DCT
2:17-cv-00282
No Magic Inc v. Atos It Solutions Services Inc
I. Executive Summary and Procedural Information
- Parties & Counsel:
- Plaintiff: No Magic, Inc. (Wyoming)
- Defendant: Atos IT Solutions and Services, Inc. (Delaware) and Bull HN Information Systems, Inc. (Delaware)
- Plaintiff’s Counsel: Albritton Law Firm; DiNovo Price Ellwanger & Hardy LLP
- Case Identification: 2:17-cv-00282, E.D. Tex., 04/07/2017
- Venue Allegations: Plaintiff alleges venue is proper, noting that Defendant Atos IT Solutions and Services, Inc. maintains a regional headquarters in Irving, Texas, within the state.
- Core Dispute: Plaintiff alleges that Defendants’ hardware security modules (HSMs) and associated key management software infringe a patent related to methods and systems for securing cryptographic keys.
- Technical Context: The technology involves cryptographic systems that first confirm a key is secure before enabling other functions like data encryption, a process central to the operation of HSMs used in banking, e-commerce, and other high-security applications.
- Key Procedural History: The complaint appears to be the first legal action involving the patent-in-suit and the parties, as no prior litigation, licensing history, or post-grant proceedings are mentioned.
Case Timeline
| Date | Event |
|---|---|
| 2001-06-01 | ’552 Patent Priority Date |
| 2014-07-04 | Date of "Crypt2Pay/Crypt2Protect HR Security Policy" document |
| 2015-01-06 | ’552 Patent Issue Date |
| 2017-04-07 | Complaint Filing Date |
II. Technology and Patent(s)-in-Suit Analysis
U.S. Patent No. 8,929,552, Electronic Information and Cryptographic Key Management System, issued January 6, 2015
The Invention Explained
- Problem Addressed: The patent describes a security risk in conventional cryptographic systems where critical functions (like encrypting data) might be performed before the system has fully secured the associated cryptographic key. If the key is not properly saved or is compromised during this process, the data it is meant to protect becomes vulnerable. ('552 Patent, col. 5:1-8).
- The Patented Solution: The invention proposes a procedural safeguard: a system architecture where a dedicated key management system first secures a cryptographic key and then "separately affirmatively confirm[s]" that the key has been properly secured. Only after receiving this confirmation does the system enable other functions, such as encrypting the electronic information associated with that key. This acts as a gatekeeper, ensuring the key is safe before the data is processed. ('552 Patent, Abstract; col. 8:10-24; Fig. 4).
- Technical Importance: This approach introduces a distinct verification step into the cryptographic workflow, aiming to close a potential timing vulnerability and enhance the integrity of key management operations. ('552 Patent, col. 5:9-17).
Key Claims at a Glance
- The complaint asserts independent claims 1, 16, and 17, as well as dependent claim 4. (Compl. ¶20).
- Independent Claim 1 (Method):
- associating a cryptographic key with electronic information;
- securing the key via a "first functionality" (which includes encrypting it in a secure socket layer during transmission and saving it to a key management system);
- "separately affirmatively confirming" the key has been secured via a "second functionality apart and independent from said first functionality";
- enabling a function responsive to the confirmation; and
- securing the electronic information.
- Independent Claim 16 (System):
- An electronic information securement system with a "securement functionality";
- A cryptographic key management system with a "separate affirmative confirmation functionality";
- At least one client system communicatively coupled to the key management system.
- Independent Claim 17 (System):
- An electronic information securement system with a "securement functionality";
- A cryptographic key management system with a "separate affirmative confirmation functionality";
- At least one electronic information storage system communicatively coupled to the key management system.
- The complaint reserves the right to assert additional dependent claims. (Compl. ¶20).
III. The Accused Instrumentality
Product Identification
The accused instrumentalities are Defendants' "TrustWay Proteccio HSM family" (including NetHSM and OEM-HSM models), "Crypt2pay and Crypt2Protect HSMs," and the associated "Bull Key Management Center ('KMC')" software. (Compl. ¶11).
Functionality and Market Context
These products are hardware security modules (HSMs) and management software designed to provide high-assurance cryptographic services, including secure key generation, storage, access control, and cryptographic acceleration. (Compl. ¶11). The complaint alleges that these products work by associating a cryptographic key with information, securing that key, and upon confirmation of its securement, enabling other cryptographic functions. (Compl. ¶11). A promotional diagram included in the complaint shows the "TrustWay Proteccio HSM" offering functionalities like "Key storage," "Encryption," and "DB encryption," managed by a user-friendly application. (Compl. p. 4). Another diagram for "crypt2pay functions" depicts a central "Key Management Centre" orchestrating various security operations. (Compl. p. 5).
IV. Analysis of Infringement Allegations
’552 Patent Infringement Allegations
| Claim Element (from Independent Claim 1) | Alleged Infringing Functionality | Complaint Citation | Patent Citation |
|---|---|---|---|
| associating at least one cryptographic key with electronic information | Defendants' products associate a cryptographic key with information to be secured; the Bull KMC defines key attributes and saves them with encrypted key values. | ¶11; p. 11 | col. 8:63-64 |
| securing said at least one cryptographic key by a first functionality, wherein said step...comprises encrypting said at least one cryptographic key in a secure socket layer during transmission and saving said at least one cryptographic key to at least one cryptographic key management system | The accused HSMs provide "secure cryptographic storage" and communicate using TLS (the successor to SSL); the KMC stores keys in a database. | ¶11; p. 11 | col. 16:23-30 |
| separately affirmatively confirming that said step of securing at least one cryptographic key has been appropriately accomplished by a second functionality apart and independent from said first functionality... | The complaint alleges that "Once the securement of the cryptographic key is confirmed, the accused products enable subsequent cryptographic or data processing functions." | ¶11 | col. 16:30-38 |
| enabling a function responsive to said step of confirming that said step of securing at least one cryptographic key has been appropriately accomplished | After the alleged confirmation, the accused products "enable subsequent cryptographic or data processing functions," such as data encryption or authorization. | ¶11 | col. 16:39-44 |
| and securing electronic information | The accused products perform cryptographic operations to secure electronic information, such as database encryption. A diagram from Defendant's materials describes a "Trusted path" for key management. | ¶11; p. 11 | col. 16:45-48 |
Identified Points of Contention
- Technical Questions: A central question will be what evidence supports the allegation that the accused products perform a "separately affirmatively confirming" step. The complaint asserts this happens (Compl. ¶11), but does not provide technical details on how the accused products perform a confirmation that is "apart and independent" from the initial act of securing the key. The functionality of a system returning a success/fail status after a command may be argued as different from the distinct, two-part process described in the patent claim.
- Scope Questions: The dispute may turn on the interpretation of "second functionality apart and independent from said first functionality." The court will need to determine whether this language requires a structurally separate hardware or software module for confirmation, or if it can be read on a multi-step software routine within a single component.
V. Key Claim Terms for Construction
- The Term: "separately affirmatively confirming ... by a second functionality apart and independent from said first functionality" (Claim 1)
- Context and Importance: This phrase captures the core inventive concept and is the lynchpin of the infringement allegation. Its construction will determine whether the operational flow of the accused HSMs can meet the claim limitations. Practitioners may focus on this term because the plaintiff's case depends on proving the accused products perform this specific two-part, gated process, while the defense will likely argue the products perform a more integrated, monolithic function.
- Intrinsic Evidence for Interpretation:
- Evidence for a Broader Interpretation: The patent states that confirmation "may occur through electrical or other communication between the cryptographic key management system ... and the cryptography system" ('552 Patent, col. 8:48-52), which a plaintiff could argue encompasses standard status signals or handshakes between system components.
- Evidence for a Narrower Interpretation: The repeated use of "separately," "apart," and "independent" ('552 Patent, col. 16:30-34) suggests a deliberate and meaningful separation between the action of securing and the action of confirming. A defendant may argue this requires more than a simple acknowledgment and points to a distinct, segregated verification process, consistent with the patent's goal of overcoming the flaws of prior art systems. ('552 Patent, col. 5:1-8).
VI. Other Allegations
- Indirect Infringement: The complaint alleges inducement by asserting that Defendants provide instructional materials, product manuals, and technical documents that instruct and encourage customers to use the accused products in an infringing manner. (Compl. ¶¶ 13, 25). It further alleges contributory infringement, stating the products are "specifically designed to perform the claimed functionality" and are not staple articles of commerce with substantial non-infringing uses. (Compl. ¶¶ 15, 27).
- Willful Infringement: The willfulness claim is based on alleged knowledge of the ’552 patent from the date of service of the complaint forward. (Compl. ¶23).
VII. Analyst’s Conclusion: Key Questions for the Case
- A core issue will be one of claim construction and proof: How will the court construe the phrase "separately affirmatively confirming...by a second functionality apart and independent," and can the plaintiff produce technical evidence demonstrating that the accused HSMs perform this specific, two-part verification process, as opposed to a single, integrated "secure-and-report" function?
- A second key question will relate to indirect infringement: Assuming the plaintiff establishes direct infringement by end-users, what evidence within Defendants' instructional and marketing materials (referenced in Compl. p. 7 and p. 11) specifically directs users to configure and operate the systems in a manner that satisfies all steps of the asserted claims, particularly the novel "confirmation" step?