Patent Number: 6,311,270

Title: Method and apparatus for securing communication utilizing a security processor

Abstract: A method is provided for communicating digital content between a content provider and a data processing system which is under the control of a content consumer, utilizing an insecure communication channel, such as the internet. A security processor is provided. The security processor is communicative coupled to the data processing system of the consumer. The security processor receives and preprocesses encrypted digital content received from the insecure communication channel. The security processor includes a central processing unit for executing program instructions contained in digital content. The security processor includes a shared-secret decryption engine for receiving encrypted content and for utilizing a shared-secret key for producing decrypted digital content. Furthermore, the security processor includes a memory means for maintaining securely the shared-secret key within the security processor. This memory means is preferably secure from reverse engineering, whether electrical reverse engineering or mechanical reverse engineering. A security program is provided which is loaded onto the security processor and which is executable by the security processor. The security program includes a shared-secret encryption engine for receiving input and for utilizing the shared-secret key to produce cypheroutput based upon the input. The security program further includes a public key-private key decryption engine for receiving an encrypted input and utilizing a known public key and a private key to generate a decrypted output. Communications over the insecure communication channel between the content provider and the security processor are conducted utilizing the public key-private key algorithm, while communications between the security program and the security processor are conducted utilizing the shared-secret encryption protocol.

Inventors: Challener; David Carroll (Raleigh, NC), Desai; Dhruv Manmohandas (Cary, NC), Rohatgi; Pankaj (Hartsdale, NY), Safford; David Robert (Brewster, NY)

Assignee: International Business Machines Corporation

International Classification: H04L 29/06 (20060101); H04L 9/28 (20060101); H04L 9/30 (20060101); G06F 001/24 ()

Expiration Date: 10/30/2018