SECURE MESSAGING
First Claim
1. A method of exchanging information to enable secure messaging between first and second messaging devices, comprising:
- encapsulating a first public key associated with a first device'"'"'s public-private key pair with a first identifier so that the encapsulated public key does not occupy more than half the payload available for transmitting a message;
communicating the encapsulated first public key and first identifier from the first device to the second device;
receiving, from the second device, a response including a second public key and second identifier associated with the second device;
computing a shared secret based at least in part on the received second public key; and
deriving, from the shared secret, a key to encrypt or decrypt a further message communicated over the messaging network.
2 Assignments
0 Petitions
Accused Products
Abstract
Given the rise in popularity of communicating personal, private, sensitive, or vital peer-to-peer or peer-to-group information over insecure text messaging infrastructure, it would be highly desirable to provide a lightweight solution that enables the exchange of information in a secure manner. The non-limiting technology herein provides systems and methods for the exchange of cryptographic material that can be used to encipher message-oriented communications between at least two peer devices. Once the cryptographic material is exchanged between cooperating peers, this lightweight solution can be used by common off the shelf hardware such as smartphones, tablets, feature phones, or special purpose machine to machine devices for private communications, such as command and control, location services, etc. using insecure voice or data communication paths, such as SMS.
-
Citations
14 Claims
-
1. A method of exchanging information to enable secure messaging between first and second messaging devices, comprising:
-
encapsulating a first public key associated with a first device'"'"'s public-private key pair with a first identifier so that the encapsulated public key does not occupy more than half the payload available for transmitting a message; communicating the encapsulated first public key and first identifier from the first device to the second device; receiving, from the second device, a response including a second public key and second identifier associated with the second device; computing a shared secret based at least in part on the received second public key; and deriving, from the shared secret, a key to encrypt or decrypt a further message communicated over the messaging network. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for exchanging information to enable secure messaging comprising:
-
a message encapsulator that encapsulates a first public key associated with a first public-private key pair with a first identifier so that the encapsulated first public key does not occupy more than half the payload available for transmitting a message; a communications interface that communicates the encapsulated public key and first identifier to a further device; the communications interface receiving, from the further device, a response including a second public key and second identifier associated with the further device; a processor that computes a shared secret based at least in part on the received second public key; and a cryptographic element that uses the shared secret to encrypt or decrypt a further message communicated over the messaging network. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory storage device that stores program control instruction which, when executed by a processor coupled to a communications interface, control the processor to:
-
encapsulate a first public key associated with a first public-private key pair with a first identifier so that the encapsulated first public key does not occupy more than half the bandwidth available for transmitting a message; communicate the encapsulated first public key and first identifier to another device; receive, from the other device, a response including a second public key and second identifier associated with the other device; compute a shared secret based at least in part on the received second public key; and use the shared secret to encrypt or decrypt a further message communicated over the messaging network.
-
Specification