A method for protecting secret keys, such as HDCP device key sets, during
the manufacturing process is disclosed. In particular, the present
invention comprises a method for securely sending and receiving data,
such as HDCP device key sets, for use in a cryptosystem. In operation, a
first party, referred to as a sender (107) is to send original data (106)
to a second party, referred to as a recipient (100). To facilitate the
secure transmission, the recipient (100) randomly generates (101) a
session key (102) and encrypts it with its private key-encryption key
(103). The recipient then securely sends both the encrypted and
unencrypted session keys to the sender. The sender (107) then encrypts
the original data (106) using the unencrypted session key (102) and
includes the encrypted data (108) along with the encrypted session key
(104) to the recipient (100). The recipient (100) then decrypts the
encrypted session key (104) using the private key-encryption key (103)
and then decrypts the original data (106).