US 11,811,950 B1
Dynamic response signing capability in a distributed system
Gregory Branchek Roth, Seattle, WA (US); and Eric Jason Brandwine, Haymarket, VA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Dec. 21, 2022, as Appl. No. 18/086,588.
Application 18/086,588 is a continuation of application No. 16/440,899, filed on Jun. 13, 2019, granted, now 11,546,169.
Application 16/440,899 is a continuation of application No. 14/318,457, filed on Jun. 27, 2014, granted, now 10,326,597, issued on Jun. 18, 2019.
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/3247 (2013.01) [H04L 9/0836 (2013.01); H04L 9/0841 (2013.01)] 19 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
obtaining an indication at a first computer system that a request digital signature matches a request, the indication obtained from an authentication system with access to cryptographic material that is inaccessible to the first computer system and used to derive a cryptographic key obtained in response to the indication; generating a digital signature for a response to the request and the request digital signature that matches the request based at least in part on an ordered plurality of derivation parameters and by performing one or more cryptographic operations;
and using a second cryptographic key different from and associated with the cryptographic key obtained in response to the indication, to verify the request digital signature, the second cryptographic key being derived from the cryptographic material, the cryptographic key is operable to sign the second cryptographic key.