End-to-end encryption during a secure communication session

US 10,541,814 B2
Filed: 11/08/2017
Issued: 01/21/2020
Est. Priority Date: 11/08/2017
Status: Active Grant

First Claim

Patent Images

1. A method for end-to-end encryption during a secure communication session, the method comprising:

receiving, at a first device, an invitation to a secure communication session;

performing, by the first device, a three-way handshake with at least one second device to establish a first encryption key and a second encryption key for the secure communication session, wherein the first encryption key is configured to encrypt communication data transmitted by the first device and the second encryption key is configured to decrypt communication data received from the at least one second device; and

encrypting, by the first device, first communication data using the first encryption key; and

transmitting, from the first device, the encrypted first communication data to the at least one second device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present application describes a method, system, and non-transitory computer-readable medium for end-to-end encryption during a secure communication session. According to the present disclosure, a first device receives an invitation to a secure communication session. The invitation includes a token, which the first device transmits to the call initiating device. Next, the first device performs a three-way handshake with the call initiating device to negotiate a first encryption key and a second encryption key for the secure communication session. The first device encrypts first communication data using the first encryption key and transmits the encrypted first communication data to the call initiating device.

Citations

19 Claims

1. A method for end-to-end encryption during a secure communication session, the method comprising:
- receiving, at a first device, an invitation to a secure communication session;
  
  performing, by the first device, a three-way handshake with at least one second device to establish a first encryption key and a second encryption key for the secure communication session, wherein the first encryption key is configured to encrypt communication data transmitted by the first device and the second encryption key is configured to decrypt communication data received from the at least one second device; and
  
  encrypting, by the first device, first communication data using the first encryption key; and
  
  transmitting, from the first device, the encrypted first communication data to the at least one second device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the invitation includes at least one token.
  - 3. The method of claim 2, further comprising:
    - transmitting, from the first device, the at least one token to a second device to initiate the three-way handshake.
  - 4. The method of claim 1, further comprising:
    - providing, by the first device, a first stream identifier to the at least one second device.
  - 5. The method of claim 4, further comprising:
    - transmitting, by the first device, the first stream identifier with the encrypted first communication data.
  - 6. The method of claim 4, further comprising:
    - receiving, at the first device, second encrypted communication data from the at least one second device;
      
      decrypting, at the first device, the encrypted second communication data using the second encryption key; and
      
      providing, by the first device, the decrypted second communication data to a user of the first device.
  - 7. The method of claim 6, further comprising:
    - receiving, at the first device, a second stream identifier with the second encrypted communication data.
  - 8. The method of claim 7, further comprising:
    - retrieving, at the first device, the second encryption key using the second stream identifier received with the second encrypted communication data.

9. A system for end-to-end encryption during a secure communication session, the system comprising:
- an interface configured to receive an invitation to a secure communication session and transmit encrypted first communication data to at least one second device;
  
  a processor configured to perform a three-way handshake with the at least one second device to establish a first encryption key and a second encryption key for the secure communication session and encrypt first communication data using the first encryption key; and
  
  a memory configured to store the first encryption key and the second encryption key.
- View Dependent Claims (10, 11)
- - 10. The system of claim 9, wherein the first encryption key is configured to encrypt communication data transmitted to the at least one second device.
  - 11. The system of claim 10, wherein the second encryption key is configured to decrypt communication data received from the at least one second device.

12. A non-transitory computer-readable medium comprising instructions that when, executed by at least one processor, perform the steps of:
- receiving an invitation to a secure communication session;
  
  performing a three-way handshake with the at least one second device to establish a first encryption key and a second encryption key for the secure communication session, wherein the first encryption key is configured to encrypt communication data transmitted by the first device and the second encryption key is configured to decrypt communication data received from the at least one second device; and
  
  encrypting first communication data using the first encryption key; and
  
  transmitting the encrypted first communication data to the at least one second device.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The non-transitory computer-readable medium of claim 12, wherein the invitation includes at least one token.
  - 14. The non-transitory computer-readable medium of claim 13, comprising instructions for transmitting the at least one token to a second device to initiate the three-way handshake.
  - 15. The non-transitory computer-readable medium of claim 12, comprising instructions for providing a first stream identifier to the at least one second device.
  - 16. The non-transitory computer-readable medium of claim 15, comprising instructions for transmitting the first stream identifier with the encrypted first communication data.
  - 17. The non-transitory computer-readable medium of claim 12, comprising instructions for:
    - receiving second encrypted communication data from the at least one second device;
      
      decrypting the encrypted second communication data using the second encryption key; and
      
      providing the decrypted second communication data to a user of the first device.
  - 18. The non-transitory computer-readable medium of claim 17, comprising instructions for:
    - receiving a second stream identifier with the second encrypted communication data.
  - 19. The non-transitory computer-readable medium of claim 18, comprising instructions for retrieving the second encryption key using the second stream identifier received in the second encrypted communication data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Wickr Inc. (Amazon.com, Inc.)
Inventors
Leavy, Thomas Michael, Alwen, Joel
Primary Examiner(s)
Lewis, Lisa C
Assistant Examiner(s)
Zhu, Zhimei

Application Number

US15/806,468
Publication Number

US 20190140832A1
Time in Patent Office

804 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/088   Usage controlling of secret...

H04L 9/14   using a plurality of keys o...

H04L 9/3066   involving algebraic varieti...

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

End-to-end encryption during a secure communication session

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

End-to-end encryption during a secure communication session

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links