Secure peer-to-peer messaging invitation architecture

US 20060101266A1
Filed: 10/29/2004
Published: 05/11/2006
Est. Priority Date: 10/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method of securely exchanging personal identification numbers between a first mobile device and a second mobile device in a system including a wireless network and a routing server coupled to the wireless network, each mobile device having one or more communications applications and each mobile device further having a messaging application, the first mobile device having a first personal identification number and the second mobile device having a second personal identification number, the method comprising the steps of:

encrypting the first personal identification number;

sending said encrypted first personal identification number from the first mobile device to the second mobile device using one of the communication applications;

decrypting said encrypted first personal identification number and storing the first personal identification number in a memory on the second mobile device;

encrypting the second personal identification number;

sending said encrypted second personal identification number from the second mobile device to the first mobile device using one of the communication applications; and

decrypting said encrypted second personal identification number and storing the second personal identification number in a memory on the first mobile device, whereby peer-to-peer messages are exchanged between the first mobile device and the second mobile device using said messaging applications, and wherein each peer-to-peer message contains one of the personal identification numbers and each peer-to-peer message is routed by the routing server based upon said one of the personal identification numbers.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and methods providing immediate peer-to-peer messaging between mobile devices in a wireless system. An invitation architecture is disclosed which enables the exchange of personal identification numbers (PINs) without requiring a user to directly access or provide his or her PIN. A messaging application encrypts its associated PIN before providing it to a messaging application on another mobile device through an existing communication application. The invitation architecture automatically manages the encryption, any requisite key exchanges, the composition of invitation and acceptance messages, and the decryption and storage of PINs.

102 Citations

View as Search Results

31 Claims

1. A method of securely exchanging personal identification numbers between a first mobile device and a second mobile device in a system including a wireless network and a routing server coupled to the wireless network, each mobile device having one or more communications applications and each mobile device further having a messaging application, the first mobile device having a first personal identification number and the second mobile device having a second personal identification number, the method comprising the steps of:
- encrypting the first personal identification number;
  
  sending said encrypted first personal identification number from the first mobile device to the second mobile device using one of the communication applications;
  
  decrypting said encrypted first personal identification number and storing the first personal identification number in a memory on the second mobile device;
  
  encrypting the second personal identification number;
  
  sending said encrypted second personal identification number from the second mobile device to the first mobile device using one of the communication applications; and
  
  decrypting said encrypted second personal identification number and storing the second personal identification number in a memory on the first mobile device, whereby peer-to-peer messages are exchanged between the first mobile device and the second mobile device using said messaging applications, and wherein each peer-to-peer message contains one of the personal identification numbers and each peer-to-peer message is routed by the routing server based upon said one of the personal identification numbers.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method claimed in claim 1, further including a step of generating a first public-private key pair and a second public-private key pair, and including a step of exchanging public keys from said first and second key pairs.
  - 3. The method claimed in claim 1, further including a step of sending an invitation from the first mobile device to the second mobile device using said one of the communication applications, the invitation including a first public key.
  - 4. The method claimed in claim 3, wherein said step of encrypting the second personal identification number includes encrypting the second personal identification number using said first public key, and wherein said step of sending said encrypted second personal identification number includes sending an acceptance, wherein said acceptance includes said encrypted second personal identification number and includes a second public key.
  - 5. The method claimed in claim 4, wherein said step of encrypting the first personal identification number includes encrypting the first personal identification number using said second public key, and wherein said step of sending said encrypted first personal identification number includes sending an acknowledgement, wherein said acknowledgement includes said encrypted first personal identification number.
  - 6. The method claimed in claim 1, wherein said steps of encrypting and decrypting are performed using a shared session key.
  - 7. The method claimed in claim 6, further including steps of exchanging key values and deriving said shared session key from said exchanged key values.
  - 8. The method claimed in claim 1, wherein the first mobile device is associated with a first user, and wherein the method further includes a step of receiving an invitation instruction from said first user prior to performing said method steps.
  - 9. The method claimed in claim 1, wherein the second mobile device is associated with a second user, and wherein the method further includes a step of receiving an acceptance instruction from said second user prior to performing said step of sending said encrypted second personal identification number.
  - 10. The method claimed in claim 9, wherein said messaging applications perform said steps of encrypting, decrypting, and sending automatically in response to receipt of said invitation instruction and said acceptance instruction.
  - 11. The method claimed in claim 1, wherein said one of the communication applications includes an e-mail application.

12. A peer-to-peer messaging system including a plurality of mobile devices, a wireless network, and a routing server coupled to the wireless network, each mobile device having one or more communication applications and each mobile device comprising:
- a memory storing a first personal identification number; and
  
  a messaging application, said messaging application including an encryption component for encrypting said first personal identification number and for embedding said encrypted first personal identification number into a communication for transmission to another mobile device using one of said communication applications, a decryption component for receiving an incoming communication from said another mobile device via said one of said communication applications, said incoming communication including an encrypted second personal identification number, and for extracting and decrypting said encrypted second personal identification number, a contact management component for automatically managing the exchange of invitations and acceptances with said another mobile device using said one of said communication applications, and a messaging component for sending and receiving peer-to-peer messages, whereby said peer-to-peer messages each include one of said personal identification numbers, and wherein said peer-to-peer messages are routed by the routing server based upon said one of said personal identification numbers.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system claimed in claim 12, wherein said encryption component includes a key generation component for generating a first public-private key pair, and wherein said contact management component sends said first public key to said another mobile device using said one of said communication applications.
  - 14. The system claimed in claim 13, wherein said contact management component includes an invitation component for composing an invitation and transmitting said invitation to said another mobile device using said one of said communication applications, and wherein said invitation includes said first public key.
  - 15. The system claimed in claim 13, wherein said contact management component includes an acceptance component for composing an acceptance and transmitting said acceptance to said another mobile device using said one of said communication applications, and wherein said acceptance includes said first public key and said encrypted first personal identification number.
  - 16. The system claimed in claim 14, wherein said encryption component encrypts said first personal identification number using a second public key, said second public key being received from said another mobile device using said one of said communication applications, and wherein said invitation component further composes an acknowledgement communication in response to receipt of an acceptance communication, said acknowledgement communication including said encrypted first personal identification number.
  - 17. The system claimed in claim 12, wherein said encryption component and said decryption component use a shared session key.
  - 18. The system claimed in claim 17, wherein said contact management component generates a public value and a private value, and exchanges said public value with said another mobile device, and wherein said contact management component derives said shared session key from said public value, said private value, and another public value received from said another mobile device.
  - 19. The system claimed in claim 12, wherein said mobile device further includes a display screen and a user input device, and wherein said contact management component receives an invitation instruction from said user input device, in response to which said contact management component automatically generates and sends an invitation to said another mobile device.
  - 20. The system claimed in claim 12, wherein said mobile device further includes a display screen and a user input device and wherein said contact management component provides an indication upon said display screen upon receipt of an invitation communication from said another mobile device, and wherein said contact management component receives an acceptance instruction from said user input device, in response to which said contact management component automatically generates and sends an acceptance to said another mobile device.
  - 21. The system claimed in claim 12, wherein said one of the communication applications includes an e-mail application.

22. A mobile device for engaging in peer-to-peer messaging with other mobile devices over a wireless network, the wireless network including a routing server, the mobile device comprising:
- a communications subsystem for engaging in wireless communication with the wireless network;
  
  memory, said memory storing a first personal identification number;
  
  a processor connected to said memory and to said communications subsystem for controlling operation of said communications subsystem;
  
  a communication application for composing and sending communications to the other mobile devices;
  
  a messaging application, said messaging application including an encryption component for encrypting said first personal identification number and for embedding said encrypted first personal identification number into a communication for transmission to another mobile device using said communication application, a decryption component for receiving an incoming message from said another mobile device via said communication application, said incoming message including an encrypted second personal identification number, and for extracting and decrypting said encrypted second personal identification number, a contact management component for automatically managing the exchange of invitations and acceptances with said another mobile device using said communication applications, and a messaging component for sending and receiving peer-to-peer messages, whereby said peer-to-peer messages each include one of said personal identification numbers, and wherein said peer-to-peer messages are routed by the routing server based upon said one of said personal identification numbers.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 23. The mobile device claimed in claim 22, wherein said encryption component includes a key generation component for generating a first public-private key pair, and wherein said contact management component sends said first public key to said another mobile device using said communication application.
  - 24. The mobile device claimed in claim 23, wherein said contact management component includes an invitation component for composing an invitation and transmitting said invitation to said another mobile device using said one of said communication applications, and wherein said invitation includes said first public key.
  - 25. The mobile device claimed in claim 23, wherein said contact management component includes an acceptance component for composing an acceptance and transmitting said acceptance to said another mobile device using said one of said communication applications, and wherein said acceptance includes said first public key and said encrypted first personal identification number.
  - 26. The mobile device claimed in claim 24, wherein said encryption component encrypts said first personal identification number using a second public key, said second public key being received from said another mobile device using said one of said communication applications, and wherein said invitation component further composes an acknowledgement communication in response to receipt of an acceptance communication, said acknowledgement communication including said encrypted first personal identification number.
  - 27. The mobile device claimed in claim 22, wherein said encryption component and said decryption component use a shared session key.
  - 28. The mobile device claimed in claim 27, wherein said contact management component generates a public value and a private value, and exchanges said public value with said another mobile device, and wherein said contact management component derives said shared session key from said public value, said private value, and another public value received from said another mobile device.
  - 29. The mobile device claimed in claim 22, further including a display screen and a user input device, and wherein said contact management component receives an invitation instruction from said user input device, in response to which said contact management component automatically generates and sends an invitation to said another mobile device.
  - 30. The mobile device claimed in claim 22, further including a display screen and a user input device and wherein said contact management component provides an indication upon said display screen upon receipt of an invitation communication from said another mobile device, and wherein said contact management component receives an acceptance instruction from said user input device, in response to which said contact management component automatically generates and sends an acceptance to said another mobile device.
  - 31. The mobile device claimed in claim 22, wherein said communication application comprises an e-mail application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Fahmy, Samer, Klassen, Gerhard Dietrich, Yach, David

Granted Patent

US 7,489,781 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/170
CPC Class Codes

G06Q 20/347   Passive cards

G07F 7/10   together with a coded signa...

G07F 7/1075   PIN is checked remotely

H04L 2209/80   Wireless network architectu...

H04L 51/04   Real-time or near real-time...

H04L 51/58   Message adaptation for wire...

H04L 63/04   for providing a confidentia...

H04L 63/061   for key exchange, e.g. in p...

H04L 67/54   Presence management, e.g. m...

H04L 9/08   Key distribution or managem...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/3226   using a predetermined code,...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

Secure peer-to-peer messaging invitation architecture

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

102 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Secure peer-to-peer messaging invitation architecture

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

102 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links