Peer-to-peer communications

US 20060053289A1
Filed: 09/09/2004
Published: 03/09/2006
Est. Priority Date: 09/09/2004
Status: Active Grant

First Claim

Patent Images

1. A method for establishing secure peer-to-peer communications comprising the steps of:

authenticating a requesting peer with a security agent;

authenticating, with the security agent, a requested peer with which the requesting peer requests to communicate;

distributing an encrypted session key from the security agent to the requesting peer and the requested peer; and

encrypting communications between the requesting peer and the requested peer using the session key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A protocol for secure peer-to-peer communications is established based on existing cryptographic techniques and encryption algorithms. The peers (120, 130, 140) and a central security agent (110) undergo mutual authentication. A newly generated nonce is used for authentication, and a random session key is used for a session. The security agent (110) generates unique session keys for communication between peers (120, 130, 140). The security agent (110) removes the burden of mutual authentication between requested peer (130, 140) and the requesting peer (120), as the security agent (110) independently authenticates the requesting peer (120) and the requested peer (130, 140). The requested peer (130, 140) and the requesting peer (120) are sent a session key by the security agent (110).

63 Citations

View as Search Results

25 Claims

1. A method for establishing secure peer-to-peer communications comprising the steps of:
- authenticating a requesting peer with a security agent;
  
  authenticating, with the security agent, a requested peer with which the requesting peer requests to communicate;
  
  distributing an encrypted session key from the security agent to the requesting peer and the requested peer; and
  
  encrypting communications between the requesting peer and the requested peer using the session key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as claimed in claim 1, further comprising the step of generating a message number at the requesting peer.
  - 3. The method as claimed in claim 1, further comprising the step of generating a message number at the requested peers.
  - 4. The method as claimed in claim 1, further comprising the step of generating message numbers at the security agent for the requesting peer and the requested peer.
  - 5. The method as claimed in claim 1, wherein the requesting peer requests to communicate with a number of requested peers and the encrypted session key is distributed to all of the requested peers.
  - 6. The method as claimed in claim 1, wherein the steps of authenticating comprise exchanging message numbers encrypted using public and private key pairs.
  - 7. The method as claimed in claim 1, further comprising the step of authenticating the security agent with the requesting peer.
  - 8. The method as claimed in claim 1, further comprising the step of authenticating the security agent with the requested peer.
  - 9. The method as claimed in claim 1, wherein the requesting peer requests to communicate with a number of requested peers and different encrypted session keys are distributed to the respective requested peers.

10. A computer program product for establishing secure peer-to-peer communications comprising computer software recorded on a computer-readable medium for performing the steps of:
- authenticating a requesting peer with a security agent;
  
  authenticating, with the security agent, a requested peer with which the requesting peer requests to communicate;
  
  distributing a secret session key from the security agent to the requested peer and the requesting peer; and
  
  encrypting communications between the requesting peer and the requested peer using the secret session key.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer program product as claimed in claim 10, wherein the computer software recorded on a computer-readable medium is for performing the step of generating a message number at the requesting peer.
  - 12. The computer program product as claimed in claim 10, wherein the computer software recorded on a computer-readable medium is for performing the step of generating a message number at the requested peer.
  - 13. The computer program product as claimed in claim 10, wherein the computer software recorded on a computer-readable medium is for performing the step of generating message numbers at the security agent for the requesting peer and the requested peer.
  - 14. The computer program product as claimed in claim 10, wherein the requesting peer requests to communicate with a number of requested peers and the encrypted session key is distributed to all of the requested peers.
  - 15. The computer program product as claimed in claim 10, wherein the steps of authenticating comprise exchanging message numbers encrypted using public and private key pairs.
  - 16. The computer program product as claimed in claim 10, wherein the computer software recorded on a computer-readable medium is for performing the step of authenticating the security agent with the requesting peer.
  - 17. The computer program product as claimed in claim 10, wherein the computer software recorded on a computer-readable medium is for performing the step of authenticating the security agent with the requested peer.
  - 18. The computer program product as claimed in claim 10, wherein the requesting peer requests to communicate with a number of requested peers and different encrypted session keys are distributed to the respective requested peers.

19. An apparatus for enabling secure peer-to-peer communications, the apparatus comprising:
- a first, security agent computer system and a second, requesting peer computer system, the first computer program having a first processor and first memory, wherein the first memory includes a first computer program and the first processor is operative with the first program to perform the steps of;
  
  authenticating the requesting peer;
  
  authenticating at least one requested peer with which the requesting peer requests to communicate; and
  
  distributing an encrypted session key to the requesting peer and the requested peer;
  
  wherein the second computer system has a second processor and second memory, the second memory includes a second computer program and the second processor is operative with the second program to perform the step of encrypting a communication to the requested peer using the session key.
- View Dependent Claims (20, 21, 22, 23, 24, 25)
- - 20. The apparatus of claim 19, wherein the second processor is operative with the second program to perform the step of generating a message number.
  - 21. The apparatus of claim 19, wherein the first processor is operative with the first program to perform the step of generating a message number.
  - 22. The apparatus of claim 19, wherein the requesting peer requests to communicate with a number of requested peers and the encrypted session key is distributed to all of the requested peers.
  - 23. The apparatus of claim 19, wherein the steps of authenticating comprise exchanging message numbers encrypted using public and private key pairs.
  - 24. The apparatus of claim 19, wherein the second processor is operative with the second program to perform the step of authenticating the security agent
  - 25. The apparatus of claim 19, wherein the requesting peer requests to communicate with a number of requested peers and the step of distributing an encrypted session key includes distributing different encrypted session keys to the respective requested peers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Singh, Abhishek

Granted Patent

US 7,596,690 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/169
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

H04L 9/3273   for mutual authentication n...

Peer-to-peer communications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Peer-to-peer communications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links