Keychain syncing

US 10,218,685 B2
Filed: 11/10/2015
Issued: 02/26/2019
Est. Priority Date: 01/18/2013
Status: Active Grant

First Claim

Patent Images

1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a first peer device synchronizes a set of keychain items stored in a keychain on the first peer device with sets of keychain items stored in keychains on a plurality of other peer devices, each keychain item comprising a keychain item identifier and a plurality of attributes, the first peer device and the plurality of other peer devices communicatively coupled to one another through a network, the first peer device locally storing, for each other peer device in the plurality of other peer devices, an encryption key corresponding to the other peer device and a list of all keychain identifiers on the other peer device, and the program comprising sets of instructions for:

receiving a modification to at least one of the plurality of attributes of each keychain item of a subset of the set of keychain items of the keychain stored on the first peer device;

for each other peer device in the plurality of other peer devices, determining whether a list of all keychain item identifiers for the first peer device matches the list of all keychain item identifiers on the other peer device;

generating a respective update request for each respective other peer device in the plurality of other peer devices for which the list of all keychain item identifiers does not match the list of all keychain item identifiers for the first peer device, in order to synchronize the keychain stored on the first peer device with the keychains of the plurality of other peer devices, wherein the respective update request for each respective other peer device comprises (i) a list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified and (ii) the modification to be made to the at least one of the plurality of attributes of each of the keychain items to be modified, wherein the respective update request for a first respective other peer device comprises a different set of modifications than the respective update request for a second respective other peer device;

encrypting, for each respective other peer device for which the respective update request was generated and using the encryption key corresponding to the respective other peer device, the keychain items corresponding to the list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified; and

transmitting, to each particular peer device through the network, the update request for the particular peer device and the encrypted keychain items of the particular peer device to be modified over a secure communication channel between the first peer device and the particular peer device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Some embodiments provide non-transitory machine-readable medium that stores a program which when executed by at least one processing unit of a device synchronizes a set of keychains stored on the device with a set of other devices. The device and the set of other devices are communicatively coupled to one another through a peer-to-peer (P2P) network. The program receives a modification to a keychain in the set of keychains stored on the device. The program generates an update request for each device in the set of other devices in order to synchronize the set of keychains stored on device with the set of other devices. The program transmits through the P2P network the set of update requests to the set of other devices over a set of separate, secure communication channels.

145 Citations

18 Claims

1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a first peer device synchronizes a set of keychain items stored in a keychain on the first peer device with sets of keychain items stored in keychains on a plurality of other peer devices, each keychain item comprising a keychain item identifier and a plurality of attributes, the first peer device and the plurality of other peer devices communicatively coupled to one another through a network, the first peer device locally storing, for each other peer device in the plurality of other peer devices, an encryption key corresponding to the other peer device and a list of all keychain identifiers on the other peer device, and the program comprising sets of instructions for:
- receiving a modification to at least one of the plurality of attributes of each keychain item of a subset of the set of keychain items of the keychain stored on the first peer device;
  
  for each other peer device in the plurality of other peer devices, determining whether a list of all keychain item identifiers for the first peer device matches the list of all keychain item identifiers on the other peer device;
  
  generating a respective update request for each respective other peer device in the plurality of other peer devices for which the list of all keychain item identifiers does not match the list of all keychain item identifiers for the first peer device, in order to synchronize the keychain stored on the first peer device with the keychains of the plurality of other peer devices, wherein the respective update request for each respective other peer device comprises (i) a list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified and (ii) the modification to be made to the at least one of the plurality of attributes of each of the keychain items to be modified, wherein the respective update request for a first respective other peer device comprises a different set of modifications than the respective update request for a second respective other peer device;
  
  encrypting, for each respective other peer device for which the respective update request was generated and using the encryption key corresponding to the respective other peer device, the keychain items corresponding to the list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified; and
  
  transmitting, to each particular peer device through the network, the update request for the particular peer device and the encrypted keychain items of the particular peer device to be modified over a secure communication channel between the first peer device and the particular peer device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The non-transitory machine-readable medium of claim 1, wherein the modification further comprises an addition of a keychain item to the keychain.
  - 3. The non-transitory machine-readable medium of claim 1, wherein the modification further comprises a modification to each of the plurality of attributes of a particular keychain item in the keychain.
  - 4. The non-transitory machine-readable medium of claim 1, wherein the modification further comprises a deletion of a keychain item in the keychain.
  - 5. The non-transitory machine-readable medium of claim 1, wherein the network that communicatively couples the peer devices is implemented by an overlay network configured according to a fully connected mesh topology in which each of the peer devices directly communicates with each of the other peer devices.
  - 6. The non-transitory machine-readable medium of claim 1, wherein the network is implemented by an overlay network configured according to a star topology comprising a plurality of nodes, wherein a center node of the star topology is a cloud storage service and remaining nodes of the star topology comprise the first peer device and the plurality of other peer devices.
  - 7. The non-transitory machine-readable medium of claim 1, wherein synchronizing the set of keychain items stored in the keychain on the first peer device comprises synchronizing a subset of the set of keychain items.

8. A method for synchronizing a set of keychain items stored in a keychain on a first peer device with sets of keychain items stored in keychains on a plurality of other peer devices, each keychain item comprising a keychain item identifier and a set of attributes, the first peer device and the plurality of other peer devices communicatively coupled to one another through a network, the first peer device locally storing, for each other peer device in the plurality of other peer devices, an encryption key corresponding to the other peer device and a list of all keychain identifiers on the other peer device, and the method comprising:
- receiving a modification to a subset of the set of keychain items of the keychain stored on the first peer device;
  
  for each other peer device in the plurality of other peer devices, determining whether a list of all keychain item identifiers for the first peer device matches the list of all keychain item identifiers on the other peer device;
  
  generating a respective update request for each respective other peer device in the plurality of other peer devices for which the list of all keychain item identifiers does not match the list of all keychain item identifiers for the first peer device, in order to synchronize the keychain stored on the first peer device with the keychains of the plurality of other peer devices, wherein the respective update request for each respective other peer device comprises (i) a list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified and (ii) the modification to be made to the set of attributes of each of the keychain items to be modified, wherein the respective update request for a first respective other peer device comprises a different set of modifications than the update request for a second respective other peer device;
  
  encrypting, for each respective other peer device for which the respective update request was generated and using the encryption key corresponding to the respective other peer device, the keychain items corresponding to the list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified; and
  
  transmitting, to each particular peer device through the network, the update request for the particular peer device and the encrypted keychain items of the particular peer device to be modified over a secure communication channel between the first peer device and the particular peer device.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The method of claim 8, wherein synchronizing the set of keychain items stored in the keychain comprises synchronizing a subset of the set of keychain items.
  - 10. The method of claim 8, wherein the modification to the subset of the set of keychain items of the keychain comprises at least one of (i) an addition of a keychain item to the keychain, (ii) a modification to the set of attributes of a particular keychain item in the keychain, and (iii) a deletion of a keychain item from the keychain.
  - 11. The method of claim 8, wherein the network that communicatively couples the peer devices is implemented by an overlay network configured according to a fully connected mesh topology in which each of the peer devices directly communicates with each of the other peer devices.
  - 12. The method of claim 8, wherein the network is implemented by an overlay network configured according to a star topology comprising a plurality of nodes, wherein a center node of the star topology is a cloud storage service and remaining nodes of the star topology comprise the first peer device and the plurality of other peer devices.
  - 13. The method of claim 8, wherein the plurality of separate, secure communication channels are implemented using a message-based communications protocol.
  - 14. The method of claim 8, wherein the secure communication channel between the first peer device and a second peer device is secured with public/private key pairs of the first and second peer devices and the secure communication channel between the first peer device and a third peer device is secured with public/private key pairs of the first and third peer devices.
  - 15. The method of claim 8, wherein generating an update request for a particular other peer device comprises:
    - generating a list of the differences between the list of all keychain item identifiers for the first peer device and a list of keychain item identifiers for the particular peer device.
  - 16. The method of claim 8, wherein each different respective secure communication channel between the first peer device and a different respective peer device is secured based on public/private key pairs of both the first peer device and the respective other peer device.

17. A device comprising:
- a memory configured to store, for each other peer device in a plurality of other peer devices, an encryption key corresponding to the other peer device and a list of all keychain identifiers on the other peer device; and
  
  at least one processor configured to;
  
  receive a modification to at least one of a plurality of attributes of a keychain item of a keychain stored on a first peer device;
  
  for each other peer device in the plurality of other peer devices, determine whether a list of all keychain item identifiers for the first peer device matches the list of all keychain item identifiers on the other peer device;
  
  generate a respective update request for each respective other peer device in the plurality of other peer devices for which the list of all keychain item identifiers does not match the list of all keychain item identifiers for the first peer device, in order to synchronize the keychain stored on the first peer device with the keychains of the plurality of other peer devices, wherein the respective update request for each respective other peer device comprises (i) a list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified and (ii) the modification to be made to the at least one of the plurality of attributes of the keychain item to be modified, wherein the respective update request for a first respective other peer device comprises a different set of modifications than the respective update request for a second respective other peer device;
  
  encrypt, for each respective other peer device for which the respective update request was generated and using the encryption key corresponding to the respective other peer device, the keychain items corresponding to the list of keychain item identifiers indicating each of the keychain items in the keychain of the respective other peer device to be modified; and
  
  transmit, to each particular peer device through a network, the update request for the particular peer device and the encrypted keychain items of the particular peer device to be modified over a secure communication channels between the first peer device and the particular peer device.
- View Dependent Claims (18)
- - 18. The device of claim 17, wherein the modification further comprises an addition of a keychain item to the keychain.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Brouwer, Michael, De Atley, Dallas B., Adler, Mitchell D.
Primary Examiner(s)
Simitoski, Michael

Application Number

US14/937,830
Publication Number

US 20160065548A1
Time in Patent Office

1,204 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/178   Techniques for file synchro...

G06F 16/27   Replication, distribution o...

H04L 12/185   with management of multicas...

H04L 12/44   Star or tree networks

H04L 2209/122   Hardware reduction or effic...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/065   for group communications cr...

H04L 63/068   using time-dependent keys, ...

H04L 63/104   Grouping of entities

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/1042   using topology management m...

H04L 67/1095   Replication or mirroring of...

H04L 67/306   User profiles

H04L 9/12   Transmitting and receiving ...

H04L 9/3247   involving digital signatures

H04W 84/18   Self-organising networks, e...

Keychain syncing

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

145 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Keychain syncing

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

145 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links