Key exchange through partially trusted third party

US 10,447,674 B2
Filed: 07/06/2017
Issued: 10/15/2019
Est. Priority Date: 12/11/2015
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

transmitting, from a cryptography service running on a computer system and to a first entity, a first data to indicate a first association between the first entity and a first public key;

obtaining, at the cryptography service, the first data in response to a request to verify the first association;

transmitting, from the cryptography service and to a second entity, an indication that the data is valid; and

transmitting, from the cryptography service and to the second entity, a second data used to indicate validity of a second association between the second entity and a second public key, wherein the first public key and the second public key are both used as part of establishing a cryptographically protected communications session between the first entity and the second entity.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system may transmit, to a first entity, data to indicate an association between the first entity and a public key, wherein the public key is to be used to establish a cryptographically protected communications session between the first entity and a second entity, receive the data in response to a request to verify the association, and transmit, to the second entity, an indication that the data is valid. The system may be a cryptography service that is partially by the first and second entities. A partially trusted system can a computer system that is trusted in some respects but not trusted in other respects. A partially trusted cryptography service may be trusted to generate digital signatures and verify authenticity of digital signatures, but not trusted with access to a cryptographic key that can be used to access a cryptographically protected communications between a first entity and a second entity.

Citations

20 Claims

1. A computer-implemented method comprising:
- transmitting, from a cryptography service running on a computer system and to a first entity, a first data to indicate a first association between the first entity and a first public key;
  
  obtaining, at the cryptography service, the first data in response to a request to verify the first association;
  
  transmitting, from the cryptography service and to a second entity, an indication that the data is valid; and
  
  transmitting, from the cryptography service and to the second entity, a second data used to indicate validity of a second association between the second entity and a second public key, wherein the first public key and the second public key are both used as part of establishing a cryptographically protected communications session between the first entity and the second entity.
- View Dependent Claims (2, 3, 4)
- - 2. The computer-implemented method of claim 1, further comprising:
    - obtaining, at the cryptography service, the second data in response to a second request to verify the second association; and
      
      transmitting, from the cryptography service and to the first entity, a second indication that the second data is valid.
  - 3. The computer-implemented method of claim 1, whereinthe first data comprises a digital signature usable to cryptographically verify a first identifier and the first public key are associated with the first entity;
    - andthe method further comprises, in response to the request to verify the first association, cryptographically verifying authenticity of the digital signature.
  - 4. The computer-implemented method of claim 1, wherein the indication that the first data is valid is cryptographically verifiable by the second entity.

5. A system, comprising:
- one or more hardware processors; and
  
  memory that stores executable instructions that, as a result of being executed by the one or more processors, causes the system to;
  
  transmit, from the system and to a first entity, a first data to indicate a first association between the first entity and a first public key;
  
  obtain, at the system, the first data in response to a request to verify the first association;
  
  transmit, from the system and to the second entity, an indication that the data is valid; and
  
  transmit, from the system and to the second entity, a second data used to indicate validity of a second association between the second entity and a second public key, wherein the first public key and the second public key are both used as part of establishing a cryptographically protected communications session between the first entity and the second entity.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The system of claim 5, wherein the instructions, which as a result of being executed by the one or more processors, further causes the system to at least:
    - obtain, at the system, the second data in response to a second request to verify the second association; and
      
      transmit, from the system and to the first entity, a second indication that the second data is valid.
  - 7. The system of claim 6, wherein the cryptographically protected communications session is established based at least in part on the first indication being obtained by the first entity and the second indication being obtained by the first entity.
  - 8. The system of claim 6, wherein:
    - a shared secret is derivable from the first public key and a second private key corresponding to the second public key;
      
      the shared secret is also derivable from the second public key and a first private key corresponding to the first public key; and
      
      the shared secret is unavailable to the system and is used by the first entity and the second entity to communicate via the cryptographically protected communications session.
  - 9. The system of claim 5, wherein the first public key is an elliptic curve Diffie-Hellman (ECDH) public key.
  - 10. The system of claim 9, wherein the system lacks sufficient cryptographic material to decrypt one or more messages encrypted in accordance with a protocol of the cryptographically protected communications session.
  - 11. The system of claim 5, wherein:
    - the first data to indicate the first association between the first entity and the first public key includes a ciphertext; and
      
      the instructions, which as a result of being executed by the one or more processors, further causes the system to at least;
      
      encrypt a plaintext comprising the first public key and an identifier associated with the first entity, encryption of the plaintext generating the ciphertext; and
      
      decrypt the ciphertext in response to the request to verify the first association.
  - 12. The system of claim 5, wherein the instructions, which if performed by the one or more processors, further causes the system to at least generate a message authentication (MAC) tag comprising an identifier associated with the first entity and the first public key using a cryptographic hash function, wherein the first data comprises the MAC tag.

13. A non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least:
- transmit, from the computer system and to a first entity, a first data to indicate a first association between the first entity and a first public key;
  
  obtain, at the computer system, the first data in response to a first request to verify the first association;
  
  transmit, from the computer system and to the second entity, a first indication that the first data is valid; and
  
  transmit, from the computer system and to the second entity, a second data used to indicate validity of a second association between the second entity and a second public key, wherein the first public key and the second public key are both used as part of establishing a cryptographically protected communications session between the first entity and the second entity.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer-readable storage medium of claim 13, wherein the executable instructions that cause the computer system to transmit the first indication, as a result of being executed by the one or more processors of the computer system, further cause the computer system to at least transmit the first indication as part of a handshake of a protocol for cryptographically protected communications.
  - 15. The non-transitory computer-readable storage medium of claim 14, wherein the handshake is in accordance with a Transport Layer Security (TLS) protocol.
  - 16. The non-transitory computer-readable storage medium of claim 13, wherein the executable instructions that, as a result of being executed by the one or more processors of the computer system, further cause the computer system to at least:
    - obtain, at the computer system, the second data in response to a second request to verify the second association; and
      
      transmit, from the computer system and to the first entity, a second indication that the second data is valid.
  - 17. The non-transitory computer-readable storage medium of claim 16, wherein:
    - a shared secret is derivable from the first public key and a second private key corresponding to the second public key;
      
      the shared secret is also derivable from the second public key and a first private key corresponding to the first public key; and
      
      the shared secret is unavailable to the computer system and is used by the first entity and the second entity to communicate via the cryptographically protected communications session.
  - 18. The non-transitory computer-readable storage medium of claim 16, wherein the executable instructions that, as a result of being executed by the one or more processors of the computer system, further cause the computer system to at least:
    - generate the first data to indicate the first association using a master key;
      
      generate the second data to indicate the second association using the same master key;
      
      verify the first association, in response to the first request, using the master key; and
      
      verify the second association, in response to the second request, using the master key.
  - 19. The non-transitory computer-readable storage medium of claim 13, wherein the first data to indicate the first association between the first entity and the first public key comprises a nonce.
  - 20. The non-transitory computer-readable storage medium of claim 19, wherein the nonce is provided by the first entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Campagna, Matthew John
Primary Examiner(s)
Holder, Bradley W

Application Number

US15/643,276
Publication Number

US 20170310652A1
Time in Patent Office

831 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0442   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0876   based on the identity of th...

H04L 63/166   at the transport layer

H04L 9/083   involving central third par...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/321   involving a third party or ...

H04L 9/3263   involving certificates, e.g...

Key exchange through partially trusted third party

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Key exchange through partially trusted third party

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links