Recovering a key in a secure manner

US 10,693,639 B2
Filed: 02/28/2017
Issued: 06/23/2020
Est. Priority Date: 02/28/2017
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

transmitting, from a first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server;

transmitting, from the first user device, a first portion of a recovery key to the secure community server for forwarding to the second user device, wherein the secure community server forwards the first portion of the recovery key to the second user device;

transmitting, from the first user device, a second portion of the recovery key to the secure community server, wherein the second portion of the recovery key is stored at the secured community server without being further distributed to other user devices;

after transmitting the first portion and the second portion of the recovery key, discarding the first portion and the second portion of the recovery key at the first user device;

transmitting a key recovery request to the secure community server for recovering the recovery key; and

in response to the key recovery request;

receiving, from the secure community server, the second portion of the recovery key that has not been further distributed to other user devices, wherein the received second portion of the recovery key is encrypted using a public key of the first user device; and

receiving the first portion of the recovery key from the second user device.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure describes methods and systems, including computer-implemented methods, computer program products, and computer systems, for distributing recovery keys. One method includes: transmitting, from a first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server; transmitting a first portion of a recovery key to secure community server for forwarding to the second user device; transmitting a second portion of the recovery key to the secure community server; and discarding the first portion and the second portion of the recovery key at the first user device.

26 Citations

12 Claims

1. A method, comprising:
- transmitting, from a first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server;
  
  transmitting, from the first user device, a first portion of a recovery key to the secure community server for forwarding to the second user device, wherein the secure community server forwards the first portion of the recovery key to the second user device;
  
  transmitting, from the first user device, a second portion of the recovery key to the secure community server, wherein the second portion of the recovery key is stored at the secured community server without being further distributed to other user devices;
  
  after transmitting the first portion and the second portion of the recovery key, discarding the first portion and the second portion of the recovery key at the first user device;
  
  transmitting a key recovery request to the secure community server for recovering the recovery key; and
  
  in response to the key recovery request;
  
  receiving, from the secure community server, the second portion of the recovery key that has not been further distributed to other user devices, wherein the received second portion of the recovery key is encrypted using a public key of the first user device; and
  
  receiving the first portion of the recovery key from the second user device.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the transmitted first portion of the recovery key is encrypted using a public key of the second user device.
  - 3. The method of claim 1, wherein the transmitted second portion of the recovery key is encrypted using a public key of the secure community server.
  - 4. The method of claim 1, wherein the first portion of the recovery key is forwarded to second user device in response to the key recovery request.

5. A first user device, comprising:
- at least one hardware processor;
  
  a non-transitory computer-readable storage medium coupled to the at least one hardware processor and storing programming instructions for execution by the at least one hardware processor, wherein the programming instructions instruct the at least one hardware processor to;
  
  transmit, from the first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server;
  
  transmit, from the first user device, a first portion of a recovery key to the secure community server for forwarding to the second user device, wherein the secure community server forwards the first portion of the recovery key to the second user device;
  
  transmit, from the first user device, a second portion of the recovery key to the secure community server, wherein the second portion of the recovery key is stored at the secured community server without being further distributed to other user devices;
  
  after transmitting the first portion and the second portion of the recovery key, discard the first portion and the second portion of the recovery key at the first user device;
  
  transmit a key recovery request to the secure community server for recovering the recovery key; and
  
  in response to the key recovery request;
  
  receive, from the secure community server, the second portion of the recovery key that has not been further distributed to other user devices, wherein the received second portion of the recovery key is encrypted using a public key of the first user device; and
  
  receive the first portion of the recovery key from the second user device.
- View Dependent Claims (6, 7, 8)
- - 6. The first user device of claim 5, wherein the transmitted first portion of the recovery key is encrypted using a public key of the second user device.
  - 7. The first user device of claim 5, wherein the transmitted second portion of the recovery key is encrypted using a public key of the secure community server.
  - 8. The first user device of claim 5, wherein the first portion of the recovery key is forwarded to second user device in response to the key recovery request.

9. A non-transitory computer-readable medium containing instructions which, when executed, cause a computing device to perform operations comprising:
- transmitting, from a first user device to a secure community server, a key distribution request, wherein the key distribution request identifies a second user device, and the first user device and the second user device are members of a same secure community managed by the secure community server;
  
  transmitting, from the first user device, a first portion of a recovery key to the secure community server for forwarding to the second user device, wherein the secure community server forwards the first portion of the recovery key to the second user device;
  
  transmitting, from the first user device, a second portion of the recovery key to the secure community server, wherein the second portion of the recovery key is stored at the secured community server without being further distributed to other user devices;
  
  after transmitting the first portion and the second portion of the recovery key, discarding the first portion and the second portion of the recovery key at the first user device;
  
  transmitting a key recovery request to the secure community server for recovering the recovery key; and
  
  in response to the key recovery request;
  
  receiving, from the secure community server, the second portion of the recovery key that has not been further distributed to other user devices, wherein the received second portion of the recovery key is encrypted using a public key of the first user device; and
  
  receiving the first portion of the recovery key from the second user device.
- View Dependent Claims (10, 11, 12)
- - 10. The non-transitory computer-readable medium of claim 9, wherein the transmitted first portion of the recovery key is encrypted using a public key of the second user device.
  - 11. The non-transitory computer-readable medium of claim 9, wherein the transmitted second portion of the recovery key is encrypted using a public key of the secure community server.
  - 12. The non-transitory computer-readable medium of claim 9, wherein the first portion of the recovery key is forwarded to second user device in response to the key recovery request for recovering the first portion of the recovery key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Bowman, Roger Paul, Adams, Neil Patrick
Primary Examiner(s)
Chiang, Jason

Application Number

US15/445,872
Publication Number

US 20180248693A1
Time in Patent Office

1,211 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

H04L 9/0819   Key transport or distributi...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/083   involving central third par...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

Recovering a key in a secure manner

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Recovering a key in a secure manner

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links