Computer program product and computer system for peer-to-peer communications

US 8,086,847 B2
Filed: 07/13/2009
Issued: 12/27/2011
Est. Priority Date: 09/09/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A computer program product for secure peer-to-peer communications, the program product comprising:

a computer readable storage device having computer readable program code embodied therewith, the computer readable program code comprising;

computer readable code configured to authenticate a requesting peer with a security agent;

computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes the requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent;

computer readable code configured to send the encrypted, peer-to-peer communication request to the security agent from the requesting peer;

computer readable code configured to authenticate the requested peer with the security agent;

computer readable code configured to generate a session key by the security agent;

computer readable code configured to generate a first encrypted instance of the session key by the security agent using a public key of the requested peer;

computer readable code configured to generate a second encrypted instance of the session key by the security agent using a public key of the requesting peer;

computer readable code configured to send the first encrypted instance of the session key by the security agent to the requested peer;

computer readable code configured to send the second encrypted instance of the session key by the security agent to the requesting peer;

computer readable code configured to encrypt data by the requesting peer using the second encrypted instance of the session key;

computer readable code configured to send the encrypted data directly from the requesting peer to the requested peer; and

computer readable code configured to receive the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An encrypted request for peer-to-peer communication includes a requesting peer encrypting a requested peer identification using a public key of a security agent. The requesting peer sends the encrypted request to a security agent, which generates a first encrypted instance of the session key using a public key of the requested peer and a second encrypted instance of the session key using a public key of the requesting peer. The first encrypted instance of the session key is sent to the requested peer and the second encrypted instance of the session key is sent to the requesting peer. The requesting peer encrypts data using the second encrypted instance of the session key and sends the encrypted data to the requested peer, which decrypts the encrypted data using the first instance of the encrypted session key.

42 Citations

View as Search Results

20 Claims

1. A computer program product for secure peer-to-peer communications, the program product comprising:
- a computer readable storage device having computer readable program code embodied therewith, the computer readable program code comprising;
  
  computer readable code configured to authenticate a requesting peer with a security agent;
  
  computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes the requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent;
  
  computer readable code configured to send the encrypted, peer-to-peer communication request to the security agent from the requesting peer;
  
  computer readable code configured to authenticate the requested peer with the security agent;
  
  computer readable code configured to generate a session key by the security agent;
  
  computer readable code configured to generate a first encrypted instance of the session key by the security agent using a public key of the requested peer;
  
  computer readable code configured to generate a second encrypted instance of the session key by the security agent using a public key of the requesting peer;
  
  computer readable code configured to send the first encrypted instance of the session key by the security agent to the requested peer;
  
  computer readable code configured to send the second encrypted instance of the session key by the security agent to the requesting peer;
  
  computer readable code configured to encrypt data by the requesting peer using the second encrypted instance of the session key;
  
  computer readable code configured to send the encrypted data directly from the requesting peer to the requested peer; and
  
  computer readable code configured to receive the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.

2. The computer program product of 1, wherein the authenticating of a requesting peer with a security agent is included in a mutual authentication of the requesting peer and the security agent, and wherein the sending of the encrypted request for peer-to-peer communication with a requested peer that includes an identification of the requested peer occurs during the mutual authentication.

3. The computer program product of 1, wherein the computer program product comprises computer readable code configured to mutually authenticate the requested peer and the security agent, and wherein the sending of the first encrypted instance of the session key by the security agent to the requested peer occurs during the mutual authentication of the requested peer and the security agent.

4. The computer program product of 1, wherein the computer program product comprises computer readable code configured to generate a message number at the requesting peer.

5. The computer program product of 1, wherein the computer program product comprises computer readable code configured to generate a message number at the requested peer.

6. The computer program product of 1, wherein the computer program product comprises computer readable code configured to generate message numbers at the security agent for the requesting peer and the requested peer.

7. The computer program product of 1, wherein the computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer includes computer readable code configured to generate requests for a requesting peer to communicate with a number of requested peers and wherein the computer program product comprises computer readable code configured to distribute the encrypted session key to all of the requested peers.

8. The computer program product of 1, wherein the computer program product comprises computer readable code configured to authenticate the security agent with the requesting peer.

9. The computer program product of 1, wherein the computer program product comprises computer readable code configured to authenticate the security agent with the requested peer.

10. The computer program product of 1, wherein the computer readable code configured to generate an encrypted request for peer-to-peer communication with a requested peer includes computer readable code configured to generate requests for requesting a peer to communicate with a number of requested peers and wherein the computer program product comprises computer readable code configured to distribute different encrypted session keys to the respective requested peers.

11. A computer system comprising:
- at least one storage system having a stored program; and
  
  at least one processor, operable to process the program, wherein the system is configured by the program and the processor to;
  
  authenticate a requesting peer with a security agent;
  
  generate an encrypted request for peer-to-peer communication with a requested peer, wherein the request includes an identification of the requested peer and the generating of the request includes the requesting peer encrypting the requested peer identification, wherein the encrypting uses a public key of the security agent;
  
  send the encrypted, peer-to-peer communication request to the security agent from the requesting peer;
  
  authenticate the requested peer with the security agent;
  
  generate a session key by the security agent;
  
  generate a first encrypted instance of the session key by the security agent using a public key of the requested peer;
  
  generate a second encrypted instance of the session key by the security agent using a public key of the requesting peer;
  
  send the first encrypted instance of the session key by the security agent to the requested peer;
  
  send the second encrypted instance of the session key by the security agent to the requesting peer;
  
  encrypt data by the requesting peer using the second encrypted instance of the session key;
  
  send the encrypted data directly from the requesting peer to the requested peer; and
  
  receiving the encrypted data and decrypting the encrypted data by the requested peer, wherein the decrypting uses the first instance of the encrypted session key.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computer system of claim 11, wherein the authenticating of a requesting peer with a security agent is part of a process of mutual authentication of the requesting peer and the security agent, and wherein the sending of the encrypted request for peer-to-peer communication with a requested peer that includes an identification of the requested peer occurs during the mutual authentication process.
  - 13. The computer system of claim 11, wherein the authenticating includes mutual authentication of the requested peer and the security agent, and wherein the sending of the first encrypted instance of the session key by the security agent to the requested peer occurs during the mutual authentication of the requested peer and the security agent.
  - 14. The computer system of claim 11, wherein the system is configured by the program and the processor to:
    - generate a message number at the requesting peer.
  - 15. The computer system of claim 11, wherein the system is configured by the program and the processor to:
    - generate a message number at the requested peer.
  - 16. The computer system of claim 11, wherein the system is configured by the program and the processor to:
    - generate message numbers at the security agent for the requesting peer and the requested peer.
  - 17. The method as claimed in claim 11, wherein the generating of an encrypted request for peer-to-peer communication with a requested peer includes generating requests for a requesting peer to communicate with a number of requested peers and the encrypted session key is distributed to all of the requested peers.
  - 18. The computer system of claim 11, wherein the system is configured by the program and the processor to:
    - authenticate the security agent with the requesting peer.
  - 19. The computer system of claim 11, wherein the system is configured by the program and the processor to:
    - authenticate the security agent with the requested peer.
  - 20. The computer system of claim 11, wherein the generating of an encrypted request for peer-to-peer communications with a requested peer includes generating requests for a requesting peer to communicate with a number of requested peers and different encrypted session keys are distributed to the respective requested peers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Kyndryl Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Singh, Abhishek
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US12/502,175
Publication Number

US 20100023766A1
Time in Patent Office

897 Days
Field of Search

713/151, 713/155, 713/169
US Class Current

713/151
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/321   involving a third party or ...

H04L 9/3273   for mutual authentication n...

Computer program product and computer system for peer-to-peer communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

42 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Computer program product and computer system for peer-to-peer communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

42 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others