METHOD, TERMINAL, AND NETWORK SERVER FOR INFORMATION ENCRYPTION AND DECRYPTION AND KEY MANAGEMENT

US 20170338950A1
Filed: 08/19/2015
Published: 11/23/2017
Est. Priority Date: 10/21/2014
Status: Abandoned Application

First Claim

Patent Images

1-12. -12. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are methods for information encryption, decryption and key invalidation control, terminals and a network server. The method includes: a transmitting terminal creating a random key on a network server; the transmitting terminal encrypting to-be-transmitted information according to a common key negotiated with a receiving terminal and the random key or only according to the random key to obtain an encrypted cipher text; and the transmitting terminal transmitting the encrypted cipher text to the receiving terminal.

Citations

45 Claims

1-12. -12. (canceled)

13. An information encryption and decryption method, applied to a network side, comprising:
- after receiving a request for creating a random key from a transmitting terminal, a network server creating and saving the random key, and transmitting the random key to the transmitting terminal; and
  
  after receiving a request for acquiring a random key created by the transmitting terminal from a receiving terminal, the network server verifying the receiving terminal, and transmitting the queried random key to the receiving terminal after verification passes.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 45)
- - 14. The method according to claim 13, whereinthe random key comprises a random key ID and a key corresponding to the random key ID, and the random key comprises one or more pairs of random keys.
  - 15. The method according to claim 14, whereinthe step of verifying the receiving terminal comprises:
    - judging whether the request for acquiring the random key created by the transmitting terminal from the receiving terminal carries the random key ID, if the request carries the random key ID, the verification being passed, and if the request does not carry the random key ID, the verification being failed.
  - 16. The method according to claim 15, whereinafter verifying the receiving terminal and the verification passes, the method further comprises:
    - judging whether the random key exists or in an unfrozen state, and transmitting the queried random key to the receiving terminal when the random key exists or in the unfrozen state.
  - 17. The method according to claim 14, whereinafter creating and saving the random key and transmitting the random key to the transmitting terminal, the method further comprises:
    - the network server receiving an instruction of deleting or freezing the random key transmitted by the transmitting terminal or receiving a rule of deleting or freezing the random key set by the transmitting terminal on the network server, and the network server deleting or freezing the random key according to the instruction or the rule.
  - 18. The method according to claim 17, whereinthe rule of deleting or freezing the random key set by the transmitting terminal on the network server comprises one or more of the following:
    - setting a timer, and deleting or freezing the random key when time after the random key is created on the network server reaches time set by the timer; and
      
      setting a threshold of times that the random key is queried by the same receiving terminal, and deleting or freezing the random key when times that the same receiving terminal queries the random key reach the threshold of times.
  - 19. The method according to claim 17, further comprising:
    - the network server receiving an instruction of unfreezing the random key transmitted by the transmitting terminal;
      
      unfreezing the random key according to the instruction.
  - 20. The method according to claim 13, whereinthe request for creating the random key received by the network server from the transmitting terminal further comprises setting a query rule of the random key, and the method further comprises:
    - the network server setting a query rule of the random key when creating the random key; and
      
      when receiving the request for acquiring the random key created by the transmitting terminal from the receiving terminal, performing an authentication according to the request, the authentication being passed when the request conforms to the query rule, and allowing the receiving terminal to query;
      
      wherein the query rule of the random key comprises one or more of the following;
      
      a list of users allowed to query the random key;
      
      times allowed to query the random key; and
      
      time periods allowed to query the random key.
  - 45. A computer-readable storage medium storing computer-executable instructions used for executing the method according to claim 13.

21. (canceled)

22. A terminal, comprising:
- a random key creation and maintenance module, configured to create a random key on a network server;
  
  an encryption module, configured to encrypt to-be-transmitted information according to a common key negotiated with a receiving terminal and the random key to obtain an encrypted cipher text, or encrypt to-be-transmitted information according to the random key to obtain an encrypted cipher text; and
  
  a transmission module, configured to transmit the encrypted cipher text to the receiving terminal.
- View Dependent Claims (25, 26, 31)
- - 25. The terminal according to claim 22, whereinthe encryption module is configured to encrypt the to-be-transmitted information according to the random key to obtain the encrypted cipher text by the following mode:
    - encrypting the to-be-transmitted information according to the key corresponding to the random key ID to obtain encrypted transmission information, and adding the random key ID to generate a final encrypted cipher text.
  - 26. A terminal for key management based on the terminal according to claim 22, further comprising:
    - a key management module, configured to, after the transmission module transmits the encrypted cipher text to the receiving terminal, transmit an instruction of deleting or freezing the random key to the network server, or set a rule of deleting or freezing the random key on the network server;
      
      wherein the key management module is configured to set the rule of deleting or freezing the random key on the network server according to one or more of the following modes;
      
      setting a timer, and deleting or freezing the random key when time after the random key is created on the network server reaches time set by the timer, andsetting a threshold of times that the random key is queried by the same receiving terminal, and deleting or freezing the random key when times that the same receiving terminal queries the random key reach the threshold of times;
      
      the key management module is further configured to transmit an instruction of unfreezing the random key to the network server.
  - 31. The terminal according to claim 22 wherein the terminal is used as the receiving terminal which comprises:
    - a receiving module, configured to receive an encrypted cipher text transmitted by a transmitting terminal; and
      
      a decryption module, configured to acquire a random key created by the transmitting terminal from a network server according to the encrypted cipher text, and after acquiring the random key, decrypt the encrypted cipher text by using a common key negotiated with the transmitting terminal and the random key, or decrypt the encrypted cipher text by using the random key.

23-24. -24. (canceled)

27-30. -30. (canceled)

32-34. -34. (canceled)

35. A network server, comprising:
- a receiving module, configured to receive a request for creating a random key from a transmitting terminal, and receive a request for acquiring a random key created by the transmitting terminal from a receiving terminal;
  
  a random key creation and maintenance module, configured to, after receiving the request for creating the random key from the transmitting terminal, create and save the random key;
  
  a query module, configured to, after receiving the request for acquiring the random key created by the transmitting terminal from the receiving terminal, verify the receiving terminal, and query the random key created by the transmitting terminal after verification passes; and
  
  a transmission module, configured to transmit the created random key to the transmitting terminal; and
  
  transmit the queried random key to the receiving terminal.
- View Dependent Claims (36, 37, 38, 39, 41, 42)
- - 36. The network server according to claim 35, whereinthe random key comprises a random key ID and a key corresponding to the random key ID, and the random key comprises one or more pairs of random keys.
  - 37. The network server according to claim 36, whereinthe query module is configured to verify the receiving terminal by the following mode:
    - judging whether the request for acquiring the random key created by the transmitting terminal from the receiving terminal carries the random key ID, if the request carries the random key ID, the verification being passed, and if the request does not carry the random key ID, the verification being failed.
  - 38. The network server according to claim 37, whereinthe query module is further configured to, after the receiving terminal is verified and the verification is passed, judge whether the random key exists or in an unfrozen state, and transmit the queried random key to the receiving terminal when the random key exists or in the unfrozen state.
  - 39. The network server according to claim 36, whereinthe receiving module is further configured to receive an instruction of deleting or freezing the random key transmitted by the transmitting terminal, or receive a rule of deleting or freezing the random key set by the transmitting terminal on the network server;
    - andthe random key creation and maintenance module is further configured to delete or freeze the random key according to the instruction or the rule;
      
      wherein the rule of deleting or freezing the random key set by the transmitting terminal on the network server comprises one or more of the following;
      
      setting a timer, and deleting or freezing the random key when time after the random key is created on the network server reaches time set by the timer; and
      
      setting a threshold of times that the random key is queried by the same receiving terminal, and deleting or freezing the random key when times that the same receiving terminal queries the random key reach the threshold of times.
  - 41. The network server according to claim 39, whereinthe receiving module is further configured to receive an instruction of unfreezing the random key transmitted by the transmitting terminal;
    - andthe random key creation and maintenance module is further configured to unfreeze the random key according to the instruction.
  - 42. The network server according to claim 35, whereinthe request for creating the random key from the transmitting terminal further comprises setting a query rule of the random key;
    - the random key creation and maintenance module is further configured to set a query rule of the random key when the random key is created; and
      
      the query module is further configured to, when the receiving module receives the request for acquiring the random key created by the transmitting terminal from the receiving terminal, perform an authentication according to the request, pass the authentication when the request conforms to the query rule, and allow the receiving terminal to query;
      
      wherein the query rule of the random key comprises one or more of the following;
      
      a list of users allowed to query the random key;
      
      times allowed to query the random key; and
      
      time periods allowed to query the random key.

40. (canceled)

43-44. -44. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ZTE Corporation
Original Assignee
ZTE Corporation
Inventors
CHEN, Lu

Application Number

US15/520,895
Publication Number

US 20170338950A1
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/04   for providing a confidentia...

H04L 63/08   for authentication of entit...

H04L 9/0819   Key transport or distributi...

H04L 9/083   involving central third par...

H04L 9/0844   with user authentication or...

H04W 12/041   Key generation or derivation

H04W 12/0431   Key distribution or pre-dis...

METHOD, TERMINAL, AND NETWORK SERVER FOR INFORMATION ENCRYPTION AND DECRYPTION AND KEY MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

45 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD, TERMINAL, AND NETWORK SERVER FOR INFORMATION ENCRYPTION AND DECRYPTION AND KEY MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

45 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links