发明名称 |
DEVICE-BASED PIN AUTHENTICATION PROCESS TO PROTECT ENCRYPTED DATA |
摘要 |
Techniques are disclosed for providing a device-based PIN authentication process used to protect encrypted data stored on a computing system, such as a tablet or mobile device. A client component and a server component each store distinct cryptographic keys needed to access encrypted data on the client. The mobile device stores a vault encryption key used to decrypt encrypted sensitive data stored on the mobile device. The vault key is encrypted using a first encryption key and stored on the mobile device. The first encryption key is itself encrypted using a second encryption key. The second encryption key is derived from the PIN value. |
申请公布号 |
US2015178515(A1) |
申请公布日期 |
2015.06.25 |
申请号 |
US201314139204 |
申请日期 |
2013.12.23 |
申请人 |
Symantec Corporation |
发明人 |
COOLEY Shaun;POWELL Brian;CHILLAPPA Srinivas;LO Michael W.;KAMSALA Mahesh |
分类号 |
G06F21/62;H04L29/06 |
主分类号 |
G06F21/62 |
代理机构 |
|
代理人 |
|
主权项 |
1. A computer-implemented method for securely storing encrypted data on a computing device, the method comprising:
receiving a data encryption key, wherein the data encryption key is used to encrypt data on the computing device; encrypting the data encryption key using a first encryption key; storing the encrypted data encryption key on the computing device; encrypting the first encryption key using a second encryption key, wherein the second encryption key is derived from a user-supplied value entered on the computing device; and sending the encrypted first encryption key to a remote server. |
地址 |
Mountain View CA US |