IDENTITY AND CONTENT AUTHENTICATION FOR PHONE CALLS
First Claim
Patent Images
1. A method for call authentication comprising:
- an enrollment protocol that ensures users control the number they claim to own;
a handshake protocol that mutually authenticates the calling parties; and
a call integrity protocol that ensures the security of the voice channel and the content it carries.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for call authentication are provided. A method can include an enrollment protocol that ensures users control the number they claim to own, a handshake protocol that mutually authenticates the calling parties, and a call integrity protocol that ensures the security of the voice channel and the content it carries. A server can act as either an endpoint or intermediary between user clients and client-server architecture can be employed. All protocols can include end-to-end cryptography and the enrollment protocol can issue a certificate that binds the identity of the client to a phone number.
157 Citations
20 Claims
-
1. A method for call authentication comprising:
-
an enrollment protocol that ensures users control the number they claim to own; a handshake protocol that mutually authenticates the calling parties; and a call integrity protocol that ensures the security of the voice channel and the content it carries. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of authentication, comprising:
-
performing an enrollment protocol between a client and a server to ensure that a user controls a phone number and to issue a certificate to the user; performing a handshake protocol between two calling parties including a caller and a callee through the server to authenticate the two calling parties; and performing a call integrity protocol to ensure security of a voice channel and a content it carries. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method of authentication, comprising:
-
performing an enrollment protocol between a client and a server to ensure that a user controls a phone number and to issue a certificate to the user; performing a handshake protocol between two calling parties including a caller and a callee through the server to authenticate the two calling parties; and performing a call integrity protocol to ensure security of a voice channel and a content it carries, wherein the enrollment protocol comprises; sending an enrollment request with the server'"'"'s identity, the client'"'"'s identity information, the client'"'"'s phone number, and the client'"'"'s public key by the client; sending a nonce NNet, the identities of the client and the server, and the phone numbers of the client and the server with a timestamp by the server; sending the nonce NNet and an audio nonce NAudio by the client; and replying with a signed certificate issued to the client by the server, wherein the handshake protocol comprises; indicating by the caller to the server that the caller want to place a call; informing by the server to the callee that an authenticated voice call is coming; and informing by the server to the caller whether the callee is using the authenticated voice call, and wherein the call integrity protocol comprises; sending a message indicating that a voice call is complete, and including a timestamp and a hash message authentication code (HMAC) of the timestamp by the caller and the callee; sending other audio digests by the caller and the callee after the voice call begins; and sending a call concluded message containing a timestamp with an HMAC.
-
Specification