Methods of exchanging secure messages

US 7,107,246 B2
Filed: 12/21/2001
Issued: 09/12/2006
Est. Priority Date: 04/27/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of exchanging secured messages between first and second registered PEAD users over the internet and a server utilizing at least one PEAD, comprising the steps of:

a PEAD sender obtaining a PEAD receiver'"'"'s public key using the receiver'"'"'s user ID as an index from the server;

the sender creating a shared secret using the receiver'"'"'s public key and said sender'"'"'s own private key;

the sender then electronically encrypting a message with the shared secret, and sending the encrypted message appended with the sender'"'"'s user ID and the receiver'"'"'s user ID to the receiver;

the receiver receiving the encrypted message appended the sender'"'"'s user ID and the receiver'"'"'s user ID from the sender;

the receiver requesting only the sender'"'"'s public key from the sender;

the receiver receiving the sender'"'"'s public key from the sender;

the receiver decrypting the encrypted message by deriving the shared secret using the sender'"'"'s public key and said receiver'"'"'s own private key, wherein the encrypted message remaining encrypted while handled by the server.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention enables a registered PEAD user to exchange a secure message with another registered PEAD user by using the user ID and the user public key information in the server. The sender can retrieve the public key information from the server 1201 using the receiver'"'"'s user ID as an index; then the sender can derive the shared secret using the receiver'"'"'s public key. The sender then can encrypt the message with the shared secret and send it over to a server with the other PEAD user'"'"'s (receiver'"'"'s) ID appended with the sender'"'"'s user ID over the wireless network and/or Internet. The server then stores the message and forwards the message to the receiver once the receiver'"'"'s PEAD is polling for messages. (It is understood in the art that the server can push the messages to the receiver'"'"'s PEAD).

The receiving PEAD user can use the sender'"'"'s PEAD user ID and sender'"'"'s public key information to derive the shared secret to decrypt a received secure message. Once a shared secret is computed or established by protocol between two users, that shared secret can be saved in the PEAD for future communication encryption/decryption usage.

112 Citations

View as Search Results

11 Claims

1. A method of exchanging secured messages between first and second registered PEAD users over the internet and a server utilizing at least one PEAD, comprising the steps of:
- a PEAD sender obtaining a PEAD receiver'"'"'s public key using the receiver'"'"'s user ID as an index from the server;
  
  the sender creating a shared secret using the receiver'"'"'s public key and said sender'"'"'s own private key;
  
  the sender then electronically encrypting a message with the shared secret, and sending the encrypted message appended with the sender'"'"'s user ID and the receiver'"'"'s user ID to the receiver;
  
  the receiver receiving the encrypted message appended the sender'"'"'s user ID and the receiver'"'"'s user ID from the sender;
  
  the receiver requesting only the sender'"'"'s public key from the sender;
  
  the receiver receiving the sender'"'"'s public key from the sender;
  
  the receiver decrypting the encrypted message by deriving the shared secret using the sender'"'"'s public key and said receiver'"'"'s own private key, wherein the encrypted message remaining encrypted while handled by the server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A method is claimed in claim 1 including the step storing one or more of the other PEAD users'"'"' share secret using the sender'"'"'s user ID as an index.
  - 3. A method as claimed in claim 2 including the step of the receiver checking for a stored shared secret in a shared secret table of the PEAD, and after finding the shared secret using the shared secret to decrypt the senders message.
  - 4. A method as claimed in claim 3 wherein if the receiver does not find a shared secret in the shared secret table of the receiver'"'"'s PEAD, then the receiver retrieves the sender'"'"'s public key information from the server using a sender'"'"'s user ID as an index.
  - 5. A method as claimed in claim 4 including the further step of the receiver using the receiver'"'"'s private key and the now-retrieved sender'"'"'s public key to compute the shared secret.
  - 6. A method as claimed in claim 5 including the further of storing the shared secret, using the sender'"'"'s user ID as an index.
  - 7. A method as claimed in claim 6 including the further step of periodically updating the shared secrets stored in the shared secret table to reflect a change in a public key.
  - 8. A method is claimed in claim 1 including the step of after the sender encrypts the message with the shared secret, sending it to the server with the receiver'"'"'s ID appended.
  - 9. A method as claimed in claim 1 including the step of forwarding the message when the receiver'"'"'s PEAD is polling for messages.
  - 10. A method as claimed in claim 1 including the step of the server pushing the message to the receiver'"'"'s PEAD.
  - 11. A method as claimed in claim 1, including the step of the sender causing the PEAD to generate a key pair comprising a public key and a private key, and then transferring the public key to a server to be stored and indexed by the sender'"'"'s user ID.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ServStor Technologies, LLC (IP Investments Group LLC)
Original Assignee
Esignx Corporation
Inventors
Wang, Ynjiun P.
Primary Examiner(s)
CHEUNG, MARY DA ZHI WANG

Application Number

US10/026,848
Publication Number

US 20020123967A1
Time in Patent Office

1,726 Days
Field of Search

705 50- 56, 705 64- 67, 705 71- 75, 705/44, 713150-157, 713160-175, 713179-180, 713182-185, 713/189, 713200-202, 380/255, 380/270, 380277-279, 380281-286, 235/375, 235/380
US Class Current

705/51
CPC Class Codes

G06F 21/35   communicating wirelessly

G06F 21/606   by securing the transmissio...

G06Q 20/02   involving a neutral party, ...

G06Q 20/18   involving self-service term...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3415   Cards acting autonomously a...

G06Q 20/363   with the personal data of a...

G06Q 20/382   insuring higher security of...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/40975   using encryption therefor

G07F 19/20   Automatic teller machines [...

G07F 7/0866   by active credit-cards adap...

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

G07F 7/1025   Identification of user by a...

H04L 2463/061   applying further key deriva...

H04L 2463/102   applying security measure f...

H04L 63/0414   during transmission, i.e. p...

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/0853 : using an additional device,...

View All

Methods of exchanging secure messages

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

112 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

Methods of exchanging secure messages

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

112 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others