System, method, and device of authenticated encryption of messages
First Claim
Patent Images
1. A method comprising:
- (a) receiving at an electronic device an encrypted message that comprises;
(i) a payload encrypted with a secret one-time key; and
(ii) an outer integrity protection layer comprising a keyed cryptographic checksum generated by utilizing a secret key;
wherein said encrypted message is part of a group of encrypted messages that are intended for decryption;
wherein said encrypted message has a message-identifier;
wherein a secret cryptographic key is stored only in (I) said electronic device and in (II) an authorized server apparatus which sends said encrypted message to said electronic device;
wherein said secret cryptographic key comprises at least three concatenated sub-keys;
wherein a first sub-key of said secret cryptographic key is utilized by said authorized server for authenticated encryption of provisioning-messages that provision digital assets to said electronic device,wherein a second sub-key of said secret cryptographic key is utilized by said authorized server for authenticated encryption of query-messages that query said electronic device,wherein the third sub-key of said secret cryptographic key is utilized by said electronic device as an outer integrity protection layer to verify integrity of an encrypted message received at said electronic device without firstly decrypting the payload of said message;
(b) checking the keyed cryptographic checksum of the outer integrity protection layer of the message, against said third sub-key that is securely stored within said electronic device;
(c) if the checking result is negative, then;
(i) aborting decryption of the payload of said message, and (ii) aborting cryptographic verification of said message; and
(iii) avoiding utilization of a secret one-time key generated by said electronic device for decrypting said payload;
(d) if the checking result is positive, then;
utilizing a one-time key generated by said electronic device, for decrypting said payload;
wherein the method comprises;
protecting said recipient device from incoming fake messages, by checking at the recipient device, prior to attempting to decrypt a particular message, that an index number of said particular message is not a same index number of any other message that was received for decryption at said recipient device.
3 Assignments
0 Petitions
Accused Products
Abstract
System, device, and method of authenticated encryption of messages. A message intended for authenticated encryption is stored; and a secret authentication key and a secret encryption key are stored. A key-stream set of blocks is generated, each block including pseudo-random bits. The aggregate length of the key-stream is equal to or greater than the message-length of the message. Each block of the key-stream is generated by a deterministic pseudo-random number generator function that is instantiated with the secret encryption key. The key-stream is generated on a block-by-block basis, until the key-stream reaches in aggregate the message-length of the message. Each block of bits of the message is encrypted, on a per-block basis, with a corresponding block from the key-stream. Authentication is performed on the result of the encrypting operation, or on the message, by applying a keyed cryptographic checksum function that ascertains integrity and that utilizes the secret authentication key.
108 Citations
4 Claims
-
1. A method comprising:
-
(a) receiving at an electronic device an encrypted message that comprises;
(i) a payload encrypted with a secret one-time key; and
(ii) an outer integrity protection layer comprising a keyed cryptographic checksum generated by utilizing a secret key;wherein said encrypted message is part of a group of encrypted messages that are intended for decryption; wherein said encrypted message has a message-identifier; wherein a secret cryptographic key is stored only in (I) said electronic device and in (II) an authorized server apparatus which sends said encrypted message to said electronic device; wherein said secret cryptographic key comprises at least three concatenated sub-keys; wherein a first sub-key of said secret cryptographic key is utilized by said authorized server for authenticated encryption of provisioning-messages that provision digital assets to said electronic device, wherein a second sub-key of said secret cryptographic key is utilized by said authorized server for authenticated encryption of query-messages that query said electronic device, wherein the third sub-key of said secret cryptographic key is utilized by said electronic device as an outer integrity protection layer to verify integrity of an encrypted message received at said electronic device without firstly decrypting the payload of said message; (b) checking the keyed cryptographic checksum of the outer integrity protection layer of the message, against said third sub-key that is securely stored within said electronic device; (c) if the checking result is negative, then;
(i) aborting decryption of the payload of said message, and (ii) aborting cryptographic verification of said message; and
(iii) avoiding utilization of a secret one-time key generated by said electronic device for decrypting said payload;(d) if the checking result is positive, then;
utilizing a one-time key generated by said electronic device, for decrypting said payload;wherein the method comprises;
protecting said recipient device from incoming fake messages, by checking at the recipient device, prior to attempting to decrypt a particular message, that an index number of said particular message is not a same index number of any other message that was received for decryption at said recipient device. - View Dependent Claims (2, 3, 4)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeArm Limited (SoftBank Group Corp.)
-
Original AssigneeArm Limited (SoftBank Group Corp.)
-
InventorsBar-El, Hagai, Klimov, Alexander
-
Primary Examiner(s)Lesniewski, Victor
-
Application NumberUS14/726,618Time in Patent Office1,604 DaysField of SearchUS Class CurrentCPC Class CodesH04L 2209/24 Key scheduling, i.e. genera...H04L 2209/72 Signcrypting, i.e. digital ...H04L 63/0428 wherein the data content is...H04L 63/0435 wherein the sending and rec...H04L 63/067 using one-time keys cryptog...H04L 63/123 received data contents, e.g...H04L 9/0637 Modes of operation, e.g. ci...H04L 9/0656 Pseudorandom key sequence c...H04L 9/0861 Generation of secret inform...H04L 9/0869 involving random numbers or...H04L 9/088 Usage controlling of secret...H04L 9/14 using a plurality of keys o...H04L 9/3242 involving keyed hash functi...
