Method for key management of point-to-point communications
First Claim
1. A method of secure key distribution in a communication system having a plurality of subscriber units and an infrastructure communication center, comprising:
- (a) requesting, by a first subscriber unit to the infrastructure communication center, a secure communication link with a second subscriber unit, the request including an encrypted session encryption key, the session encryption key being encrypted with a first subscriber registration key;
(b) decrypting, by the infrastructure communication center, the encrypted session encryption key with the first subscriber registration key;
(c) re-encrypting, by the infrastructure communication center, the session encryption key with a second subscriber registration key; and
(d) sending the encrypted session encryption key to the second subscriber unit.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of secure key distribution in a communication system having a plurality of subscriber units and an infrastructure communication center is provided. A first subscriber unit sends a request to the infrastructure communication center for a secure communication link with a second subscriber unit. This request includes an encrypted session encryption key which was encrypted with a first subscriber registration key. The infrastructure communication center decrypts the encrypted session encryption key with the first subscriber registration key. Subsequently, the infrastructure communication center re-encrypts the session encryption key with a second subscriber registration key. This re-encrypted session encryption key is sent to the second subscriber unit. In an alternative method, the first subscriber unit and the infrastructure communication center a priori know a session key. Therefore, the infrastructure communication center only needs to encrypt and send the session encryption key to the second subscriber unit, in response to a request by the first subscriber unit.
156 Citations
22 Claims
-
1. A method of secure key distribution in a communication system having a plurality of subscriber units and an infrastructure communication center, comprising:
-
(a) requesting, by a first subscriber unit to the infrastructure communication center, a secure communication link with a second subscriber unit, the request including an encrypted session encryption key, the session encryption key being encrypted with a first subscriber registration key; (b) decrypting, by the infrastructure communication center, the encrypted session encryption key with the first subscriber registration key; (c) re-encrypting, by the infrastructure communication center, the session encryption key with a second subscriber registration key; and (d) sending the encrypted session encryption key to the second subscriber unit. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of secure key distribution in a communication system having a plurality of subscriber units and an infrastructure communication center, comprising:
-
(a) requesting, by a first subscriber unit to the infrastructure communication center, a secure communication link with a second subscriber unit, the request including an encrypted session encryption key, the session encryption key being encrypted with a first subscriber registration key; (b) decrypting, by the infrastructure communication center, the encrypted session encryption key with the first subscriber registration key; (c) re-encrypting, by the infrastructure communication center, the session encryption key with a second subscriber registration key; (d) deleting, by the infrastructure communication center, the decrypted session encryption key from a memory device; (e) sending the encrypted session encryption key to the second subscriber unit; (f) decrypting, by the second subscriber unit, the encrypted session encryption key with the second subscriber registration key; and (g) communicating a message encrypted by the session encryption key from the first subscriber unit to the second subscriber unit transparently through the infrastructure communication center. - View Dependent Claims (9, 10, 11)
-
-
12. A method of secure key distribution in a communication system having a plurality of subscriber units and an infrastructure communication center, comprising:
-
(a) requesting, by a first subscriber unit to the infrastructure communication center, a secure communication link with a second subscriber unit, the first subscriber unit and the infrastructure communication center a priori knowing a session key; (b) encrypting, by the infrastructure communication center, the session encryption key with a second subscriber registration key; and (c) sending tire encrypted session encryption key to the second subscriber unit. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A method of secure key distribution in a communication system having a plurality of subscriber units and an infrastructure communication center, comprising:
-
(a) requesting, by a first subscriber unit to the infrastructure communication center, a secure communication link with a second subscriber unit, the first subscriber unit and the infrastructure communication center a priori knowing a session key; (b) encrypting, by the infrastructure communication center, the session encryption key with a second subscriber registration key; (c) deleting, by the infrastructure communication center, the decrypted session encryption key from a memory device; (d) sending the encrypted session encryption key to the second subscriber unit; (e) decrypting, by the second subscriber unit, the encrypted session encryption key with the second subscriber registration key; and (f) communicating a message encrypted by the session encryption key from the first subscriber unit to the second subscriber unit transparently through the infrastructure communication center. - View Dependent Claims (20, 21, 22)
-
Specification