System and method for centralized session key distribution, privacy enhanced messaging and information distribution using a split private key public cryptosystem
First Claim
1. In a secured communication encryption system in which users are each associated with a public encryption key and a private encryption key, said private encryption key being divided between a central authority key portion maintained by a central authority and a private user key portion assigned to the user, a method for effecting secure communications during a communications session between users comprising the steps of:
- generating a first user session encryption key by encrypting a session key with a combination of the public encryption key and the central authority key portion associated with a first user;
generating a second user session encryption key by encrypting a session key with a combination of the public encryption key and the central authority key portion associated with a second user;
decrypting said first user session encryption key by applying thereto the private user key portion of said first user to obtain a common session encryption key available to said first user;
decrypting said second user session encryption key by applying thereto the private user key portion of said second user to obtain said common session encryption key available to said second user; and
using said common session encryption key for encrypting and decrypting a first message exchanged during the session.
3 Assignments
0 Petitions
Accused Products
Abstract
A encryption method and system using split key public encryption. A first and second user private encryption key and a corresponding first and second user public encryption key are generated. The first and second user private encryption keys are divided into a first and second private user key portion and a corresponding first and second central authority key portion. The first and second private user key portions are respectively disclosed to the first and second users. The central authority key portions and the user public encryption keys are maintained by a central authority (CA). The first user request a communications session with the second user through the CA. After receiving the request, the CA encrypts a session encryption key with (i) the central authority key portion and user public encryption key associated with a first user to form a first encrypted session key and (ii) the central authority key portion and user public encryption key associated with the second user to form a second encrypted session key. The first encrypted session key is provided to the first user and the second encrypted session key is provided to the second user. The first user applies the first user'"'"'s private user key portion to decrypt the first encrypted session key and the second user applies the second user'"'"'s private user key portion to decrypt the second encrypted session key. The first user and the second user apply the decrypted common session key to encrypt and decrypt messages exchanged during a communications session. The method and system also provide for authorized wiretapping, video and data distribution and private enhanced messaging (PEM).
286 Citations
25 Claims
-
1. In a secured communication encryption system in which users are each associated with a public encryption key and a private encryption key, said private encryption key being divided between a central authority key portion maintained by a central authority and a private user key portion assigned to the user, a method for effecting secure communications during a communications session between users comprising the steps of:
-
generating a first user session encryption key by encrypting a session key with a combination of the public encryption key and the central authority key portion associated with a first user; generating a second user session encryption key by encrypting a session key with a combination of the public encryption key and the central authority key portion associated with a second user; decrypting said first user session encryption key by applying thereto the private user key portion of said first user to obtain a common session encryption key available to said first user; decrypting said second user session encryption key by applying thereto the private user key portion of said second user to obtain said common session encryption key available to said second user; and using said common session encryption key for encrypting and decrypting a first message exchanged during the session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A secured communication encryption system in which users are each associated with a public encryption key and a private encryption key, said private encryption key being divided between a central authority key portion maintained by a central authority and a private user key portion assigned to the user, comprising:
-
means for storing said central authority key portions and said public encryption keys; means for generating a first user session encryption key by encrypting a session key with a combination of the public encryption key and the central authority key portion associated with said first user; means for generating a second user session encryption key by encrypting the session key with a combination of the public encryption key and the central authority key portion associated with said second user; means for decrypting said first session encryption key by applying thereto the private user key portion of said first user to obtain a common session encryption key available to said first user; means for decrypting said second session encryption key by applying thereto the private user key portion of said second user to obtain said common session encryption key available to said second user; and means for using said common session encryption key for encrypting and decrypting a first message exchange during a session between the first and second users. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification