Communication of messages over networks
First Claim
Patent Images
1. A system comprising n≥
- 2 servers Si, 1≤
i≤
n, for communicating messages between sender and receiver computers, connectable to said system via a network, in dependence on authentication of receiver passwords, associated with respective receiver IDs, by the system, wherein each server Si comprises at least one hardware data processor connected with at least one memory that stores software instructions, and wherein execution of the software instructions by the at least one hardware data processor causes each server Si;
to store, for each said receiver ID, a first ciphertext produced by encrypting the receiver password associated with that ID under a respective public key via a homomorphic threshold encryption scheme having a threshold t≤
n, and a key-share ski of a secret key corresponding to that public key;
in response to receipt from a sender computer of an encrypted message, produced by encrypting a message for a said receiver ID under the public key for that ID via said encryption scheme, to store the encrypted message;
in response to receipt from a receiver computer of a said receiver ID, to send said first ciphertext for that ID to the receiver computer and, following receipt from the receiver computer of an authentication value which comprises a predetermined function of that first ciphertext and a second ciphertext produced by encrypting a password attempt under the public key for that ID via said encryption scheme such that the authentication value decrypts to a predetermined value if the password attempt equals the receiver password for that ID, to produce a first decryption share dependent on the authentication value using said key-share ski for that ID; and
in response to receipt of said first decryption share produced by each of (t−
1) other servers Si for the authentication value received for said ID, to determine from the t first decryption shares whether the authentication value decrypts to said predetermined value and, if so, to produce a second decryption share of a selected encrypted message using said key-share ski for that ID, and to send the second decryption share to said receiver computer.
1 Assignment
0 Petitions
Accused Products
Abstract
A method is provided for communicating messages between sender and receiver computers, connectable via a network to a system of servers, based on authentication of receiver passwords, associated with respective receiver IDs, by the system. A method is also provided for receiving a message from a sender based on authentication of a receiver password, associated with a receiver ID, by a system of servers, in a network, wherein each server stores for the ID a ciphertext produced by encrypting the receiver password under a public key via a homomorphic threshold encryption scheme having a threshold, and a key-share of a secret key corresponding to that public key, and stores an encrypted message from the sender encrypted under the public key. Systems are provided including servers, for communicating messages between sender and receiver computers based on authentication of receiver passwords, associated with respective receiver IDs, by the system.
28 Citations
19 Claims
-
1. A system comprising n≥
- 2 servers Si, 1≤
i≤
n, for communicating messages between sender and receiver computers, connectable to said system via a network, in dependence on authentication of receiver passwords, associated with respective receiver IDs, by the system, wherein each server Si comprises at least one hardware data processor connected with at least one memory that stores software instructions, and wherein execution of the software instructions by the at least one hardware data processor causes each server Si;to store, for each said receiver ID, a first ciphertext produced by encrypting the receiver password associated with that ID under a respective public key via a homomorphic threshold encryption scheme having a threshold t≤
n, and a key-share ski of a secret key corresponding to that public key;in response to receipt from a sender computer of an encrypted message, produced by encrypting a message for a said receiver ID under the public key for that ID via said encryption scheme, to store the encrypted message; in response to receipt from a receiver computer of a said receiver ID, to send said first ciphertext for that ID to the receiver computer and, following receipt from the receiver computer of an authentication value which comprises a predetermined function of that first ciphertext and a second ciphertext produced by encrypting a password attempt under the public key for that ID via said encryption scheme such that the authentication value decrypts to a predetermined value if the password attempt equals the receiver password for that ID, to produce a first decryption share dependent on the authentication value using said key-share ski for that ID; and in response to receipt of said first decryption share produced by each of (t−
1) other servers Si for the authentication value received for said ID, to determine from the t first decryption shares whether the authentication value decrypts to said predetermined value and, if so, to produce a second decryption share of a selected encrypted message using said key-share ski for that ID, and to send the second decryption share to said receiver computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- 2 servers Si, 1≤
-
16. A method for use in communicating messages between sender and receiver computers, connectable via a network to a system of n≥
- 2 servers Si, 1≤
i≤
n, in dependence on authentication of receiver passwords, associated with respective receiver IDs, by said system, wherein each of the servers comprise at least one hardware data processor and at least one memory, the method comprising, at each server Si;storing, for each said receiver ID, a first ciphertext produced by encrypting the receiver password associated with that ID under a respective public key via a homomorphic threshold encryption scheme having a threshold t≤
n, and a key-share ski of a secret key corresponding to that public key;in response to receipt from a sender computer of an encrypted message, produced by encrypting a message for a said receiver ID under the public key for that ID via said encryption scheme, storing the encrypted message; in response to receipt from a receiver computer of a said receiver ID, sending said first ciphertext for that ID to the receiver computer and, following receipt from the receiver computer of an authentication value which comprises a predetermined function of that first ciphertext and a second ciphertext produced by encrypting a password attempt under the public key for that ID via said encryption scheme such that the authentication value decrypts to a predetermined value if the password attempt equals the receiver password for that ID, producing a first decryption share dependent on the authentication value using said key-share ski for that ID; and in response to receipt of said first decryption share produced by each of (t−
1) other servers Si for the authentication value received for said ID, determining from the t first decryption shares whether the authentication value decrypts to said predetermined value and, if so, producing a second decryption share of a selected encrypted message using said key-share ski for that ID, and sending the second decryption share to said receiver computer. - View Dependent Claims (17, 18)
- 2 servers Si, 1≤
-
19. A method for receiving a message from a sender computer via a network in dependence on authentication of a receiver password, associated with a receiver ID, by a system of n≥
- 2 servers Si, 1≤
i≤
n, in said network, wherein each server Si stores for said receiver ID a first ciphertext produced by encrypting said receiver password under a public key via a homomorphic threshold encryption scheme having a threshold t≤
n, and a key-share ski of a secret key corresponding to that public key, and further stores an encrypted message, received from the sender computer, produced by encrypting said message under said public key via said encryption scheme, wherein each server comprises at least one hardware data processor and at least one memory, the method comprising, at a receiver computer;sending the receiver ID to said system of servers; in response to receipt, from said system of servers, of said first ciphertext and input of a password attempt for the receiver ID, producing a second ciphertext by encrypting the password attempt under said public key via said encryption scheme and producing an authentication value comprising a predetermined function of the first ciphertext and the second ciphertext such that the authentication value decrypts to a predetermined value if the password attempt equals the receiver password; sending the authentication value to t servers Si for production, at respective servers, of t first decryption shares dependent on the authentication value using respective key-shares ski of the t servers and determination at the t servers, from the t first decryption shares, whether the authentication value decrypts to said predetermined value; receiving from each of said t servers Si a second decryption share of said encrypted message produced by that server Si using the key-share ski thereof; and using the t second decryption shares to decrypt the encrypted message via a decryption algorithm of said encryption scheme.
- 2 servers Si, 1≤
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsCamenisch, Jan Leonhard, Samelin, Kai
-
Primary Examiner(s)Lemma, Samson B
-
Application NumberUS15/427,507Publication NumberTime in Patent Office783 DaysField of Search713153US Class CurrentCPC Class CodesH04L 63/0442 wherein the sending and rec...H04L 63/083 using passwords cryptograph...H04L 9/006 involving public key infras...H04L 9/008 involving homomorphic encry...H04L 9/0825 using asymmetric-key encryp...H04L 9/085 Secret sharing or secret sp...
