COMMUNICATION SYSTEM AND METHOD FOR SECURELY COMMUNICATING A MESSAGE BETWEEN CORRESPONDENTS THROUGH AN INTERMEDIARY TERMINAL

US 20120284509A1
Filed: 07/13/2012
Published: 11/08/2012
Est. Priority Date: 10/05/2000
Status: Active Grant

First Claim

Patent Images

1. A method of communicating a message between correspondents in a communication system through an intermediary terminal, the method comprising:

said one of said correspondents computing a secure communication including said message, computing a signature component including a derivation of said secure communication and an identifier, and forwarding said signature component and said secure communication to said intermediary terminal without the associated certificate, said intermediary terminal having shared said identifier with one of said correspondents, said intermediary terminal having access to said identifier and an associated certificate of a public key of said one of said correspondents;

said intermediary terminal verifying said signature component, recovering said identifier from said signature component and retrieving the certificate of the public key of said one of said correspondents based on said identifier;

said intermediary terminal attaching to said secure communication said certificate, andsaid intermediary terminal forwarding said secure communication and said certificate to another of said correspondents.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A wireless communication system includes a pager or similar device that communicates to a home terminal. The home terminal confirms the identity of the pager and attaches a certificate to the message for ongoing transmission. Where the recipient is also a pager, an associated home terminal verifies the transmission and forwards it in a trusted manner without the certificate to the recipient.

10 Citations

26 Claims

1. A method of communicating a message between correspondents in a communication system through an intermediary terminal, the method comprising:
- said one of said correspondents computing a secure communication including said message, computing a signature component including a derivation of said secure communication and an identifier, and forwarding said signature component and said secure communication to said intermediary terminal without the associated certificate, said intermediary terminal having shared said identifier with one of said correspondents, said intermediary terminal having access to said identifier and an associated certificate of a public key of said one of said correspondents;
  
  said intermediary terminal verifying said signature component, recovering said identifier from said signature component and retrieving the certificate of the public key of said one of said correspondents based on said identifier;
  
  said intermediary terminal attaching to said secure communication said certificate, andsaid intermediary terminal forwarding said secure communication and said certificate to another of said correspondents.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method according to claim 1 wherein said signature component includes a nonce unique to each communication.
  - 3. The method according to claim 1 wherein said secure communication includes said message signed by said one of said correspondents.
  - 4. The method according to claim 1 wherein said secure communication includes ciphertext encrypted with a public key of said another of said correspondents.
  - 5. The method according to claim 1 wherein said identifier is unique to said one of said correspondents and is associated with said one of said correspondents.
  - 6. The method according to claim 1 wherein said another of said correspondents is a recipient terminal, which utilizes said certificate to determine the public key of said one of said correspondents.
  - 7. The method according to claim 6 wherein said recipient terminal signs another message including said public key of said one of said correspondents to generate a signature of said another message, and forwards said secure communication and said signature of said another message to a second of said correspondents.
  - 8. The method according to claim 7 wherein said second of said correspondents retrieves said public key of said one of said correspondents using said signature of said another message, and extracts said message from said secure communication.
  - 9. The method according to claim 1 wherein prior to said one of said correspondents computing a secure communication including said message, said one of said correspondents registers with said intermediary terminal by performing operations including:
    - said intermediary terminal transferring a public key of said intermediary terminal to said one of said correspondents and said one of said correspondents transferring said public key of said one of said correspondents to said intermediary terminal.
  - 10. The method according to claim 9 wherein said one of said correspondents has stored in memory a public key of a trusted party and said intermediary terminal has a certificate of said public key of said intermediary terminal signed by said trusted party, and wherein said one of said correspondents verifies said public key of said intermediary terminal with said public key of said trusted party.
  - 11. The method according to claim 10 wherein said public key of said intermediary terminal is used by said one of said correspondents to sign said public key of said one of said correspondents for secure transfer to said intermediary terminal.
  - 12. The method according to claim 10 wherein said one of said correspondents forwards authorization information to said intermediary terminal during registration and said intermediary terminal verifies that said one of said correspondents is not prior registered with a certifying authority.
  - 13. The method according to claim 12 wherein said authorization information includes an address particular to said one of said correspondents for identification by said certifying authority.
  - 14. The method according to claim 11 wherein said identifier is transferred from said intermediary terminal to said one correspondent upon verification by a certifying authority.
  - 15. The method according to claim 14 wherein transfer of said identifier is secured by the public key of said one of said correspondents and said private key of said intermediary terminal.

16. A system for communicating a message between correspondents, the system comprising:
- an intermediary terminal; and
  
  one or more correspondents,wherein said intermediary terminal is configured to share an identifier with one of said correspondents,wherein said intermediary terminal has access to said identifier and an associated certificate of a public key of said one of said correspondents,wherein said one of said correspondents is configured to compute a secure communication including said message;
  
  wherein said one of said correspondents is configured to compute a signature component including a derivation of said secure communication and said identifier;
  
  wherein said one of said correspondents is configured to forward said signature component and said secure communication to said intermediary terminal without the associated certificate;
  
  wherein said intermediary terminal is configured to verify said signature component, recover said identifier from said signature component and retrieve the certificate of the public key of said one of said correspondents based on said identifier;
  
  wherein said intermediary terminal is configured to attach to said secure communication said certificate; and
  
  wherein said intermediary terminal is configured to forward said secure communication and said certificate to another of said correspondents.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The system according to claim 16 wherein said signature component includes a nonce unique to each communication.
  - 18. The system according to claim 16 wherein said secure communication includes said message signed by said one of said correspondents.
  - 19. The system according to claim 16 wherein said secure communication includes ciphertext encrypted with a public key of said another of said correspondents.
  - 20. The system according to claim 16 wherein said identifier is unique to said one of said correspondents and is associated with said one of said correspondents.
  - 21. The system according to claim 16 wherein said another of said correspondents is a recipient terminal, which utilizes said certificate to determine the public key of said one of said correspondents.
  - 22. The system according to claim 21 wherein said recipient terminal is configured to sign another message including said public key of said one of said correspondents to generate a signature of said another message, and forward said secure communication and said signature of said another message to a second of said correspondents.
  - 23. The system according to claim 22 wherein a second of said correspondents is configured to retrieve said public key of said one of said correspondents using said signature of said another message, and extract said message from said secure communication.
  - 24. The system according to claim 16 wherein prior to said one of said correspondents computing a secure communication including said message, said one of said correspondents is configured to register with said intermediary terminal by performing operations including:
    - said intermediary terminal transferring a public key of said intermediary terminal to said one of said correspondents and said one of said correspondents transferring said public key of said one of said correspondents to said intermediary terminal.

25. A method performed by an intermediate terminal for communicating a message between a first and a second correspondent through the intermediary terminal, the method comprising:
- sharing an identifier with the first correspondent and has access to the identifier and an associated certificate of a public key of the first correspondent, wherein the first correspondent is configured to computing a secure communication including the message, compute a signature component including a derivation of the secure communication and the identifier, and forward the signature component and the secure communication to the intermediary terminal without the associated certificate;
  
  receiving the signature component and the secure communication from the first correspondent without the associated certificate;
  
  verifying the signature component, recovering the identifier from the signature component and retrieving the certificate of the public key of the first correspondent based on the identifier; and
  
  attaching to the secure communication the certificate and forwarding the secure communication and the certificate to the second correspondent.
- View Dependent Claims (26)
- - 26. The method of claim 25 wherein the identifier is unique to the first correspondent and associated with the first correspondent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Ayerst, Douglas I., Davis, Walter Lee, Vanstone, Scott Alexander

Granted Patent

US 9,003,182 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/80   Wireless network architectu...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

H04W 12/069   using certificates or pre-s...

H04W 12/106   Packet or message integrity

COMMUNICATION SYSTEM AND METHOD FOR SECURELY COMMUNICATING A MESSAGE BETWEEN CORRESPONDENTS THROUGH AN INTERMEDIARY TERMINAL

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

COMMUNICATION SYSTEM AND METHOD FOR SECURELY COMMUNICATING A MESSAGE BETWEEN CORRESPONDENTS THROUGH AN INTERMEDIARY TERMINAL

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links