Encryption and decryption method and apparatus

US 6,009,173 A
Filed: 01/31/1997
Issued: 12/28/1999
Est. Priority Date: 01/31/1997
Status: Expired due to Term

First Claim

Patent Images

1. A method for efficient encryption and decryption, comprising the steps of:

encrypting a message at a sending unit which is to be sent to a receiving unit using a message key;

appending to the message at the sending unit the message key encrypted using a receiver'"'"'s public key;

subsequently appending a sender'"'"'s certificate at a first server;

extracting the sender'"'"'s certificate at a second server;

decrypting the message key at the receiving unit using a receiver'"'"'s private key to provide a decrypted message key;

subsequently decrypting the message using the decrypted message key.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for efficient encryption and decryption (100) comprises the steps of encrypting a message (104) at a sending unit which is to be sent to a receiving unit using a message key (106) and appending to the message at the sending unit the message key encrypted (108 and 109) using a receiver'"'"'s public key (110). Subsequently, a sender'"'"'s certificate (116) is appended at a first server (302) and extracted at a second server (310). The message key is then decrypted at the receiving unit using a receiver'"'"'s private key (140) to provide a decrypted message key. Subsequently the message is decrypted using the decrypted message key (142 & 143) and authenticated by comparing a pair of digest (152 and 156).

Citations

24 Claims

1. A method for efficient encryption and decryption, comprising the steps of:
- encrypting a message at a sending unit which is to be sent to a receiving unit using a message key;
  
  appending to the message at the sending unit the message key encrypted using a receiver'"'"'s public key;
  
  subsequently appending a sender'"'"'s certificate at a first server;
  
  extracting the sender'"'"'s certificate at a second server;
  
  decrypting the message key at the receiving unit using a receiver'"'"'s private key to provide a decrypted message key;
  
  subsequently decrypting the message using the decrypted message key.
- View Dependent Claims (2, 5, 6)
- - 2. A method for efficient encryption and decryption of claim 1, wherein the step of encrypting a message further comprises the step of adding a signature by generating a digest of the message using a one-way function and encrypting the digest using a private key to create a encrypted signed message, the private key corresponding to a public key embedded in the sender'"'"'s certificate.
  - 5. The method of claim 2, wherein the method further comprises the steps of encrypting the message with the sender'"'"'s certificate using a server session key providing an encrypted signed message with certificate, and decrypting the encrypted signed message with certificate at the second server using the server session key.
  - 6. The method of claim 5, wherein the server session key is encrypted using a receiving server'"'"'s public key retrieved from the first server and catenated to the encrypted signed message with certificate as an envelope.

3. A method for efficient encryption and decryption, comprising the steps of:
- encrypting a message at a sending unit which is to be sent to a receiving unit using a message key;
  
  appending to the message at the sending unit the message key encrypted using a receiver'"'"'s public key;
  
  subsequently appending a sender'"'"'s certificate at a first server;
  
  encrypting the message and the sender'"'"'s certificate using a server session key to provide an encrypted message with certificate,decrypting the encrypted message and sender'"'"'s certificate at a second server using the server session keyextracting the sender'"'"'s certificate at the second server;
  
  decrypting the message key at the receiving unit using a receiver'"'"'s private key to provide a decrypted message key; and
  
  subsequently decrypting the message using the decrypted message key.
- View Dependent Claims (4)
- - 4. The method of claim 3, wherein the server session key is encrypted using a receiving server'"'"'s public key retrieved from the first server and catenated to the encrypted signed message with certificate as an envelope.

7. A method of efficiently transporting an encrypted signed message with envelope from a sender to a receiver using a sending server and a receiving server, the receiving server using an asymmetric public-private pair of keys, the method comprising the steps of:
- encrypting a certificate using a server-to-server session key to create an encrypted certificate and catenating the encrypted certificate with an envelope containing the server-to-server session key encrypted with a receiving server'"'"'s asymmetric public key to create an encrypted certificate with envelope; and
  
  catenating the encrypted signed message with envelope to the encrypted certificate with envelope.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The method of claim 7, wherein the method further comprises the steps of decrypting the server-to-server session key using the receiving server'"'"'s private key.
  - 9. The method of claim 8, wherein the method further comprises the step of separating the certificate from the encrypted signed message with envelope and further decrypting the certificate using the server to server session key.
  - 10. The method of claim 9, wherein the method further comprises the step of extracting the sender'"'"'s public key from a certificate at the receiving server.
  - 11. The method of claim 10, wherein the method further comprises the step at a receiver of separating the envelope from the encrypted signed message and decrypting the envelope to provide a sender-receiver session key.
  - 12. The method of claim 11, wherein the method further comprises the step at the receiver of decrypting the encrypted signed message and signature using the sender-receiver session key.
  - 13. The method of claim 12, wherein the method further comprises the step at the receiver of decrypting the signature into a digest using the sender'"'"'s public key.
  - 14. The method of claim 13, wherein the method further comprises the step at the receiver of authenticating the signature associated with the message by separating the message by passing the message through a hash function and obtaining an actual digest which is compared with the digest found by decrypting the signature using the sender'"'"'s public key.

15. A remote certificate server for use in wireless communication, comprising:
- a sender server portion for receiving an encrypted wireless message with envelope, comprising;
  
  a memory for storing the encrypted wireless message; and
  
  a processor for encrypting a certificate with a server to server session key to provided an encrypted certificate and for appending the encrypted certificate with the encrypted wireless message with envelope to provide an encrypted certificate and wireless message with envelope, the processor further encrypting the server to server session key by using a receiver server portion'"'"'s asymmetric public key to provide an encrypted server to server session key, wherein the encrypted server to server session key is appended to the encrypted certificate and wireless message with envelope.
- View Dependent Claims (16, 17)
- - 16. The remote certificate server of claim 15, wherein the remote certificate server further comprises a receiver server portion for receiving the encrypted server to server session key appended to the encrypted certificate and wireless message with envelope, wherein the receiver server portion comprises:
    - a memory for storing the encrypted server to server session key appended to the encrypted certificate and wireless message with envelope; and
      
      a processor for recovering the server to server session key using an asymmetric private key corresponding to the receiver server portion'"'"'s asymmetric public key and for separating the encrypted certificate from the encrypted wireless message with envelope and for decrypting the encrypted certificate.
  - 17. The remote certificate server of claim 16, wherein sender server portion and the receiver server portion are coupled via a wireline network.

18. A method of efficiently transporting an encrypted signed message with envelope from a sender to a receiver using a sending server and a receiving server, the receiving server using an asymmetric public-private pair of keys, the method comprising the steps of:
- sending the encrypted signed message to the receiver from the sender which triggers an inquiry between the sending server and the receiving server as to whether a certificate needs to be delivered to the receiver;
  
  sending the certificate to the receiver if there is no prior receipt of a certificate or if the certificate is expired or otherwise invalid, otherwise sending portions of the certificate as needed as determined by the inquiry between the sending server and the receiving server, wherein if the inquiry between the sending server and the receiving server determines that the certificate or portions thereof needs to be sent to the receiver, the method then further comprises the steps of;
  
  encrypting the certificate or portions thereof using a server-to-server session key to create an encrypted certificate and catenating the encrypted certificate with an envelope containing the server-to-server session key encrypted with a receiving server'"'"'s asymmetric public key to create an encrypted certificate with envelope;
  
  catenating the encrypted signed message with envelope to the encrypted certificate with envelope; and
  
  decrypting the encrypted certificate or portions thereof as needed by the receiver.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, wherein the method further comprises the steps of decrypting the server-to-server session key using a receiving server'"'"'private key.
  - 20. The method of claim 19, wherein the method further comprises the step of separating the certificate from the encrypted signed message with envelope and further decrypting the certificate using the server to server session key.
  - 21. The method of claim 20, wherein the method further comprises the step of extracting the sender'"'"'s public key from the certificate at the receiving server.

22. A method of efficiently transporting a signed message from a sender to a receiver using a sending server and a receiving server, the method comprising the steps of:
- sending a signed message from a sending unit for receipt at a receiving unit;
  
  subsequently encrypting and appending a sender'"'"'s certificate as encrypted at a first server to the signed message;
  
  extracting the sender'"'"'s certificate at a second server; and
  
  receiving the signed message at the receiving unit and reading the message at the receiving unit using a set of information from the sender'"'"'s certificate.
- View Dependent Claims (23, 24)
- - 23. The method of claim 22, wherein the step of receiving the signed message includes the step of using the set of information selected from the group of name, public key, signature authority, expiration date, validity period, date of issued, and control numbers.
  - 24. The method of claim 22, wherein the step of sending a signed message further comprises the step of sending an encrypted signed message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Sumner, Terence Edward
Primary Examiner(s)
Barron, Jr., Gilberto

Application Number

US08/791,968
Time in Patent Office

1,061 Days
Field of Search

380/30, 380/21, 380/49
US Class Current

713/156
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 63/045   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/12   Applying verification of th...

H04L 9/0825   using asymmetric-key encryp...

Encryption and decryption method and apparatus

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Encryption and decryption method and apparatus

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links