Method and system for secure communication using hash-based message authentication codes

US 8,560,849 B2
Filed: 03/23/2011
Issued: 10/15/2013
Est. Priority Date: 03/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method for secure communication using hash-based message authentication codes, comprising:

generating by a server a shared secret, a first counter value and a second counter value;

generating by an encryption module executed on a computing device a first hash-based message authentication code from said shared secret and said first counter value stored in storage of said computing device;

generating by said encryption module executed on said computing device a second hash-based message authentication code from said shared secret and said second counter value;

deriving by said encryption module executed on said computing device an encryption key from a first function of said first hash-based message authentication code and said second hash-based message authentication code;

wherein said first function includes at least a portion of a concatenation of said first and second hash-based message authentication codes; and

encrypting by said encryption module executed on said computing device a message using said encryption key; and

communicating said encrypted message via a network interface of said computing device.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for secure communication is provided. A first hash-based message authentication code is generated from a shared secret and a first counter value stored in storage of a computing device. A second hash-based message authentication code is generated from such shared secret and a second counter value. An encryption key is derived from a function of the first hash-based message authentication code and the second hash-based message authentication code. A message is encrypted using the encryption key, and communicated via a network interface of the computing device.

Citations

8 Claims

1. A method for secure communication using hash-based message authentication codes, comprising:
- generating by a server a shared secret, a first counter value and a second counter value;
  
  generating by an encryption module executed on a computing device a first hash-based message authentication code from said shared secret and said first counter value stored in storage of said computing device;
  
  generating by said encryption module executed on said computing device a second hash-based message authentication code from said shared secret and said second counter value;
  
  deriving by said encryption module executed on said computing device an encryption key from a first function of said first hash-based message authentication code and said second hash-based message authentication code;
  
  wherein said first function includes at least a portion of a concatenation of said first and second hash-based message authentication codes; and
  
  encrypting by said encryption module executed on said computing device a message using said encryption key; and
  
  communicating said encrypted message via a network interface of said computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - generating a one-time password using one of said first and second hash-based message authentication codes.
  - 3. The method of claim 2, further comprising:
    - communicating said one-time password to enable determination of one of said first and second counter values.
  - 4. The method of claim 1, further comprising:
    - combining said encryption key with an initialization vector for decrypting said message.
  - 5. The method of claim 1, wherein said encrypting comprises:
    - generating an initialization vector as a second function of at least one of said first and second hash-based message authentication codes; and
      
      encrypting said message using said encryption key concatenated with said initialization vector.
  - 6. The method of claim 5, wherein said generating comprises setting said initialization vector as a portion of said second hash-based message authentication code.
  - 7. The method of claim 1, further comprising:
    - communicating an identifier for said shared secret and said counter with said encrypted message.
  - 8. The method of claim 1, further comprising:
    - receiving an encrypted response; and
      
      decrypting said encrypted response using said encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IQVIA, Inc. (IQVIA Holdings, Inc.)
Original Assignee
Diversinet Corporation
Inventors
Machani, Salah, Sun, Jun, Teslenko, Konstantin
Primary Examiner(s)
Pham, Luu
Assistant Examiner(s)
BROWN, DE'MARIS R

Application Number

US13/069,556
Publication Number

US 20110238989A1
Time in Patent Office

937 Days
Field of Search

None
US Class Current

713/168
CPC Class Codes

H04L 9/0637   Modes of operation, e.g. ci...

H04L 9/3228   One-time or temporary data,...

H04L 9/3242   involving keyed hash functi...

Method and system for secure communication using hash-based message authentication codes

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure communication using hash-based message authentication codes

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links