×

Methods and apparatus for secure data sharing

  • US 8,732,462 B2
  • Filed: 07/07/2011
  • Issued: 05/20/2014
  • Est. Priority Date: 07/07/2011
  • Status: Active Grant
First Claim
Patent Images

1. A communication method comprising:

  • receiving from a first client a communication request that includes an encrypted conversation, a first key, and authentication bits, the communication request requesting that a host server sends the encrypted conversation and a decryption key for the encrypted conversation to a second client, wherein the first key is the decryption key that has been encrypted using a first public key associated with a first user at the first client;

    in order to retrieve the decryption key from the first key,retrieving, at the host server, an encrypted secret key associated with the first user;

    decrypting the encrypted secret key using the authentication bits included in the communication request received from the first user, thereby retrieving a secret key associated with the first user;

    retrieving, at the host server, an encrypted private key associated with the first user;

    decrypting the encrypted private key using the secret key associated with the first user, thereby retrieving a private key associated with the first user;

    decrypting the first key using the private key associated with the first user, thereby retrieving the decryption key;

    encrypting the decryption key using a second public key associated with a second user at the second client to generate a second key; and

    sending to the second client the encrypted conversation and the second key;

    receiving, from the first client, a password reset notification notifying that a password associated with the first user is lost;

    receiving new authentication bits derived from a new password to be associated with the first user;

    retrieving a backup secret key associated with the first user, wherein the backup secret key is encrypted using a master public key;

    sending a password reset request to a management server that maintains a master private key paired with the master public key, wherein the password reset request includes the backup secret key;

    receiving from the management server a password reset response that includes the secret key associated with the first user;

    encrypting the secret key using the new authentication bits; and

    storing the secret key encrypted using the new authentication bits.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×