Secure telecommunications

US 10,135,612 B1
Filed: 12/15/2016
Issued: 11/20/2018
Est. Priority Date: 04/14/2016
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

a processor configured to;

detect, on a first device, a re-keying event during a secure telecommunication;

in response to detecting the re-keying event, generate, by the first device, a second meeting key from ephemeral environmental noise from a kernel operation executing on the first device;

generate, by the first device, a second encryption key;

encrypt, by the first device, the second meeting key with the second encryption key; and

transmit, from the first device, the encrypted second meeting key to a subset of a plurality of participants of the secure telecommunication; and

a memory coupled to the processor and configured to provide the processor with instructions.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes techniques for configuring and participating in encrypted audio calls, audio conferences, video calls, and video conferences. In particular, a call initiator generates a meeting identifier and a first meeting key, which are encrypted using a first encryption key and distributed to one or more participants of the call. The one or more participants decrypt the meeting identifier and the first meeting key, and use that information to participate in the encrypted call. Further, participants respond to the encrypted communication data by encrypting their reply data with the first meeting key. The call initiator decrypts the reply data using the first meeting key.

100 Citations

View as Search Results

15 Claims

1. A system, comprising:
- a processor configured to;
  
  detect, on a first device, a re-keying event during a secure telecommunication;
  
  in response to detecting the re-keying event, generate, by the first device, a second meeting key from ephemeral environmental noise from a kernel operation executing on the first device;
  
  generate, by the first device, a second encryption key;
  
  encrypt, by the first device, the second meeting key with the second encryption key; and
  
  transmit, from the first device, the encrypted second meeting key to a subset of a plurality of participants of the secure telecommunication; and
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein the re-keying event includes at least one of one of the plurality of participants rejecting a request to join the secure telecommunication, one or more participants leaving the secure telecommunication, and one or more participants being removed from the secure telecommunication.
  - 3. The system of claim 1, wherein the processor is further configured to:
    - encrypt communication data intended for the secure telecommunication using the second meeting key after transmitting the encrypted second key to the subset of the plurality of participants.
  - 4. The system of claim 3, wherein the processor is further configured to:
    - transmit the communication data encrypted with the second meeting key to the subset of the plurality of participants.
  - 5. The system of claim 1, wherein the processor is further configured to:
    - encrypt the second encryption key with a key-encrypting key unique to each of the subset of participants;
      
      encrypt the encrypted second encryption key with a device key unique to each of the one or more receivers to produce a twice-encrypted second encryption key; and
      
      transmit the twice-encrypted second encryption key to the one or more receivers in the secure telecommunication request.

6. A method comprising:
- detecting, on a first device, a re-keying event during a secure telecommunication;
  
  in response to detecting the re-keying event, generating, by the first device, a second meeting key from ephemeral environmental noise from a kernel operation executing on the first device;
  
  generating, by the first device, a second encryption key;
  
  encrypting, by the first device, the second meeting key with the second encryption key; and
  
  transmitting, from the first device, the encrypted second meeting key to a subset of a plurality of participants of the secure telecommunication.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the re-keying event includes at least one of one of the plurality of participants rejecting a request to join the secure telecommunication, one or more participants leaving the secure telecommunication, and one or more participants being removed from the secure telecommunication.
  - 8. The method of claim 6, comprising:
    - encrypting communication data intended for the secure telecommunication using the second meeting key after transmitting the encrypted second key to the subset of the plurality of participants.
  - 9. The method of claim 8, comprising:
    - transmitting the communication data encrypted with the second meeting key to the subset of the plurality of participants.
  - 10. The method of claim 6, comprising:
    - encrypting the second encryption key with a key-encrypting key unique to each of the subset of participants;
      
      encrypting the encrypted second encryption key with a device key unique to each of the one or more receivers to produce a twice-encrypted second encryption key; and
      
      transmitting the twice-encrypted second encryption key to the one or more receivers in the secure telecommunication request.

11. A non-transitory computer-readable medium comprising instructions that, when executed by at least one processor, perform the steps of:
- detecting a re-keying event during a secure telecommunication;
  
  in response to detecting the re-keying event, generating a second meeting key from ephemeral environmental noise from a kernel operation executing on a first device;
  
  generating a second encryption key;
  
  encrypting the second meeting key with the second encryption key; and
  
  transmitting the encrypted second meeting key to a subset of a plurality of participants of the secure telecommunication.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer-readable medium of claim 11, wherein the re-keying event includes at least one of one of the plurality of participants rejecting a request to join the secure telecommunication, one or more participants leaving the secure telecommunication, and one or more participants being removed from the secure telecommunication.
  - 13. The non-transitory computer-readable medium of claim 11, comprising instructions for:
    - encrypting communication data intended for the secure telecommunication using the second meeting key after transmitting the encrypted second key to the subset of the plurality of participants.
  - 14. The non-transitory computer-readable medium of claim 13, comprising instructions for:
    - transmitting the communication data encrypted with the second meeting key to the subset of the plurality of participants.
  - 15. The non-transitory computer-readable medium of claim 11, comprising instructions for:
    - encrypting the second encryption key with a key-encrypting key unique to each of the subset of participants;
      
      encrypting the encrypted second encryption key with a device key unique to each of the one or more receivers to produce a twice-encrypted second encryption key; and
      
      transmitting the twice-encrypted second encryption key to the one or more receivers in the secure telecommunication request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wickr Inc. (Amazon.com, Inc.)
Original Assignee
Wickr Inc. (Amazon.com, Inc.)
Inventors
Leavy, Thomas Michael, Kasabwala, Dipakkumar R.
Primary Examiner(s)
Schwartz, Darren B

Application Number

US15/381,095
Time in Patent Office

705 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0876   based on the identity of th...

H04L 63/18   using different networks or...

H04L 65/1069   Session establishment or de...

H04L 9/0643   Hash functions, e.g. MD5, S...

H04L 9/0822   using key encryption key

H04L 9/0833   involving conference or gro...

H04L 9/0861   Generation of secret inform...

H04L 9/0891   Revocation or update of sec...

H04L 9/3066   involving algebraic varieti...

H04N 7/147   Communication arrangements,...

H04N 7/15   Conference systems

H04W 12/033   of the user plane, e.g. use...

H04W 12/041   Key generation or derivation

H04W 12/69   Identity-dependent

Secure telecommunications

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

100 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Secure telecommunications

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others