Computer program product and computer system for peer-to-peer communications
First Claim
1. A computer program product for secure peer-to-peer communications, the program product comprising:
- a computer readable storage device having computer readable program code embodied therewith, the computer readable program code comprising;
computer readable code configured to authenticate a requesting peer with a security agent;
computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes the requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent;
computer readable code configured to send the encrypted, peer-to-peer communication request to the security agent from the requesting peer;
computer readable code configured to authenticate the requested peer with the security agent;
computer readable code configured to generate a session key by the security agent;
computer readable code configured to generate a first encrypted instance of the session key by the security agent using a public key of the requested peer;
computer readable code configured to generate a second encrypted instance of the session key by the security agent using a public key of the requesting peer;
computer readable code configured to send the first encrypted instance of the session key by the security agent to the requested peer;
computer readable code configured to send the second encrypted instance of the session key by the security agent to the requesting peer;
computer readable code configured to encrypt data by the requesting peer using the second encrypted instance of the session key;
computer readable code configured to send the encrypted data directly from the requesting peer to the requested peer; and
computer readable code configured to receive the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.
1 Assignment
0 Petitions
Accused Products
Abstract
An encrypted request for peer-to-peer communication includes a requesting peer encrypting a requested peer identification using a public key of a security agent. The requesting peer sends the encrypted request to a security agent, which generates a first encrypted instance of the session key using a public key of the requested peer and a second encrypted instance of the session key using a public key of the requesting peer. The first encrypted instance of the session key is sent to the requested peer and the second encrypted instance of the session key is sent to the requesting peer. The requesting peer encrypts data using the second encrypted instance of the session key and sends the encrypted data to the requested peer, which decrypts the encrypted data using the first instance of the encrypted session key.
42 Citations
20 Claims
-
1. A computer program product for secure peer-to-peer communications, the program product comprising:
-
a computer readable storage device having computer readable program code embodied therewith, the computer readable program code comprising; computer readable code configured to authenticate a requesting peer with a security agent; computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes the requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent; computer readable code configured to send the encrypted, peer-to-peer communication request to the security agent from the requesting peer; computer readable code configured to authenticate the requested peer with the security agent; computer readable code configured to generate a session key by the security agent; computer readable code configured to generate a first encrypted instance of the session key by the security agent using a public key of the requested peer; computer readable code configured to generate a second encrypted instance of the session key by the security agent using a public key of the requesting peer; computer readable code configured to send the first encrypted instance of the session key by the security agent to the requested peer; computer readable code configured to send the second encrypted instance of the session key by the security agent to the requesting peer; computer readable code configured to encrypt data by the requesting peer using the second encrypted instance of the session key; computer readable code configured to send the encrypted data directly from the requesting peer to the requested peer; and computer readable code configured to receive the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.
-
-
2. The computer program product of 1, wherein the authenticating of a requesting peer with a security agent is included in a mutual authentication of the requesting peer and the security agent, and wherein the sending of the encrypted request for peer-to-peer communication with a requested peer that includes an identification of the requested peer occurs during the mutual authentication.
-
3. The computer program product of 1, wherein the computer program product comprises computer readable code configured to mutually authenticate the requested peer and the security agent, and wherein the sending of the first encrypted instance of the session key by the security agent to the requested peer occurs during the mutual authentication of the requested peer and the security agent.
-
4. The computer program product of 1, wherein the computer program product comprises computer readable code configured to generate a message number at the requesting peer.
-
5. The computer program product of 1, wherein the computer program product comprises computer readable code configured to generate a message number at the requested peer.
-
6. The computer program product of 1, wherein the computer program product comprises computer readable code configured to generate message numbers at the security agent for the requesting peer and the requested peer.
-
7. The computer program product of 1, wherein the computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer includes computer readable code configured to generate requests for a requesting peer to communicate with a number of requested peers and wherein the computer program product comprises computer readable code configured to distribute the encrypted session key to all of the requested peers.
-
8. The computer program product of 1, wherein the computer program product comprises computer readable code configured to authenticate the security agent with the requesting peer.
-
9. The computer program product of 1, wherein the computer program product comprises computer readable code configured to authenticate the security agent with the requested peer.
-
10. The computer program product of 1, wherein the computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer includes computer readable code configured to generate requests for requesting a peer to communicate with a number of requested peers and wherein the computer program product comprises computer readable code configured to distribute different encrypted session keys to the respective requested peers.
-
11. A computer system comprising:
-
at least one storage system having a stored program; and at least one processor, operable to process the program, wherein the system is configured by the program and the processor to; authenticate a requesting peer with a security agent; generate an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes the requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent; send the encrypted, peer-to-peer communication request to the security agent from the requesting peer; authenticate the requested peer with the security agent; generate a session key by the security agent; generate a first encrypted instance of the session key by the security agent using a public key of the requested peer; generate a second encrypted instance of the session key by the security agent using a public key of the requesting peer; send the first encrypted instance of the session key by the security agent to the requested peer; send the second encrypted instance of the session key by the security agent to the requesting peer; encrypt data by the requesting peer using the second encrypted instance of the session key; send the encrypted data directly from the requesting peer to the requested peer; and receiving the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification