Peer-to-peer communications

US 7,596,690 B2
Filed: 09/09/2004
Issued: 09/29/2009
Est. Priority Date: 09/09/2004
Status: Active Grant

First Claim

Patent Images

1. A method for establishing secure peer-to-peer communications comprising the steps of:

authenticating a requesting peer with a security agent;

generating an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes tile requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent;

sending the encrypted, peer-to-peer communication request to the security agent from the requesting peer;

authenticating the requested peer with the security agent;

generating a session key by the security agent;

generating a first encrypted instance of the session key by the security agent using a public key of the requested peer;

generating a second encrypted instance of the session key by the security agent using a public key of the requesting peer;

sending the first encrypted instance of the session key by the security agent to the requested peer;

sending the second encrypted instance of the session key by the security agent to the requesting peer;

encrypting data by the requesting peer using the second encrypted instance of the session key;

sending the encrypted data directly from the requesting peer to the requested peer; and

receiving the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A protocol for secure peer-to-peer communications is established based on existing cryptographic techniques and encryption algorithms. The peers (120, 130, 140) and a central security agent (110) undergo mutual authentication. A newly generated nonce is used for authentication, and a random session key is used for a session. The security agent (110) generates unique session keys for communication between peers (120, 130, 140). The security agent (110) removes the burden of mutual authentication between requested peer (130, 140) and the requesting peer (120), as the security agent (110) independently authenticates the requesting peer (120) and the requested peer (130, 140). The requested peer (130, 140) and the requesting peer (120) are sent a session key by the security agent (110).

52 Citations

View as Search Results

11 Claims

1. A method for establishing secure peer-to-peer communications comprising the steps of:
- authenticating a requesting peer with a security agent;
  
  generating an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes tile requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent;
  
  sending the encrypted, peer-to-peer communication request to the security agent from the requesting peer;
  
  authenticating the requested peer with the security agent;
  
  generating a session key by the security agent;
  
  generating a first encrypted instance of the session key by the security agent using a public key of the requested peer;
  
  generating a second encrypted instance of the session key by the security agent using a public key of the requesting peer;
  
  sending the first encrypted instance of the session key by the security agent to the requested peer;
  
  sending the second encrypted instance of the session key by the security agent to the requesting peer;
  
  encrypting data by the requesting peer using the second encrypted instance of the session key;
  
  sending the encrypted data directly from the requesting peer to the requested peer; and
  
  receiving the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method as claimed in claim 1, wherein the authenticating of a requesting peer with a security agent is part of a process of mutual authentication of the requesting peer and the security agent, and wherein the sending of the encrypted request for peer-to-peer communication with a requested peer that includes an identification of the requested peer occurs during the mutual authentication process.
  - 3. The method as claimed in claim 1, wherein the method includes mutual authentication of the requested peer and the security agent, and wherein the sending of the first encrypted instance of the session key by the security agent to the requested peer occurs during the mutual authentication of the requested peer and the security agent.
  - 4. The method as claimed in claim 1, further comprising the step of generating a message number at the requesting peer.
  - 5. The method as claimed in claim 1, further comprising the step of generating a message number at the requested peer.
  - 6. The method as claimed in claim 1, further comprising the step of generating message numbers at the security agent for the requesting peer and the requested peer.
  - 7. The method as claimed in claim 1, wherein the requesting peer requests to communicate with a number of requested peers and the encrypted session key is distributed to all of the requested peers.
  - 8. The method as claimed in claim 1, wherein the steps of authenticating comprise exchanging message numbers encrypted using public and private key pairs.
  - 9. The method as claimed in claim 1, further comprising the step of authenticating the security agent with the requesting peer.
  - 10. The method as claimed in claim 1, further comprising the step of authenticating the security agent with the requested peer.
  - 11. The method as claimed in claim 1, wherein the requesting peer requests to communicate with a number of requested peers and different encrypted session keys are distributed to the respective requested peers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Singh, Abhishek
Primary Examiner(s)
CERVETTI, DAVID GARCIA

Application Number

US10/937,051
Publication Number

US 20060053289A1
Time in Patent Office

1,846 Days
Field of Search

713/151, 713/155, 713/169
US Class Current

713/151
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

H04L 9/3273   for mutual authentication n...

Peer-to-peer communications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

11 Claims

Specification

Use Cases

Quick Links

Others

Peer-to-peer communications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

11 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others