PUBLIC KEY PASSING

US 20080137859A1
Filed: 12/06/2006
Published: 06/12/2008
Est. Priority Date: 12/06/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method for securely passing public keys, the method comprising:

encrypting a first user public key, wherein the first user public key is associated with a first user device;

passing the encrypted first user public key to a first gateway server over a secure communication link;

receiving an encrypted second user public key from the first gateway server over the secure communication link, wherein the second user public key is associated with a second user device, and wherein the second user device is associated with a second gateway server; and

decrypting the second user public key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved approach to public key passing is provided to inhibit man-in-the-middle (MITM) attacks during an exchange of public keys over one or more public networks. In one embodiment, a method for securely passing public keys includes encrypting a first user public key, wherein the first user public key is associated with a first user device. The method also includes passing the encrypted first user public key to a first gateway server over a secure communication link. The method further includes receiving an encrypted second user public key from the first gateway server over the secure communication link, wherein the second user public key is associated with a second user device, and wherein the second user device is associated with a second gateway server. In addition, the method includes decrypting the second user public key.

Citations

20 Claims

1. A method for securely passing public keys, the method comprising:
- encrypting a first user public key, wherein the first user public key is associated with a first user device;
  
  passing the encrypted first user public key to a first gateway server over a secure communication link;
  
  receiving an encrypted second user public key from the first gateway server over the secure communication link, wherein the second user public key is associated with a second user device, and wherein the second user device is associated with a second gateway server; and
  
  decrypting the second user public key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the passing comprises transmitting the encrypted first user public key to an access point over a wireless network.
  - 3. The method of claim 2, wherein the wireless network is a public network.
  - 4. The method of claim 1, wherein the method is performed by the first user device in a public location.
  - 5. The method of claim 1, wherein the first user device is a mobile telephone.
  - 6. The method of claim 1, further comprising:
    - signing a first communication using a first user private key associated with the first user device, wherein the first communication is intended for the second user device; and
      
      passing the first communication to the first gateway server over the secure communication link.
  - 7. The method of claim 6, further comprising:
    - receiving a second communication from the first gateway server over the secure communication link, wherein the second communication is signed by a second user private key associated with the second user device, wherein the second communication is intended for the first user device; and
      
      authenticating the second communication using the second user public key.
  - 8. The method of claim 1, further comprising exchanging the first user public key and a gateway public key between the first user device and the first gateway server, wherein the gateway public key is associated with the first gateway server.

9. A method for securely passing public keys, the method comprising:
- receiving an encrypted first user public key from a first user device over a first secure communication link between the first user device and a first gateway server, wherein the first user public key is associated with the first user device;
  
  decrypting the first user public key;
  
  passing the first user public key to a second gateway server;
  
  receiving a second user public key from the second gateway server, wherein the second user public key is associated with a second user device;
  
  encrypting the second user public key; and
  
  passing the encrypted second user public key to the first user device over the first secure communication link.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The method of claim 9, wherein the passing the first user public key comprises passing the first user public key to the second gateway server over a second secure communication link.
  - 11. The method of claim 10, further comprising exchanging a first gateway public key and a second gateway public key between the first gateway server and the second gateway server, wherein the first gateway public key is associated with the first gateway server, and the second gateway public key is associated with the second gateway server.
  - 12. The method of claim 9, wherein the method is performed by the first gateway server in a private location associated with a user of the first user device.
  - 13. The method of claim 9, further comprising:
    - receiving a first communication from the first user device over the first secure communication link, wherein the first communication is signed by a first user private key associated with the first user device, wherein the first communication is intended for the second user device; and
      
      passing the first communication to the second gateway server.
  - 14. The method of claim 13, further comprising:
    - receiving a second communication from the second gateway server, wherein the second communication is signed by a second user private key associated with the second user device, wherein the second communication is intended for the first user device; and
      
      passing the second communication to the first user device over the first secure communication link.
  - 15. The method of claim 9, further comprising exchanging the first user public key and a first gateway public key between the first user device and the first gateway server, wherein the first gateway public key is associated with the first gateway server.

16. An apparatus for securely passing public keys, the apparatus comprising:
- means for encrypting a first user public key, wherein the first user public key is associated with a first user device;
  
  means for passing the encrypted first user public key to a first gateway server over a secure communication link;
  
  means for receiving an encrypted second user public key from the first gateway server over the secure communication link, wherein the second user public key is associated with a second user device, and wherein the second user device is associated with a second gateway server; and
  
  means for decrypting the second user public key.
- View Dependent Claims (17)
- - 17. The apparatus of claim 16, further comprising:
    - means for signing a first communication using a first user private key associated with the first user device, wherein the first communication is intended for the second user device;
      
      means for passing the first communication to the first gateway server over the secure communication link;
      
      means for receiving a second communication from the first gateway server over the secure communication link, wherein the second communication is signed by a second user private key associated with the second user device, wherein the second communication is intended for the first user device; and
      
      means for authenticating the second communication using the second user public key.

18. An apparatus for securely passing public keys, the apparatus comprising:
- means for receiving an encrypted first user public key from a first user device over a first secure communication link between the first user device and a first gateway server, wherein the first user public key is associated with the first user device;
  
  means for decrypting the first user public key;
  
  means for passing the first user public key to a second gateway server;
  
  means for receiving a second user public key from the second gateway server, wherein the second user public key is associated with a second user device;
  
  means for encrypting the second user public key; and
  
  means for passing the encrypted second user public key to the first user device over the first secure communication link.
- View Dependent Claims (19, 20)
- - 19. The apparatus of claim 18, further comprising:
    - means for encrypting the first user public key; and
      
      means for passing the encrypted first user public key to the second gateway server over a second secure communication link.
  - 20. The apparatus of claim 18, further comprising:
    - means for receiving a first communication from the first user device over the first secure communication link, wherein the first communication is signed by a first user private key associated with the first user device, wherein the first communication is intended for the second user device;
      
      means for passing the first communication to the second gateway server;
      
      means for receiving a second communication from the second gateway server, wherein the second communication is signed by a second user private key associated with the second user device, wherein the second communication is intended for the first user device; and
      
      means for passing the second communication to the first user device over the first secure communication link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Ogawa, Bryan, Lee, Pamela Suzanne, Enright, Mark, Jagadeesan, Ramanathan

Application Number

US11/567,619
Publication Number

US 20080137859A1
Time in Patent Office

Days
Field of Search
US Class Current

380/270
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/1466   Active attacks involving in...

H04L 9/083   involving central third par...

H04L 9/0844   with user authentication or...

PUBLIC KEY PASSING

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PUBLIC KEY PASSING

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links