METHODS AND DEVICE FOR SECURE TRANSFER OF SYMMETRIC ENCRYPTION KEYS
First Claim
1. A method for secure transfer of symmetric encryption keys, the method comprising:
- at a sending device;
generating a first and a second key management message (KMM), wherein the first KMM includes a first key encryption key and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys;
encrypting the set of symmetric encryption keys, included in the second KMM, using the first key encryption key;
encrypting the first key encryption key and the KMM encryption key, included in the first KMM, using a first public key of a receiving device;
encrypting the second KMM using the KMM encryption key to generate an encrypted second KMM; and
sending the first KMM and the encrypted second KMM to the receiving device.
2 Assignments
0 Petitions
Accused Products
Abstract
A sending device generates a first and a second KMM, wherein the first KMM includes a first KEK and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys. The sending device further encrypts the set of symmetric encryption keys using the first KEK; encrypts the first KEK and the KMM encryption key using a first public key of a receiving device; and encrypts the second KMM using the KMM encryption key to generate an encrypted second KMM before sending the first KMM and the encrypted second KMM to the receiving device. The receiving device decrypts the first KEK and the KMM encryption key using a first private key that corresponds to the first public key; and decrypts the encrypted second KMM using the KMM encryption key to obtain the encrypted set of symmetric keys.
63 Citations
17 Claims
-
1. A method for secure transfer of symmetric encryption keys, the method comprising:
at a sending device; generating a first and a second key management message (KMM), wherein the first KMM includes a first key encryption key and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys; encrypting the set of symmetric encryption keys, included in the second KMM, using the first key encryption key; encrypting the first key encryption key and the KMM encryption key, included in the first KMM, using a first public key of a receiving device; encrypting the second KMM using the KMM encryption key to generate an encrypted second KMM; and sending the first KMM and the encrypted second KMM to the receiving device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A device for secure transfer of symmetric encryption keys, the method comprising:
-
means for generating a first and a second key management message (KMM), wherein the first KMM includes a first key encryption key and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys; means for encrypting the set of symmetric encryption keys, included in the second KMM, using the first key encryption key; means for encrypting the first key encryption key and the KMM encryption key, included in the first KMM, using a first public key of a receiving device; means for encrypting the second KMM using the KMM encryption key to generate an encrypted second KMM; and means for sending the first KMM and the encrypted second KMM to the receiving device. - View Dependent Claims (13, 14, 15)
-
-
16. A method for secure transfer of symmetric encryption keys, the method comprising:
at a receiving device; receiving, from a sending device, a first key management message (KMM) and an encrypted second KMM, wherein the first KMM includes a first key encryption key and a KMM encryption key both encrypted with a first public key of the receiving device, and the encrypted second KMM includes a set of symmetric encryption keys encrypted with the first key encryption key; decrypting the first key encryption key and the KMM encryption key using a first private key of the receiving device, wherein the first private key corresponds to the first public key; decrypting the encrypted second KMM using the KMM encryption key to obtain the encrypted set of symmetric encryption keys for at least one of storing or forwarding to another device. - View Dependent Claims (17)
Specification