的个体提供相应的密钥段时，才能恢复密钥，基于其重建原始私有密钥。 此外，每个受信任的个人可以通过个人识别号码唯一地标识。 有利地，秘密的私钥可以被备份和恢复，而没有任何个人知道完整的密钥。

公开(公告)号：US07716491B2

公开(公告)日：2010-05-11

申请号：US11077659

申请日：2005-03-11

申请人： George M. Brookner ,  Lorenz R. Frey

发明人： George M. Brookner ,  Lorenz R. Frey

IPC分类号： H04K1/00

CPC分类号： G07F7/1008 ,  G06Q20/3558 ,  G07F7/1025

摘要： A method for securely generating a PIN comprises generating a number of random binary bits; determining the least significant bits of the number of bits; converting the least significant bits to a decimal integer; shifting the value of the integer by a predetermined constant to produce a shifted integer; and encoding the shifted integer as bits in a PIN block in accordance with a standard. A method for managing security of a PIN used to provide access to a secure device comprising choosing the PIN; storing an encrypted version of the PIN in the device; and communicating the PIN to a user of the device via a communication channel separate and apart from a channel reset to provide the device to the user. A method for resetting a PIN in a secure device comprising sending a message to a data center having an original PIN for the device, the message including authorization data indicative of at least one of the device and an authorized user of the device, and securely communicating the original PIN to the location of the device.

摘要翻译： 用于安全地生成PIN的方法包括生成多个随机二进制位; 确定位数的最低有效位; 将最低有效位转换为十进制整数; 将整数值移动预定常数以产生移位整数; 并根据标准将移位的整数编码为PIN块中的比特。 一种用于管理用于提供对安全设备的访问的PIN的安全性的方法，包括选择所述PIN; 将所述PIN的加密版本存储在所述设备中; 以及经由与信道复位分离的通信信道将PIN传送到设备的用户，以将设备提供给用户。 一种用于在安全设备中重置PIN的方法，包括向具有所述设备的原始PIN的数据中心发送消息，所述消息包括指示所述设备中的至少一个设备和所述设备的授权用户的安全通信 原始的PIN到设备的位置。