Message deciphering method, system and article

US 20050169464A1
Filed: 12/17/2004
Published: 08/04/2005
Est. Priority Date: 12/24/2003
Status: Active Grant

First Claim

Patent Images

1. A method for decrypting encrypted messages sent by a transmission device to a first electronic device associated with a first trusted authority and to a second electronic device, the method comprising the steps of:

a) associating a single joint identity with the first and the second electronic devices which is identificative of a common entity comprising the first and the second electronic devices;

b) executing, by the transmission device, a single encryption operation of a message in clear by using the joint identity and transmitting the encrypted message simultaneously to the first and the second electronic devices;

c) generating, by the first and the second electronic devices a first and a second decryption token, respectively, said tokens being obtained on the basis of quantities provided by at least said first trusted authority;

d) providing said first token to the second electronic device and said second token to the first electronic device; and

e) generating, by starting from said tokens, by the first and second electronic devices, a joint decryption key in order to decrypt the encrypted message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for decrypting the encrypted messages sent by a transmission device to a first electronic device associated with a first trusted authority and to a second electronic device (ME). In one embodiment, first and second tokens are generated and exchanged, respectively, by the first and second electronic devices, which then generate a joint decryption key in order to decrypt the encrypted message.

42 Citations

View as Search Results

39 Claims

1. A method for decrypting encrypted messages sent by a transmission device to a first electronic device associated with a first trusted authority and to a second electronic device, the method comprising the steps of:
- a) associating a single joint identity with the first and the second electronic devices which is identificative of a common entity comprising the first and the second electronic devices;
  
  b) executing, by the transmission device, a single encryption operation of a message in clear by using the joint identity and transmitting the encrypted message simultaneously to the first and the second electronic devices;
  
  c) generating, by the first and the second electronic devices a first and a second decryption token, respectively, said tokens being obtained on the basis of quantities provided by at least said first trusted authority;
  
  d) providing said first token to the second electronic device and said second token to the first electronic device; and
  
  e) generating, by starting from said tokens, by the first and second electronic devices, a joint decryption key in order to decrypt the encrypted message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method according to claim 1, further comprising a step of providing a second trusted authority, associated with the second electronic device and distinct and autonomous with respect to said first trusted authority, said second trusted authority providing further quantities to the first and to the second electronic devices for the generation of said first and second decryption tokens.
  - 3. The method according to claim 2 wherein said step c) includes the steps of:
    - providing to the first and to the second electronic devices, first and second quantities for the generation of said first and second decryption tokens, respectively;
      
      said first and second quantities being generated by the first trusted authority; and
      
      providing to the second and first electronic devices, third and fourth quantities for the generation of said second and first decryption tokens, respectively, said third and fourth quantities being generated by the second trusted authority.
  - 4. The method according to claim 2 wherein first and second identities are associated with the first and the second electronic devices, respectively and further first and further second identities are associated with the first and the second trusted authorities;
    - the method additionally comprising the step of;
      
      generating a first and a second public key, obtained by applying a first hash function to the first and the second identities.
  - 5. The method according to claim 3 wherein first and second identities are associated with the first and the second electronic devices, respectively and further first and further second identities are associated with the first and the second trusted authorities;
    - the method additionally comprising the step of;
      
      generating a first and a second public key, obtained by applying a first hash function to the first and the second identities, wherein;
      
      said first and said second quantities are calculated by the first trusted authority by starting from a first random number and from the first public key of the first electronic device and by starting from the first random number and from the second public key of the second electronic device, respectively; and
      
      said third and said fourth quantities are calculated by starting from a second random number and from the second public key and by starting from the second random number and from the first public key, respectively.
  - 6. The method according to claim 3 wherein first and second identities are associated with the first and the second electronic devices, respectively and further first and further second identities are associated with the first and the second trusted authorities;
    - the method additionally comprising the step of;
      
      generating a first and a second public key, obtained by applying a first hash function to the first and the second identities, wherein;
      
      said first and said second quantities are calculated by starting from a first master key and from the first public key and by starting from the first master key and from the second public key, respectively; and
      
      said third and said fourth quantities are calculated by starting from a second master key and from the second public key and by starting from the second master key and from the first public key, respectively.
  - 7. The method according to claim 3 wherein the step of generating the first decryption token by the first device comprises the step of applying a bilinear function to a sum of the first and the fourth quantities, and to a first point of an additive group.
  - 8. The method according to claim 7 wherein the step of generating the second decryption token by the second device comprises the step of applying the bilinear function to a sum of the second and the third quantities, and to the first point of the additive group.
  - 9. The method according to claim 2 wherein said step e) comprises the step of applying, independently by each electronic device, a second hash function to an internal-product between the first and the second decryption tokens, in order to generate said joint decryption key.
  - 10. The method according to claim 5, further comprising the steps of:
    - associating with the common entity comprising the first and the second electronic devices, a joint public key corresponding to a sum of the second and the first public keys; and
      
      associating, with said common entity, a joint private key defined as the product of said joint public key and the sum of the second (r_ME) and the first (r_SIM) random numbers.
  - 11. The method of claim 6, further comprising the steps of:
    - associating with the common entity comprising the first and the second electronic devices, a joint public key corresponding to a sum of the second and the first public keys; and
      
      associating, with said common entity, a joint private key defined as the product of said joint public key and the sum of the second and the first master keys.
  - 12. The method according to claim 2, wherein said step b) comprises, with relation to the transmission device, the steps of:
    - acquiring a further first and a further second point from the first and the second trusted authorities, respectively, for the generation of a joint public point;
      
      generating the first point as the product of a further random number and a point and a string of bits in order to encrypt the message in clear; and
      
      generating the encrypted message comprising the first point in a first part and a result of an XOR operation between bits between the message in clear and said string in a second part.
  - 13. The method according to claim 12, further comprising the step of restoring the message in clear by carrying out a further XOR operation between bits between the encrypted message and the joint decryption key, said joint decryption key being mathematically coincident with the string of bits.
  - 14. The method according to claim 3, comprising the further steps of:
    - sending of an encrypted message containing the first quantity and the second quantity, from the first trusted authority to the first and the second electronic devices, respectively; and
      
      sending of an encrypted message containing the fourth quantity and the third quantity, from the second trusted authority to the first and the second electronic devices, respectively.
  - 15. The method according to claim 14 wherein said step of sending the first quantity from the first trusted authority to the first electronic device is carried out by encrypting such quantity in accordance with at least one of a symmetrical type cryptographic method or an identity-based encryption method.
  - 16. The method according to claim 14 wherein said step of sending the second quantity from the first trusted authority to the second electronic device is carried out by encrypting such quantity in accordance with an identity-based encryption method.
  - 17. The method according to claim 15, additionally comprising the step of generating, by the same first trusted authority, an electronic signature by starting from said first quantity.
  - 18. The method according to claim 17, further comprising the step of sending a message comprising said first quantity and said electronic signature to the first electronic device by the first trusted authority, said message being encrypted in accordance with an identity-based encryption method.
  - 19. The method according to claim 4, further comprising the step of sending said first and said further first identities from the first to the second electronic device, and of sending said second and said further second identities from the second to the first electronic device.
  - 20. The method according to claim 19, further comprising the step of sending an encrypted message containing said second and said further second identities to the first trusted authority by the first electronic device, said message being encrypted in accordance with at least one of a symmetrical type or an identity-based encryption method.
  - 21. The method according to claim 19, further comprising the step of sending an encrypted message containing the second and the further second identities and, optionally, the first identity to the first trusted authority from the first electronic device, said message comprising an electronic signature of the aforesaid identities generated by the first electronic device and being encrypted in accordance with an identity-based encryption method.
  - 22. The method according to claim 1 wherein said step d) comprises the steps of:
    - sending the first decryption token from the first electronic device to the second electronic device in an encrypted manner;
      
      sending the second decryption token from the second electronic device to the first electronic device in an encrypted manner.

23. A communication system, comprising:
- a first electronic device; and
  
  a second electronic device communicatively coupled to the first electronic device, wherein;
  
  the first and second electronic devices form a common entity configured to receive an encrypted message and decryption information;
  
  the first electronic device is configured to generate a first decryption token based at least in part on the decryption information and to provide the first decryption token to the second electronic device;
  
  the second electronic device is configured to generate a second decryption token based at least in part on the decryption information and to provide the second decryption token to the first electronic device; and
  
  the common entity is configured to generate a joint decryption key for decrypting the encrypted message based at least in part on the first and second decryption tokens.
- View Dependent Claims (24, 25, 26)
- - 24. The communication system of claim 23, further comprising a first trusted authority and communicatively coupled to the first electronic device and configured to provide at least part of the decryption information to the common entity.
  - 25. The communication system of claim 24, further comprising a second trusted authority communicatively coupled to the second electronic device and configured to provide at least part of the decryption information to the common entity.
  - 26. The communication system of claim 25 wherein the first trusted authority is configured to include first and second quantities in the decryption information and the second trusted authority is configured to include third and fourth quantities in the decryption information.

27. The communication system of 25, wherein a first identity is associated with the first electronic device, a second identity is associated with the second electronic device and the communication system is configured to generate a first public key by applying a first hash function to the first identity and a second public key by applying the first hash function to the second identity.

28. A common entity, comprising:
- means for receiving an encrypted message;
  
  means for receiving encryption information;
  
  a first electronic device having means for generating a first decryption token based at least in part on the received encryption information;
  
  a second electronic device coupled to the first electronic device and having means for generating a second decryption token based at least in part on the received decryption information; and
  
  means for generating a joint decryption key based at least in part on the first and second decryption tokens.
- View Dependent Claims (29, 30)
- - 29. The common entity of claim 28 wherein the means for receiving encryption information is configured to request encryption information from a first trusted authority.
  - 30. The common entity of claim 29 wherein the means for receiving encryption information is configured to request encryption information from a second trusted authority.

31. A method of decrypting an encrypted message, comprising:
- receiving an encrypted message directed to a common entity;
  
  receiving decryption information associated with the common entity;
  
  generating a first decryption token based at least in part on the received decryption information;
  
  receiving a second decryption token; and
  
  generating a joint decryption key based at least in part on the first and second decryption tokens.
- View Dependent Claims (32, 33)
- - 32. The method of claim 31, further comprising requesting at least part of the decryption information from a first trusted authority.
  - 33. The method of claim 32, further comprising requesting at least part of the decryption information from a second trusted authority.

34. An electronic device, comprising:
- means for receiving an encrypted message directed to the electronic device and to a second electronic device;
  
  means for receiving decryption information from a first trusted authority;
  
  means for generating a first decryption token based at least in part on received decryption information;
  
  means for transmitting the first decryption token to the second electronic device;
  
  means for receiving a second decryption token from the second electronic device; and
  
  means for generating a joint decryption key based at least in part on the first and second decryption tokens.
- View Dependent Claims (35, 36)
- - 35. The electronic device of claim 34, further comprising means for receiving decryption information from a second trusted authority.
  - 36. The electronic device of claim 34 wherein the means for generating a joint decryption key comprises means for decrypting the second decryption token.

37. A computer readable-media storing-instructions for causing an electronic device to:
- receive an encrypted message directed to a common entity;
  
  receive decryption information associated with the common entity;
  
  generate a first decryption token based at least in part on the received decryption information;
  
  receive a second decryption token; and
  
  generate a joint decryption key based at least in part on the first and second decryption tokens.
- View Dependent Claims (38, 39)
- - 38. The computer readable media of claim 37 wherein the instructions cause the electronic device to request at least part of the decryption information from a first trusted authority.
  - 39. The computer readable media of claim 37 wherein the instructions cause the electronic device to request the second decryption token from a second electronic device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
STMicroelectronics SRL (STMicroelectronics NV)
Original Assignee
STMicroelectronics SRL (STMicroelectronics NV)
Inventors
Sozzani, Fabio, Fragneto, Pasqualina, Bertoni, Guido Marco, Pelosi, Gerardo, Sannino, Roberto Valerio

Granted Patent

US 7,925,010 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/3073   involving pairings, e.g. id...

H04L 9/3213   using tickets or tokens, e....

Message deciphering method, system and article

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

Message deciphering method, system and article

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links