Abstract: A general computing environment (GCE) determines request data comprising payload data and instruction data to use cryptographic functions in a secure computing environment (SCE). The SCE provides secure input and output devices, allowing secure presentation to a user and acquisition of user input. The SCE receives the request data and processes the payload data using the instructions in the instruction data to produce cryptographic output data. The request data may be determined using schemas that specify the formatting, grammar, and other attributes of data associated with a transaction that utilizes cryptographic functions. By using schemas and the request data, the SCE may support any protocol that uses the cryptographic functions supported by that SCE to compose cryptographic output. To enhance user comprehensibility and security, the SCE may securely replace some data with human readable text or images and present this as abstracted request data.

Abstract: Secure conditional transfer of cryptographic data allows transfer of cryptographically-based data from one party to another while mitigating failure of a counterparty to perform. A first party uses a first device to send a proposal to a second party's device. If the proposal is accepted, it is signed by the second device. A secure channel is established between the devices that also attests to their compliance during processing. Transaction identifiers associated with the proposal and other information are exchanged. Once exchanged, the first device creates and sends first transfer data (that may be signed) to the second device. The second device receives and determines the first transfer data is valid. In response, the second device creates and sends second transfer data (that may be signed) to the first device. If a communication or other failure prevents reciprocation by the second party, others may verify the transaction and confirm the failure.

Abstract: A secure device comprises a secure computing environment (SCE) that stores one or more cryptographic secrets, such as private keys, and is able to receive input from secure input devices such as a keypad or smartcard interface and provide output to secure output devices such as a secure display. The SCE provides safeguards against remote and physical exploits, erasing or rendering unusable the secrets in the event of actual or suspected exploit, protecting the secrets from compromise. The SCE may digitally sign internally generated messages or messages from an external device such as a smartphone. Message signing conditions may be checked and satisfied in the SCE before a digitally signed message is generated. Messages may be automatically signed if they satisfy specified conditions. The secure device may be used as part of a multisignature scheme in which a plurality of private keys are used to create a digital signature.