SECURE MESSAGING BY KEY GENERATION INFORMATION TRANSFER

US 20130305040A1
Filed: 05/11/2012
Published: 11/14/2013
Est. Priority Date: 05/11/2012
Status: Active Grant

First Claim

Patent Images

1. A device comprising:

one or more processors to;

receive an instruction to send a message from the device to a second device;

communicate with a first server to obtain a first set of parameters and a first key based on the instruction to send the message from device to the second device;

send the first key to a second server;

establish a secure connection with the second server based on sending the first key;

determine a second set of parameters based on the first set of parameters,send, via the secure connection, the second set of parameters;

generate a second key based on the second set of parameters;

encrypt the message based on the second key; and

send the encrypted message to the second device,the second device being capable of receiving the second set of parameters from the second server to decrypt the encrypted message.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is configured to receive a first authentication request from a first device, authenticate the first device, establish a secure connection with the first device based on authenticating the first device, and receive, via the secure connection with the first device, a set of parameters from the first device. The first device is capable of generating an encryption key for a secure message, intended for a second device, based on the set of parameters. The system is also configured to receive a second authentication request from a second device, authenticate the second device and establish a secure connection with the second device based on receiving the second authentication request, and send, via the secure connection with the second device, the set of parameters to the second device. The second user device is capable of generating a decryption key for the secure message based on the set of parameters.

Citations

23 Claims

1. A device comprising:
- one or more processors to;
  
  receive an instruction to send a message from the device to a second device;
  
  communicate with a first server to obtain a first set of parameters and a first key based on the instruction to send the message from device to the second device;
  
  send the first key to a second server;
  
  establish a secure connection with the second server based on sending the first key;
  
  determine a second set of parameters based on the first set of parameters,send, via the secure connection, the second set of parameters;
  
  generate a second key based on the second set of parameters;
  
  encrypt the message based on the second key; and
  
  send the encrypted message to the second device,the second device being capable of receiving the second set of parameters from the second server to decrypt the encrypted message.
- View Dependent Claims (2, 3, 4)
- - 2. The device of claim 1, where the one or more processors are further to:
    - receive a token from the second server,the token being associated with the second set of parameters; and
      
      embed the token within the message,where when sending the encrypted message to the second device the one or more processors are to send the encrypted message with the embedded token,the second device being capable of receiving the second set of parameters from the second server further based on sending the token to the second server.
  - 3. The device of claim 1, where the one or more processors are further to:
    - initiate an authentication function with the first server,where the first set of parameters and the first key are received from the first server based on executing the authentication function.
  - 4. The device of claim 1, where the one or more processors are further to:
    - initiate an authentication function with the second server based on sending the first key to the second server,where the secure connection is established with the second server further based on executing the authentication function.

5. A computer-readable medium comprising:
- a plurality of instructions which, when executed by one or more processors of a first device, cause the one or more processors to;
  
  receive an instruction to send a message from the first device to a second device;
  
  communicate with a first server to obtain a first set of parameters based on the instruction to send the message from the first device to the second device;
  
  determine a second set of parameters based on the first set of parameters;
  
  establish a secure connection with a second server;
  
  send, via the secure connection, the second set of parameters to the second server;
  
  receive a token from the second server,the token being associated with the second set of parameters;
  
  generate a key based on the second set of parameters;
  
  encrypt the message based on the key;
  
  embed the token within the encrypted message; and
  
  send the encrypted message with the token to the second device,the second device being capable of receiving the second set of parameters from the second server to decrypt the encrypted message based on sending the token to the second server.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The computer-readable medium of claim 5, where the plurality of instructions further cause the one or more processors to:
    - receive a first key from the first server; and
      
      send the first key to the second server,where the secure connection is established with the second server based on sending the first key to the second server.
  - 7. The computer-readable medium of claim 6, where the plurality of instructions further cause the one or more processors to:
    - initiate an authentication function with the second server based on sending the first key to the second server,where the secure connection is established with the second server based on executing the authentication function.
  - 8. The computer-readable medium of claim 5, where the plurality of instructions further cause the one or more processors to:
    - initiate an authentication function with the first server,where the first set of parameters are received from the first server based on executing the authentication function.
  - 9. The computer-readable medium of claim 8, where the plurality of instructions further cause the one or more processors to:
    - establish the secure connection with the first server based on executing the authentication function in accordance with a generic bootstrapping architecture technique.

10. A method comprising:
- receiving, by a first device, a secure message from a second device;
  
  communicating, by the first device, with a first server to receive a first key based on receiving the secure message;
  
  sending, by the first device, the first key to a second server;
  
  establishing, by the first device, a secure connection with the second server based on sending the first key;
  
  receiving, by the first device, a set of parameters, from the second server, via the secure connection,the set of parameters being provided to the second server by the second device;
  
  generating, by the first device, a second key based on the second set of parameters; and
  
  decrypting, by the first device, the secure message using the second key.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10, further comprising:
    - receiving a token, included with the secure message, associated with the set of parameters; and
      
      sending the token to the second server,where the set of parameters is received from the second server based on sending the token to the second server.
  - 12. The method of claim 10, further comprising:
    - initiating an authentication function with the first server,where the first key is received from the first server based on executing the authentication function.
  - 13. The method of claim 10, further comprising:
    - initiating an authentication function with the second server based on sending the first key to the second server,where the secure connection is established with the second server further based on executing the authentication function.

14. A system comprising:
- one or more devices to;
  
  receive a first authentication request from a first device;
  
  authenticate the first device based on the first authentication request;
  
  establish a secure connection with the first device based on authenticating the first device;
  
  receive, via the secure connection, a set of parameters from the first device,the first device being capable of generating an encryption key for a secure message, intended for a second device based on the set of parameters;
  
  receive a second authentication request from the second device;
  
  authenticate the second device;
  
  establish a secure connection with the second device based on receiving the second authentication request; and
  
  send, via the secure connection with the second device, the set of parameters to the second device,the second device being capable of generating a decryption key for the secure message based on the set of parameters.
- View Dependent Claims (15, 16, 17)
- - 15. The system of claim 14, where the one or more devices are further to:
    - receive, from the first device, authentication information associated with the second device;
      
      generate a token associated with the set of parameters and with the authentication information for the second device;
      
      send the token to the first device;
      
      receive the token from the second device;
      
      authenticate the second device based on the authentication information associated with the token; and
      
      identify the set of parameters associated with the token,where sending the set of parameters to the second user device is based on receiving the token, authenticating the second user device, and identifying the set of parameters.
  - 16. The system of claim 14, where when receiving the first authentication request from the first device, the one or more devices are further to receive a key from the first device, andwhere when authenticating the first device, the one or more devices are further to authenticate the first device based on the key.
  - 17. The system of claim 14, where when receiving the second authentication request from the second device, the one or more devices are further to receive a key from the second device, andwhere when authenticating the second device, the one or more devices are further to authenticate the second device based on the key.

18. A computer-readable medium comprising:
- a plurality of instructions which, when executed by one or more processors, cause the one or more processors to;
  
  establish a secure connection with a first device;
  
  receive, via the secure connection with the first device, a set of parameters from the first device,the first device being capable of generating an encryption key for a secure message, intended for a second device, based on the set of parameters;
  
  generate a token associated with the set of parameters;
  
  send the token to the first device;
  
  establish a secure connection with the second device;
  
  receive, via the secure connection with the second device, the token from the second device;
  
  identify the set of parameters associated with the token; and
  
  send, via the secure connection with the second device, the set of parameters to the second device,the second device being capable of generating a decryption key for the secure message based on the set of parameters.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The computer-readable medium of claim 18, where the plurality of instructions further cause the one or more processors to:
    - receive a first authentication request from the first device; and
      
      authenticate the first device based on the first authentication request,where the secure connection is established with the first device based on authenticating the first device.
  - 20. The computer-readable medium of claim 18, where the plurality of instructions further cause the one or more processors to:
    - receive a second authentication request from the second device; and
      
      authenticate the second device based on the second authentication request,where the secure connection is established with the second device based on authenticating the second device.
  - 21. The computer-readable medium of claim 18, where the authentication request from the second device includes a key used to authenticate the second device.
  - 22. The computer-readable medium of claim 18, where the plurality of instructions further cause the one or more processors to:
    - receive, from the first device, information for the second device,the token being associated with the set of the parameters and with the information for the second device; and
      
      authenticate the second device based on the information for the second device associated with the token,where the set of parameters is sent to the second device based on authenticating the second device.
  - 23. The computer-readable medium of claim 18, where the authentication request, from the first device, includes a key used to authenticate the first device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Original Assignee
Verizon Patent and Licensing Incorporated (Verizon Communications Inc.)
Inventors
LEE, Kwai Yeung, KING, William C.

Granted Patent

US 8,943,318 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

H04L 51/58   Message adaptation for wire...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 9/083   involving central third par...

H04L 9/32   including means for verifyi...

SECURE MESSAGING BY KEY GENERATION INFORMATION TRANSFER

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE MESSAGING BY KEY GENERATION INFORMATION TRANSFER

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links