Method for transferring sensitive information using initially unsecured communication
First Claim
1. A method for transferring sensitive information to a first party using initially unsecured communication, comprising:
- (a) receiving, at said first party, a public key of a second party;
(b) producing an encryption result by performing keyed encryption on at least a first random number using said public key;
(c) transferring said encryption result from said first party to said second party;
(d) transferring authorizing information to said second party over a first encrypted and authenticated communication channel established using said first random number; and
(e) receiving sensitive information from said second party over a second encrypted and authenticated communication channel established using said first random number.
3 Assignments
0 Petitions
Accused Products
Abstract
In the method for transferring sensitive information using unsecured communication, a first party receives a public key of a second party, produces an encryption result by performing keyed encryption on at least a first random number using the public key, and transfers the encryption result to the second party over an unsecured communication channel. The second party decrypts the encryption result to obtain the first random number. Authorizing information is then transferred from the first party to the second party over a first encrypted and authenticated communication channel established using the first random number. Sensitive information is further transferred from the second party to the first party over a second encrypted and authenticated communication channel established using the first random number if the second party accepts the authorizing information. Numerous applications exist for the system and method, including the wireless industry wherein the first party is a mobile and the second party is a network.
-
Citations
17 Claims
-
1. A method for transferring sensitive information to a first party using initially unsecured communication, comprising:
-
(a) receiving, at said first party, a public key of a second party;
(b) producing an encryption result by performing keyed encryption on at least a first random number using said public key;
(c) transferring said encryption result from said first party to said second party;
(d) transferring authorizing information to said second party over a first encrypted and authenticated communication channel established using said first random number; and
(e) receiving sensitive information from said second party over a second encrypted and authenticated communication channel established using said first random number. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
(f) verifying said public key based on said certificate.
-
-
3. The method of claim 1, wherein said step (b) produces said encryption result by performing keyed encryption on said first random number and an identifier for said first party using said public key.
-
4. The method of claim 1, wherein said first and second encrypted and authenticated communication channels are a same channel.
-
5. The method of claim 1, wherein said step (d) comprises:
-
(d1) establishing said first and second encrypted and authenticated communication channels using said first random number; and
(d2) transferring authorizing information to said second party over said first encrypted and authenticated communication channel.
-
-
6. The method of claim 1, wherein said first party is a mobile and said second party is a network in a wireless communication system.
-
7. The method of claim 6, wherein said step (e) receives a root key, as said sensitive information, from said network.
-
8. The method of claim 6, wherein said first encrypted and authenticated communication channel is a voice channel.
-
9. The method of claim 1, prior to said step (b), furthe comprising:
(f) generating at least said first random number.
-
10. A method for transferring sensitive information from a first party using initially unsecured communication channel, comprising:
-
(a) outputting a public key of said first party;
(b) receiving, at said first party, an encryption result from a second party, said encryption result being a result of performing keyed encryption on at least a first random number using said public key of said first party;
(c) decrypting said encryption result to obtain said first random number;
(d) receiving authorizing information from said second party over a first encrypted and authenticated communication channel established using said first random number; and
(e) transferring sensitive information to said second party over a second encrypted and authenticated communication channel established using said first random number if said authorizing information is acceptable. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
(d1) establishing said first and second encrypted and authenticated communication channels using said first random number; and
(d2) receiving authorizing information from said second party over said first encrypted and authenticated communication channel.
-
-
14. The method of claim 10, wherein said first party is a network in a wireless communication system, and said second party is a mobile.
-
15. The method of claim 14, wherein
said encryption result is a result of performing keyed encryption on said first random number and an identifier for said mobile using said public key of said first party; -
said step (c) decrypts said encryption result to obtain said first random number and said identifier for said mobile; and
said step (e) transfers a root key, as said sensitive information, to said mobile; and
further including,(f) associating said root key with said identifier for said mobile.
-
-
16. The method of claim 14, wherein said step (e) transfers a root key, as said sensitive information, to said mobile.
-
17. The method of claim 14, wherein said first encrypted and authenticated communication channel is a voice channel.
Specification