Confidential communication management
First Claim
1. A client computer comprising:
- a memory that stores computer-executable instructions; and
one or more hardware processors configured to access the memory and execute the computer-executable instructions to implement a method comprising;
determining a client key pair comprising a client private key and a client public key;
determining a protected server key identifier associated with a server computer, the protected server key identifier encrypted by a server identifier encryption key maintained by the server computer, the protected server key identifier usable by the server computer to validate a server key identifier associated with a server private key;
identifying the server public key associated with the protected server key identifier;
generating a shared secret using the server public key and the client private key;
encrypting message data using the shared secret to obtain encrypted message data; and
sending, to the server computer, a message including the encrypted message data, the protected server key identifier, and the client public key.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for confidential communication management. For example, a client computer can determine a client key pair comprising a client private key and a client public key. The client computer can further determine a protected server key identifier, identify a server public key associated with the protected server key identifier, and generating a shared secret using the server public key and the client private key. The client computer can further encrypt message data using the shared secret and sending, to a server computer, a message including the encrypted message data, the protected server key identifier, and the client public key. The protected server key identifier can be associated with the server computer and can be usable by the server computer to identify a server private key to be used in decrypting the encrypted message data.
-
Citations
20 Claims
-
1. A client computer comprising:
-
a memory that stores computer-executable instructions; and one or more hardware processors configured to access the memory and execute the computer-executable instructions to implement a method comprising; determining a client key pair comprising a client private key and a client public key; determining a protected server key identifier associated with a server computer, the protected server key identifier encrypted by a server identifier encryption key maintained by the server computer, the protected server key identifier usable by the server computer to validate a server key identifier associated with a server private key; identifying the server public key associated with the protected server key identifier; generating a shared secret using the server public key and the client private key; encrypting message data using the shared secret to obtain encrypted message data; and sending, to the server computer, a message including the encrypted message data, the protected server key identifier, and the client public key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A server computer comprising:
-
a memory that stores computer-executable instructions; and one or more hardware processors configured to access the memory and execute the computer-executable instructions to implement a method comprising; determining a server key identifier corresponding to a server private key and a server public key; encrypting the server key identifier using a server identifier encryption key maintained by the server computer to obtain a protected server key identifier; generating a shared secret using a client public key obtained from a client computer and the server private key; encrypting message data using the shared secret to determine encrypted message data, wherein the message data includes the protected server key identifier; and sending, to the client computer, a message including the encrypted message data, the protected server key identifier being decryptable using the server identifier encryption key, the protected server key identifier usable by the server computer to validate the server key identifier. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A client computer comprising:
-
a memory that stores computer-executable instructions; and one or more hardware processors configured to access the memory and execute the computer-executable instructions to implement a method comprising; receiving, from a server, a message including encrypted message data and a protected client key identifier, the protected client key identifier encrypted by a client identifier encryption key maintained by the client computer, the protected client key identifier usable by the client computer to validate a client key identifier associated with a client private key; determining the client private key associated with the protected client key identifier; decrypting the encrypted message data using the client private key and a server public key to obtain message data and a protected server key identifier; and storing the protected server key identifier in association with the server public key. - View Dependent Claims (18, 19, 20)
-
Specification