Method and system for accelerated data encryption
First Claim
1. A method for accelerating data encryption, comprising:
- exchanging between a first device and a second device via a communications network an encrypted private session key for a private-key encryption method using a public-key encryption method, wherein encryption acceleration data is computed on the first device using a public key for the public-key encryption method, wherein the encryption acceleration data and the public key are sent to and used on the second device to encrypt the private session key exchanged between the first device and second device, and wherein the encryption acceleration data reduces a number of calculations needed on the second device to encrypt the private session key;
initializing the private-key encryption method on the first device and second device using the exchanged private session key, wherein the private-key encryption method is initialized on the second device using encryption initialization data for the private-key encryption method computed on the first device using the exchanged private session key and sent to the second device, and wherein the encryption initialization data reduces a number of calculations needed on the second device to initialize the private-key encryption method; and
exchanging encrypted messages between the first device and the second device, thereby creating a cryptographically secure communications channel between the first device and the second device, wherein the encrypted messages are encrypted using the exchanged private session key and the private-key encryption method initialized with the encryption initialization data.
1 Assignment
0 Petitions
Accused Products
Abstract
An encrypted private session key for a private-key encryption method is quickly exchanged between a first device and a second device by computing encryption acceleration data using a public key for a public-key encryption method. The encryption acceleration data and the public key are sent to and used on the second device to encrypt a private session key exchanged between the first device and second device. The private-key encryption method is quickly initialized on the second device using encryption initialization data for the private-key encryption method computed on the first device using the exchanged private session key sent to the second device. The encryption acceleration data and encryption initialization data reduce a number of calculations needed on the second device to initialize and use the private-key encryption method, thereby reducing the overall time needed to create a cryptographically secure communications channel between the first device and the second device.
-
Citations
31 Claims
-
1. A method for accelerating data encryption, comprising:
-
exchanging between a first device and a second device via a communications network an encrypted private session key for a private-key encryption method using a public-key encryption method, wherein encryption acceleration data is computed on the first device using a public key for the public-key encryption method, wherein the encryption acceleration data and the public key are sent to and used on the second device to encrypt the private session key exchanged between the first device and second device, and wherein the encryption acceleration data reduces a number of calculations needed on the second device to encrypt the private session key;
initializing the private-key encryption method on the first device and second device using the exchanged private session key, wherein the private-key encryption method is initialized on the second device using encryption initialization data for the private-key encryption method computed on the first device using the exchanged private session key and sent to the second device, and wherein the encryption initialization data reduces a number of calculations needed on the second device to initialize the private-key encryption method; and
exchanging encrypted messages between the first device and the second device, thereby creating a cryptographically secure communications channel between the first device and the second device, wherein the encrypted messages are encrypted using the exchanged private session key and the private-key encryption method initialized with the encryption initialization data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for accelerating data encryption, comprising:
-
computing encryption acceleration data on a first device using a public key from a public-key encryption method;
sending the computed encryption acceleration data and the public encryption key in an unencrypted format from the first device to a second device via a communications network, wherein the computed encryption acceleration data reduces a number of calculations needed on the second device to encrypt a private session key used with a first private-key encryption method used to exchange encrypted messages between the first device and the second device;
receiving an encrypted private session key on the first device from the second device, wherein the encrypted private session key was encrypted using the computed encryption acceleration data and the public encryption key, and wherein the private session key will be used to encrypt data for the first private-key encryption method;
decrypting the encrypted private session key on the first device using a private encryption key for the public-key encryption method;
computing encryption initialization data for the first private-key encryption method using the decrypted private session key;
encrypting the computed encryption initialization data using a second private-key encryption method and the decrypted private session key;
sending the encrypted computed encryption initialization data from the first device to the second device, wherein the computed encryption initialization data is used to initialize the first private-key encryption method on the second device, and wherein the computed encryption initialization data reduces a number of calculations needed on the second device to initialize the first private-key encryption method; and
exchanging encrypted messages between the first device and the second device, thereby creating a cryptographically secure communications channel between the first device and the second device, wherein the encrypted messages are encrypted using the private session key and the first private-key encryption method. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for accelerating data encryption, comprising:
-
receiving on a second device via a communications network, encryption acceleration data and a public encryption key in an unencrypted format from a first device, wherein the encryption acceleration data was computed on the first device using the public encryption key from a public-key encryption method;
selecting a private session key for the first private-key encryption method on the second device;
encrypting the private session key with the public-key encryption method using the encryption acceleration data and the public encryption key received from the first device, wherein the encryption acceleration data reduces a number of calculations needed on the second device to encrypt the selected private session key for the first private-key encryption method to be used to exchange encrypted messages between the first device and the second device;
sending the encrypted private session key to the first device;
receiving computed encryption initialization data in an encrypted format from the first device, wherein the computed encryption initialization data is used to initialize the first private-key encryption method on the second device, and wherein the computed encryption initialization data was encrypted with a second private-key encryption method on the first device using the selected private session key;
decrypting the encrypted computed encryption initialization data on the second device using the selected private session key;
initializing the first private-key encryption method on the second device with the decrypted computed encryption initialization data, wherein the computed encryption initialization data reduces a number of calculations needed on the second device to initialize the first private-key encryption method;
exchanging encrypted messages between the second device and the first device, thereby creating a cryptographically secure communications channel between the second device and the first device, wherein the encrypted messages are encrypted using the selected private session key and the first private-key encryption method initialized with the decrypted computed initialization data. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
-
29. An encryption acceleration system, comprising in combination:
-
a first device;
a second device;
a communications network connecting the first device and the second device;
encryption acceleration data calculated on a first device using a public key for a public key encryption method, wherein the encryption acceleration data and the public key are sent to and used on the second device to encrypt a private session key for a private-key encryption method exchanged between the first device and second device, and wherein the encryption acceleration data reduces a number of calculations needed on the second device to encrypt the private session key;
computed encryption initialization data, wherein the computed encryption initialization data is computed on the first device and sent from the first device to the second device, wherein the computed encryption initialization data is used to initialize the private-key encryption method on the second device, and wherein the computed encryption initialization data reduces a number of calculations needed on the second device to initialize the first private-key encryption method; and
a cryptographically secure communications channel between the second device and the first device over a communications network, wherein encrypted messages sent via the cryptographically secure communications channel are encrypted using the private session key and the private-key encryption method initialized with the computed encryption initialization data. - View Dependent Claims (30, 31)
-
Specification