Systems and methods for secure communication using a communication encryption bios based upon a message specific identifier

US 8,619,986 B2
Filed: 07/21/2011
Issued: 12/31/2013
Est. Priority Date: 07/21/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A method of securely communicating a message between a first device and a second device using a message specific identifier and a server, comprising the steps of:

receiving an encryption key request server by the server from the first device, wherein the encryption key request is based upon the message specific identifier associated with a plurality of attributes associated with the message and the first device;

selecting by the server a current one of a plurality of random character sets, each of the random character sets being periodically generated by the server and stored in a memory on the server, each of the random character sets being referenced by a unique random character set identifier;

parsing the encryption key request and the message specific identifier by the server to provide an intermediate argument used to enter the current random character set, the intermediate argument associated with an entry point in the current random character set;

determining, by the server, which of a plurality of encryption key construction paradigms should be used for constructing an encryption key based upon the intermediate argument;

constructing the encryption key by the server from the current random character set, the determined one of the encryption key construction paradigms and the entry point of the current random character set associated with the intermediate argument;

storing a data structure by the server, the data structure being associated with the message specific identifier, the unique random character set identifier associated with the current random character set and an identifier of the determined one of the encryption key construction paradigms; and

transmitting the encryption key by the server to the first device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and methods of securely communicating a message between a first device and a second device using a message specific identifier is disclosed. The method begins by receiving an encryption key request from a sending device, where the encryption key request is based upon the message specific identifier, which is associated with a plurality of attributes associated with the message and the sending device. In more detail, the message specific identifier may be an information-based indicator that is unique with respect to the message and the sending device. The method parses the encryption key request and the message specific identifier to provide an intermediate argument used to enter a current random character set that is periodically generated and stored into memory. The intermediate argument helps identify which type of encryption method is desired for use in encryption key generation. An encryption key is constructed using the intermediate argument as an entry point to the current random character set. A data structure is stored associated with the message specific identifier, a random character set identifier for the current random character set, and an identifier of the encryption method used before the key is transmitted back to the device.

26 Citations

View as Search Results

20 Claims

1. A method of securely communicating a message between a first device and a second device using a message specific identifier and a server, comprising the steps of:
- receiving an encryption key request server by the server from the first device, wherein the encryption key request is based upon the message specific identifier associated with a plurality of attributes associated with the message and the first device;
  
  selecting by the server a current one of a plurality of random character sets, each of the random character sets being periodically generated by the server and stored in a memory on the server, each of the random character sets being referenced by a unique random character set identifier;
  
  parsing the encryption key request and the message specific identifier by the server to provide an intermediate argument used to enter the current random character set, the intermediate argument associated with an entry point in the current random character set;
  
  determining, by the server, which of a plurality of encryption key construction paradigms should be used for constructing an encryption key based upon the intermediate argument;
  
  constructing the encryption key by the server from the current random character set, the determined one of the encryption key construction paradigms and the entry point of the current random character set associated with the intermediate argument;
  
  storing a data structure by the server, the data structure being associated with the message specific identifier, the unique random character set identifier associated with the current random character set and an identifier of the determined one of the encryption key construction paradigms; and
  
  transmitting the encryption key by the server to the first device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the one or more attributes associated with the message specific identifier include at least one from the group comprising a hardware address associated with the first device, a sender address, a recipient address, a chronological attribute, a user ID attribute, a password attribute, and a processing unit component ID attribute.
  - 3. The method of claim 1, wherein the message specific identifier is an information-based indicator that is unique with respect to the message and the first device.
  - 4. The method of claim 1, wherein the steps of selecting, parsing, constructing, storing and transmitting are performed only if the encryption key request is valid.
  - 5. The method of claim 4 further comprising the step of validating the encryption key request by the server based at least upon a first device media access control address.
  - 6. The method of claim 1, further comprising:
    - receiving, by the server from the second device, a decryption key request and a second device attribute, the decryption key request being based upon the message specific identifier;
      
      determining by the server whether the decryption key request is valid based upon the second device attribute;
      
      if the decryption key request is determined to be valid, accessing the stored data structure by the server to locate the random character set identifier based upon the message specific identifier;
      
      constructing a decryption key by the server from the random character set associated with the random character set identifier stored in the data structure; and
      
      transmitting the constructed decryption key from the server to the second device.
  - 7. The method of claim 6, wherein the step of transmitting the constructed decryption key comprises transmitting the constructed decryption key only when the constructed decryption key is validated by the server to be the same as a separately stored decryption key.

8. An apparatus for securely communicating a message between a plurality of devices using a message specific identifier and a server coupled to the devices, comprising:
- a processing unit within the server;
  
  volatile memory coupled to the processing unit;
  
  a data communication interface coupled to the processing unit and in operative communication with the plurality of devices, the data communication interface providing an encryption key request and a decryption key request to the processing unit upon respective receipt from one of the devices, the encryption key request and the decryption key request being based upon the message specific identifier, which is associated with a plurality of attributes associated with the message and a sending one of the devices;
  
  a memory storage coupled to the processor, the memory storage maintaining a secure communications management module and a plurality of random character sets, each of the random character sets being periodically generated by the processing unit and maintained on the memory storage, each of the random character sets being referenced by a unique random character set identifier;
  
  wherein, the processing unit is operatively configured, when executing the secure communications management module on the server, toin response to receipt of the encryption key request from one of the devices,select a current one of the random character sets,parse the encryption key request and the message specific identifier to provide an intermediate argument used to enter the current one of the random character sets maintained on the memory storage, the intermediate argument being associated with an entry point in the current one of the random character sets, the intermediate argument also associated with one of a plurality of encryption key construction paradigms resident on the memory storage,construct an encryption key from the current one of the random character sets, the entry point of the current one of the random character sets associated with the intermediate argument, and the one of the plurality of encryption key construction paradigms,record a data structure on the memory storage, the data structure being associated with the message specific identifier and the random character set identifier associated with the current one of the unique random character sets, andprovide the encryption key to the data communication interface and cause the encryption key to be transmitted from the server to the one of the devices that sent the encryption key request, andin response to receipt of the decryption key request from another of the devices,determine whether the decryption key request is valid,if the decryption key request is determined to be valid, access the stored data structure on the memory storage to locate the unique random character set identifier based upon the message specific identifier and an identifier of the one of the plurality of encryption key construction paradigms,construct a decryption key from the one of the random character sets associated with the located unique random character set identifier, andprovide the constructed decryption key to the data communication interface and cause the decryption key to be transmitted from the server to the another of the devices that send the decryption key request.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The apparatus of claim 8, wherein the one or more attributes associated with the message specific identifier include at least one from the group comprising a hardware address associated with the one of the devices sending the message, a sender address, a recipient address, a time/date stamp attribute, a user ID attribute, a password attribute, and a processing unit component ID attribute.
  - 10. The apparatus of claim 8, wherein the message specific identifier is an information-based indicator that is unique with respect to the message and the device sending the message.
  - 11. The apparatus of claim 8, wherein the processing unit is further operatively configured, when executing the secure communications management module and in response to receipt of the encryption key request from one of the devices, to determine whether the encryption key request is valid.
  - 12. The apparatus of claim 8, wherein the secure communications management module comprises BIOS software operating within the server.

13. A non-transitory computer readable medium storage on which is stored a set of executable instructions, which when executed on a server perform steps comprising:
- receiving an intermediate argument by the server, the intermediate argument being based upon a message specific identifier associated with a plurality of attributes of a message and a device that communicates with the server, the intermediate argument being transformed from the message specific identifier;
  
  selecting by the server a current one of a plurality of random character sets, each of the random character sets being periodically generated by the server and stored in a memory on the server, each of the random character sets being referenced by a unique random character set identifier;
  
  employing the intermediate argument to enter the current one of the random character sets at an entry point of the current one of the random character set associated with the intermediate argument;
  
  identifying one of a plurality of encryption key construction paradigms based upon the intermediate argument; and
  
  providing as outputs an identifier of the current one of the random character sets, the entry point of the current one of the random character sets, and an identifier of the one of the plurality of encryption key construction paradigms.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer readable storage medium of claim 13 wherein the set of executable instructions, when executed on the server, perform steps further comprising transforming the message specific identifier into a functional logical argument as the intermediate argument.
  - 15. The non-transitory computer readable storage medium of claim 13 wherein the encryption key construction paradigms are a plurality of different types of encryption methods.
  - 16. The non-transitory computer readable storage medium of claim 13 wherein the set of executable instructions, when executed on the server, perform steps further comprising constructing a key from the identifier of the current one of the random character sets, the random character set entry point, and the identifier of the one of the plurality of encryption key construction paradigms.
  - 17. The non-transitory computer readable storage medium of claim 16 wherein the set of executable instructions, when executed on the server, perform steps further comprising storing a data structure by the server, the data structure being associated with at least the message specific identifier, the identifier of the current one of the random character sets, and the identifier of the one of the plurality of encryption key construction paradigms.
  - 18. The non-transitory computer readable storage medium of claim 17 wherein the set of executable instructions, when executed by the server, perform steps further comprising storing the key in the data structure.
  - 19. The non-transitory computer readable storage medium of claim 13 wherein the set of executable instructions, when executed by the server, perform steps further comprising:
    - Locating, by the server, the provided identifier of the random character set in a data structure stored on the server,accessing, by the server, the random character set associated with the located identifier of the random character set,identifying, by the server, the one of the plurality of encryption key construction paradigms, andconstructing, by the server, a decryption key from the one of the periodically generated random character sets associated with the located random character set identifier.
  - 20. The non-transitory computer readable storage medium of claim 19 wherein the set of executable instructions, when executed by the server, perform steps further comprising validating, by the server, the constructed decryption key against a stored key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Patton Protection Systems LLC
Original Assignee
Patton Protection Systems LLC
Inventors
Drucker, Steven J.
Primary Examiner(s)
Schwartz, Darren B
Assistant Examiner(s)
TRUVAN, LEYNNA THANH

Application Number

US13/188,225
Publication Number

US 20130024686A1
Time in Patent Office

894 Days
Field of Search

713/150, 713/170, 713/171, 713/181, 380/1, 380/202, 380/225, 380/255, 380/264, 380/37, 380/42, 707/613, 707/687, 707/708, 725/31, 725/32, 717/143, 370/252, 370/349, 719/313
US Class Current

380/255
CPC Class Codes

H04L 9/083   involving central third par...

H04L 9/0861   Generation of secret inform...

H04L 9/0866   involving user or device id...

H04L 9/3226   using a predetermined code,...

Systems and methods for secure communication using a communication encryption bios based upon a message specific identifier

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for secure communication using a communication encryption bios based upon a message specific identifier

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links