SECURED EMBEDDED DATA ENCRYPTION SYSTEMS

US 20140281536A1
Filed: 03/13/2014
Published: 09/18/2014
Est. Priority Date: 03/13/2013
Status: Active Grant

First Claim

Patent Images

1. A method of securing communications among a plurality of devices comprising a group, wherein the method comprises:

storing a set of security vectors for each of the plurality of devices, wherein the plurality of devices comprises a transmitting device and a receiving device;

storing a message authentication code for each of the plurality of devices;

encrypting, using a transformation matrix comprising a set of security vectors of the transmitting device, both data to be transmitted by the transmitting device and the message authentication code of the transmitting device to provide both encrypted data and an encrypted message authentication code;

transmitting the encrypted data from the transmitting device;

receiving the encrypted data by the receiving device;

decrypting the encrypted data using the transformation matrix comprising the set of security vectors of the transmitting device to provide both decrypted data and an extracted message authentication code;

comparing the stored message authentication code of the transmitting device with the extracted message authentication code; and

processing the decrypted data if the stored message authentication code of the transmitting device is equivalent to the extracted message authentication code.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Devices generate security vectors based on their own attributes. A device'"'"'s security vectors compose its transformation matrix. The devices securely share copies of their transformation matrices with other devices. A transmitting device adds its unique MAC to packets, encrypts those packets using its own transformation matrix, and transmits those packets. A receiving device uses its copy of the transmitting device'"'"'s transformation matrix to decrypt the data in a packet, determining whether a MAC extracted from that packet matches the transmitting device'"'"'s MAC. The receiving device can permit or prevent further processing of the packet'"'"'s data depending on whether the MACs match. Each device can store a copy of a same program that can be used to derive derivative security vectors from existing security vectors. Each device in the network can derive the same set of derivative vectors for any selected other device in the network, thereby “evolving” the transformation matrices.

10 Citations

View as Search Results

20 Claims

1. A method of securing communications among a plurality of devices comprising a group, wherein the method comprises:
- storing a set of security vectors for each of the plurality of devices, wherein the plurality of devices comprises a transmitting device and a receiving device;
  
  storing a message authentication code for each of the plurality of devices;
  
  encrypting, using a transformation matrix comprising a set of security vectors of the transmitting device, both data to be transmitted by the transmitting device and the message authentication code of the transmitting device to provide both encrypted data and an encrypted message authentication code;
  
  transmitting the encrypted data from the transmitting device;
  
  receiving the encrypted data by the receiving device;
  
  decrypting the encrypted data using the transformation matrix comprising the set of security vectors of the transmitting device to provide both decrypted data and an extracted message authentication code;
  
  comparing the stored message authentication code of the transmitting device with the extracted message authentication code; and
  
  processing the decrypted data if the stored message authentication code of the transmitting device is equivalent to the extracted message authentication code.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, wherein encrypting data comprises encrypting data at a transport layer and higher layers of a communications model.
  - 3. The method of claim 1, wherein the set of security vectors for each of the plurality of devices comprises vectors comprising information selected from a geo-physical location of a device, biometric information of a user of a device, a time/date stamp associated with a device, and a combination of any of the foregoing.

4. A method of securing communications among a plurality of devices comprising a group, wherein the method comprises:
- establishing a group comprising a plurality of devices, wherein each of the plurality of devices is characterized by a set of security vectors; and
  
  the plurality of devices comprises a transmitting device and a receiving device;
  
  storing the set of security vectors for each of the plurality of devices;
  
  storing a unique message authentication code for each of the plurality of devices;
  
  encrypting, using a transformation matrix comprising the set of security vectors associated with the transmitting device, both data to be transmitted by the transmitting device and a unique message authentication code of the transmitting device;
  
  transmitting the encrypted data from the transmitting device;
  
  receiving the encrypted data at the receiving device;
  
  decrypting the encrypted data using the transformation matrix comprising the set of security vectors of the transmitting device to provide both decrypted data and an extracted message authentication code;
  
  storing a copy of the decrypted data in a buffer;
  
  comparing the stored unique message authentication code of the transmitting device with the extracted message authentication code; and
  
  processing the decrypted data if the stored unique message authentication code of the transmitting device is equivalent to the extracted message authentication code.
- View Dependent Claims (5, 6, 7, 8, 9, 10)
- - 5. The method of claim 4, wherein encrypting data comprises encrypting data at a transport layer and higher layers of a communications model.
  - 6. The method of claim 4, wherein encrypting data comprises embedding the unique message authentication code of the transmitting device in the data to be encrypted and encrypting the data to be transmitted and the embedded unique message authentication code.
  - 7. The method of claim 4, comprising deleting the stored copy of the decrypted data if the unique message authentication code of the transmitting device is not equivalent to the extracted message authentication code.
  - 8. The method of claim 4, wherein storing the unique set of security vectors for each of the plurality of devices comprises storing a unique IP address.
  - 9. The method of claim 4, comprising sharing the unique set of security vectors for each of the plurality of devices among each of the plurality of devices within the group.
  - 10. The method of claim 4, wherein the unique set of security vectors for each of the plurality of devices comprises vectors comprising information selected from a geo-physical location of a device, biometric information of a user of a device, a time/date stamp associated with a device, and a combination of any of the foregoing.

11. An encryption/decryption processor, comprising:
- a storage unit for storing a set of security vectors and a message authentication code for each of a plurality of devices;
  
  an encryption unit for encrypting, using a transformation matrix based on a set of security vectors for a transmitting device, both data to be transmitted and a message authentication code of the transmitting device;
  
  a decryption unit for decrypting received data using a transformation matrix of a transmitting device to provide both decrypted data and an extracted message authentication code;
  
  a comparison unit for comparing the stored message authentication code of the transmitting device with the extracted message authentication code; and
  
  a processing unit for processing the decrypted data if the stored message authentication code of the transmitting device and the extracted message authentication code are equivalent.
- View Dependent Claims (12, 13, 14)
- - 12. The processor of claim 11, wherein encrypting data comprises encrypting data at a transport layer and higher layers of a communications model.
  - 13. A system for secured network communications within a group comprising a plurality of devices and a network device, wherein the network device comprises the encryption/decryption processor of claim 11.
  - 14. The system of claim 13, wherein encrypting data comprises encrypting data at a transport layer and higher layers of a communications model.

15. A computer program product stored on a non-transitory computer-readable storage medium comprising computer-executable instructions for causing a processor to:
- store a set of security vectors and a message authentication code for each of a plurality of devices;
  
  encrypt, using a transformation matrix comprising a set of security vectors of a transmitting device, both data to be transmitted by the transmitting device and a message authentication code of the transmitting device;
  
  decrypt received data using the transformation matrix of the transmitting device to provide both decrypted data and an extracted message authentication code;
  
  compare the stored message authentication code of the transmitting device with the extracted message authentication code; and
  
  process the decrypted data if the stored message authentication code of the transmitting device and the extracted message authentication code are equivalent.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer program product of claim 15, wherein encrypting data comprises encrypting data at a transport layer and higher layers of a communications model.
  - 17. The computer program product of claim 15, wherein the instructions cause the processor to:
    - derive a derivative set of security vectors corresponding to the transmitting device based on a seed set of security vectors corresponding to the transmitting device;
      
      wherein the transformation matrix comprises the derivative set of security vectors;
      
      encrypting a first packet based on a first derivative set of security vectors corresponding to the transmitting device; and
      
      encrypting a second packet based on a second derivative set of security vectors corresponding to the transmitting device;
      
      wherein the first derivative set differs from the second derivative set.
  - 18. The computer program product of claim 17, wherein the instructions cause the processor to:
    - process the seed set of security vectors using a program possessed by each device of the plurality of devices to produce a derivative set of security vectors.
  - 19. The computer program product of claim 15, wherein the set of security vectors for a particular device of the plurality of devices comprises at least one security vector that the particular device generated based on one or more attributes of a user of the particular device.
  - 20. The computer program product of claim 15, wherein the set of security vectors for a particular device of the plurality of devices comprises at least one security vector that the particular device generated based on a current location of the particular device ascertained using a global positioning system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Willow Company Limited
Original Assignee
Willow Company Limited
Inventors
Livolsi, Robert R., Livolsi, Jonathan P.

Granted Patent

US 8,880,892 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 2209/24   Key scheduling, i.e. genera...

H04L 63/0428   wherein the data content is...

H04L 9/0866   involving user or device id...

H04L 9/0872   using geo-location informat...

H04L 9/14   using a plurality of keys o...

H04L 9/3226   using a predetermined code,...

SECURED EMBEDDED DATA ENCRYPTION SYSTEMS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURED EMBEDDED DATA ENCRYPTION SYSTEMS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links