1. Field of the Invention
This invention relates to securely controlling critical values or parameters behind a secure boundary. The controlling mechanism is a flexible, extendable, and non-forgeable block that details how values and parameters behind the secure boundary can be changed. The invention allows for one entity to execute a security function that will normally require extensive authorizations or dual or multiple control. In particular the invention provides a method, article, and system for the effective implementation for securely transferring symmetric encryption keys to remote devices, such as Automated Teller Machines (ATMs), PIN entry devices, and point of sale terminals. It may also be used to exchange symmetric keys with another cryptographic system of any type, such as a Host Security Module (HSM) in a computer server.
2. Description of the Related Art
Role based access control systems are used in computer operating systems and in numerous computer software products. The role based access control system is favored in many applications because of its efficiency in daily administration of user authorizations. In such a system an administrative role is required in order to maintain all other roles. The number of users that can hold the administrative role is usually reduced to a smaller group of people in an organization. This works well in daily operations, but in certain situations (such as emergencies) a user will require additional authorizations. Since administrators cannot be expected to be available at all times, this is usually handled by granting these authorizations permanently or by special user accounts with very broad authorizations that can be used in these situations. Neither of these approaches is attractive from a security perspective.
Automated Teller Machines (ATMs), PIN entry devices, and point of sale terminals have become a central feature of modern life and have become quite prevalent in and out of the work environment. For example, during the course of the day, a user may utilize an ATM to conduct financial transactions, purchase gas for an automobile from a point of sale terminal in the form of a fuel pump via a credit or debit card, and purchase food at the grocery store in a checkout line with a point of sale terminal also with a credit or debit card. In all these instances, security is a prime concern, and an individual's data (card number, passwords, account numbers, etc.) must be kept secure and out of reach from unintended parties. In addition, access to controls and machine settings must be secured. The securing of sensitive data is normally accomplished through the use of encryption or encoding of the data. Encrypted data is only supposed to be accessible to an intended party with use of an encryption key to decipher the encoded information. The widespread use of electronic transaction processing applications has increased the demands for improved features, ease of use, and improved security.
Remote Key Loading refers to the process of exchanging symmetric encryption keys with a remotely located device, such as an ATM, from a central administrative site. The process encompasses two phases of key distribution:                1. Distribution of initial key encrypting keys (KEKs) to a newly installed device. A KEK is a type of symmetric encryption key that is used to encrypt other keys so they can be securely transmitted over unprotected paths.        2. Distribution of operational keys or replacement KEKs, enciphered under a KEK currently installed in the device.        
A new ATM, when it is delivered from the manufacturer and being put into operation, has none of the affiliated bank's or service provider's security keys pre-installed. The process of getting the first key securely loaded in the ATM is a difficult one. Loading the first KEK into each ATM manually, in multiple cleartext key parts has typically been the security key loading process. In this process, two separate people must carry key part values to the ATM, and load them manually. Once inside the ATM, they are combined to form the actual KEK. In this manner, neither of the two people has the entire key, protecting the key value from disclosure or misuse. This method is labor-intensive and error-prone, making it expensive for the banks or service providers.
When an ATM is in operation, the bank or service provider can install new keys as needed by sending them enciphered under a KEK it installed at an earlier time. This is straightforward in concept, but the cryptographic architecture in the ATMs is often different from that of the host system sending the keys, and it is difficult to export the keys in a form understood by the ATM. For example, cryptographic architectures often enforce key usage restrictions, in which a key is bound to data describing limitations on how it can be used. The encoding of these restrictions and the method used to bind them to the key itself differs among cryptographic architectures, and it is often necessary to translate the format to that understood by the target device before a key can be transmitted. It is difficult to do this without reducing security in the system by making it possible to arbitrarily change key usage restrictions. The reduction in the level of security could potentially introduce holes that could permit misuse of the key management functions to attack the system.
The present invention is directed to addressing, or at least reducing the effects of, one or more of the problems set forth above, through the introduction of a new secure data structure called a trusted block. This disclosure describes a new and novel method for providing the necessary cryptographic functions to create and manage the special key forms needed for remote key distribution of this type. The invention described here also provides a mechanism through which the system owner can securely control these translations, preventing the majority of attacks that could be mounted by modifying usage restrictions.